Verify certificate chain and hostname

  • Release version: Australia
  • Updated March 12, 2026
  • 1 minute to read

    • Configure the com.glide.communications.httpclient.verify_hostname property to prevent man-in-the-middle-attacks by ensuring that the certification verification process is executed.

    When the com.glide.communications.httpclient.verify_hostname system property is not set to the secure value of true, the hostname and certificate chain presented by remote hosts during a TLS connection initiated from the ServiceNow instance are not validated.

    Ensure that the com.glide.communications.httpclient.verify_hostname system property is set to the secure value of true.

    More information

    Attribute Description
    Configuration name com.glide.communications.httpclient.verify_hostname
    Configuration type System Properties (/sys_properties_list.do)
    Data type Boolean
    Recommended value true
    Default value <none>
    Fallback value false
    Category Communications
    Security risk
    • Severity score: High
    • CVSS score: 7.4
    • Security risk details: This could compromise the security of the TLS connection and allow person-in-the-middle attacks, where communications between two parties are intercepted. This may lead to sensitive data disclosure.
    Dependencies and prerequisites None
    Functional impact Verifies hostname and certificate chain presented by remote secure socket layer (SSL) hosts. Set this property to true to secure against Man-in-the-middle (MITM) attacks.
    Note:
    This property overrides the com.glide.communications.trustmanager_trust_all, property.