Information
Hostname verification is a server identity check that is used to ensure that a client is talking to the correct server. The check is performed on the client side of an SSL communication and involves looking at the server's certificate Subject Alternative Name (or the SubjectDN) to see if it matches the host part of the URL that was used to make the outbound request.
Hostname verification verifies the request is talking to the correct server and has not been redirected to an unknown server thus mitigating man-in-the-middle security vulnerability attacks.
Solution
Add the hostNameVerificationEnabled attribute to the openidConnectClient element to ${server.config.dir}/configDropins/overrides/*.xml and set it to true to do hostname verification for JSON Web Tokens.
<openidConnectClient hostNameVerificationEnabled="true" />