'How to disable hostname verification on Insomnia
I have only just begun using Insomnia for testing some REST calls. I got a certificate issue because the Common Name of my certificate on the server does not match the Hostname that is used to reach the server. I want to know, if there is a way I can disable hostname verification in Insomnia ?
I came across this link that mentions the flag which is to be used, but I am currently not sure how to configure Insomnia with the flag https://docs.oracle.com/middleware/11119/wls/WLACH/taskhelp/security/DisableHostNameVerification.html
At this point, I am also trying to re-generate the server cert with appropriate SAN but due to some restrictions, my host IP might change, so I am not sure if this is a solution that I can use every time I have to test some calls.
Please help if you know how we can configure Insomnia to skip hostname verification check. Thanks.
Solution 1:[1]
Insomnia also has the option to turn off certificate verification.
- Go to “Preferences”,
- Navigate down the general preferences to find and uncheck “Validate certificates.”
Solution 2:[2]
I was able to verify after adding SAN to the cert csr. Tag to be used in the csr for adding the SAN is :
subjectAltName = IP:<> or subjectAltName = DNS:<>
Multiple SANs can be added to the cert.
But, there is no way that I could find to disable hostname verification on Insomnia. Although if you want to skip validation of a cert altogether, then you can uncheck "Validate Certificates" option in the Preferences.
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | DShah |
| Solution 2 | Anish |