Ignoring SSL certificate in Apache HttpClient 4.3

by

The code below works for trusting self-signed certificates. You have to use the TrustSelfSignedStrategy when creating your client:

SSLContextBuilder builder = new SSLContextBuilder();
builder.loadTrustMaterial(null, new TrustSelfSignedStrategy());
SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(
        builder.build());
CloseableHttpClient httpclient = HttpClients.custom().setSSLSocketFactory(
        sslsf).build();

HttpGet httpGet = new HttpGet("https://some-server");
CloseableHttpResponse response = httpclient.execute(httpGet);
try {
    System.out.println(response.getStatusLine());
    HttpEntity entity = response.getEntity();
    EntityUtils.consume(entity);
} finally {
    response.close();
}

I did not include the SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER on purpose: The point was to allow testing with self signed certificates so you don’t have to acquire a proper certificate from a certification authority. You can easily create a self-signed certificate with the correct host name, so do that instead of adding the SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER flag.

More Related Contents:

  1. How can I use different certificates on specific connections?
  2. How are SSL certificate server names resolved/Can I add alternative names using keytool?
  3. Why does SSL handshake give ‘Could not generate DH keypair’ exception?
  4. Problems using Maven and SSL behind proxy
  5. javax.net.ssl.SSLException: Received fatal alert: protocol_version
  6. javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake during web service communicaiton
  7. How to create a BKS (BouncyCastle) format Java Keystore that contains a client certificate chain
  8. How to find what SSL/TLS version is used in Java
  9. Registering multiple keystores in JVM [duplicate]
  10. Keystore type: which one to use?
  11. Simple Java HTTPS server
  12. java – ignore expired ssl certificate
  13. javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found
  14. Disable SSL certificate check in retrofit library
  15. Is it possible to change plain socket to SSLSocket?
  16. Java: Overriding function to disable SSL certificate check
  17. Using JavaMail with TLS
  18. CertificateException: No name matching ssl.someUrl.de found
  19. Apache HTTPClient SSLPeerUnverifiedException
  20. How to convert certificate from PEM to JKS?
  21. Java SSLHandshakeException: no cipher suites in common
  22. How set up Spring Boot to run HTTPS / HTTP ports
  23. What is Keystore?
  24. javax.net.ssl.SSLPeerUnverifiedException: Host name does not match the certificate subject provided by the peer
  25. OkHttp javax.net.ssl.SSLPeerUnverifiedException: Hostname domain.com not verified
  26. Java7 Refusing to trust certificate in trust store
  27. How to make Java 6, which fails SSL connection with “SSL peer shut down incorrectly”, succeed like Java 7?
  28. SNI client-side mystery using Java8
  29. Ignore self-signed ssl cert using Jersey Client [duplicate]
  30. Java HttpsURLConnection and TLS 1.2

Leave a Comment