How to disable TLS Verification on Java SDK 3?

Anthony_Le · March 9, 2021, 8:50am

Hi everyone,

I just want to make our client trust what ever certificates from the server. In the documentary at https://docs.couchbase.com/java-sdk/current/howtos/managing-connections.html
it’s written:
" If you are running on localhost and just want to enable TLS for a development machine, just copying and pasting it suffices — so long as you use 127.0.0.1 rather than localhost in the connection string . This is because the certificate will not match the name localhost . Setting TLSSkipVerify is a workaround if you need to use couchbases://localhost."

I coundn’t find option TLSKipVerify in Java SDK 3.1, has this option been removed or replaced? If so, how do we bypass TLS verification?

daschl · March 9, 2021, 9:31am

If you want to just skip hostname verification, on the SecurityConfig you can set enableHostnameVerification to false. If you want to trust ALL certificates, Use .trustManagerFactory(InsecureTrustManagerFactory.INSTANCE).

Anthony_Le · March 9, 2021, 9:59am

Thank your your quick reply

Topic		Replies	Views
connectionString with schema "couchbases://..." doesn't connect to TLS ports Java SDK java	1	1875	March 12, 2021
Node.js SDK v4 Ignore SSL Verification Node.js SDK connections	2	594	October 12, 2023
How do we disable the hostname verification in SSL Couchbase Server security	3	2199	April 10, 2019
SSL Connection with java client 3.5.0 Java SDK connections , security , java	10	851	April 28, 2024
Client migration to Java sdk 3.0, sslKeystoreFie and password Java SDK	9	1806	August 25, 2021

How to disable TLS Verification on Java SDK 3?

Related topics