"Connection refused" while using the Java API

Guess my memory is failing me on this one. Took a little digging and then I remembered hostname verification was added to our build of Apache Axis due to a NIST vulnerability in Apache Axis.

It's discussed in this Question: https://devcentral.f5.com/questions/handling-self-signed-certs-with-java-and-icontrol

The bottom line is that you must use the same hostname in your client as is defined in the BIG-IP's certificate "Common Name" field. I believe the default value is "localhost.localdomain" unless you rebuild it after changing the hostname. The easiest way to find what it is is to open a browser to the BIG-IP admin gui, and then view the certificate info in your browser.

If there is no dns entries for that hostname, you can put it in your hosts file.

Unfortunately, we can't undo this in our build we release with our distribution. If you really have a need to bypass hostname verification, you can look for an old build of Apache Axis 1 from the Apache Foundation. and use that instead.

Sorry about the delay in response, but I've been trying to code around it until I remembered adding this in in 2013.

In my test, I went into the BIG-IP GUI and hit "Renew" on the System.Device Certificate and updated it with the hostname. I then put the hostname in my hosts file and the hostname verification error went away.

-Joe