Ssl-config disableHostnameVerification not working

Hello … thanks in advance for any help. I’m reading and following the documentation for loose ssl-config to disable hostname verification, but I can’t get any changes in application.conf to have get past the verification error. Is anyone have any luck with this?

fails at:
with: No name matching REDACTED found

I’ve tried all combinations in application.conf that I can think of as far as where to put the config option, including:

ssl-config.loose.disableHostnameVerification straight from

Any help much appreciated!


play: 2.6.12
scala 2.12.4

Hey Tom,
I’ve had similar issues setting up ssl options using ssl-config.
I think the documentation presented on the ssl-config page you linked has to be reviewed to work with play.

In my case, I had it working using the prefix
See if the following works for you:

I’ll try to figure out if the docs are actually wrong and how to fix them

Hi, thanks … I still get an exception:


We moved the host(s) behind our star cert some time ago, so I’m not stuck on this problem but for us it persists. Any ideas?

Mmmm I haven’t seen any more issues after correctly enabling the loose mode…
Maybe there are other ssl-config available for DNS config?

Possibly, yes, but I would think that disableHostNameVerification would disable all host name verifications including DNS matches? What we need here is the equivalent of verifySSL=false to turn off all verification including CA trust for self-signed certs, dns match, host name match, etc.

I think it should, yeah… Not quite sure how to help you if the configuration change doesn’t work…
Maybe need more debugging

I had similar minor issue with the ssl config. Indeed in the documentation there is no mention that you need to use entry name “” with Play instead of the “ssl-config” mentioned in Lightbend’s site (referenced by Play’s documentation).

Maybe Play’s documentation should address this somehow?

The documentation has been fixed following a PR request I canceled because I didn’t have the CLA:

It is fixed in the new 2.7 docs (, and should be backported in 2.6.x - or so it’s labelled.

1 Like