2

I have only just begun using Insomnia for testing some REST calls. I got a certificate issue because the Common Name of my certificate on the server does not match the Hostname that is used to reach the server. I want to know, if there is a way I can disable hostname verification in Insomnia ?

I came across this link that mentions the flag which is to be used, but I am currently not sure how to configure Insomnia with the flag https://docs.oracle.com/middleware/11119/wls/WLACH/taskhelp/security/DisableHostNameVerification.html

At this point, I am also trying to re-generate the server cert with appropriate SAN but due to some restrictions, my host IP might change, so I am not sure if this is a solution that I can use every time I have to test some calls.

Please help if you know how we can configure Insomnia to skip hostname verification check. Thanks.

Anish
  • 31
  • 1
  • 3

2 Answers2

5

Insomnia also has the option to turn off certificate verification.

  • Go to “Preferences”,
  • Navigate down the general preferences to find and uncheck “Validate certificates.”
DShah
  • 9,768
  • 11
  • 71
  • 127
0

I was able to verify after adding SAN to the cert csr. Tag to be used in the csr for adding the SAN is :

subjectAltName = IP:<> or subjectAltName = DNS:<>

Multiple SANs can be added to the cert.

But, there is no way that I could find to disable hostname verification on Insomnia. Although if you want to skip validation of a cert altogether, then you can uncheck "Validate Certificates" option in the Preferences.

Anish
  • 31
  • 1
  • 3