A host name verifier ensures the host name in the URL to which the client connects matches the host name in the digital certificate that the server sends back as part of the SSL connection. If the host name in the certificate matches the local machine’s host name, host name verification passes if the URL specifies localhost, 127.0.0.1, or the default IP address of the local machine.
A host name verifier is useful when an SSL client (or a WebLogic Server acting as an SSL client) connects to an application server on a remote host. Host name verification is performed only by an SSL client. By default, WebLogic Server has host name verification enabled.
Note: The following steps only apply when a WebLogic Server instance is acting as an SSL client. Stand alone SSL clients specify the use of host name verification via command-line arguments or the API.
If you want anything other than the default behavior, either turn off host name verification or configure a custom host name verifier. BEA recommends leaving host name verification on in production environments.