How to ignore SSL certificate (trust all) for Apache HttpClient 4.3?
All the answers that I have found on SO treat previous versions, and the API changed.
Related:
Edit:
The code below works for trusting self-signed certificates. You have to use the TrustSelfSignedStrategy when creating your client:
SSLContextBuilder builder = new SSLContextBuilder();
builder.loadTrustMaterial(null, new TrustSelfSignedStrategy());
SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(
builder.build());
CloseableHttpClient httpclient = HttpClients.custom().setSSLSocketFactory(
sslsf).build();
HttpGet httpGet = new HttpGet("https://some-server");
CloseableHttpResponse response = httpclient.execute(httpGet);
try {
System.out.println(response.getStatusLine());
HttpEntity entity = response.getEntity();
EntityUtils.consume(entity);
} finally {
response.close();
}
I did not include the SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER
on purpose: The point was to allow testing with self signed certificates so you don't have to acquire a proper certificate from a certification authority. You can easily create a self-signed certificate with the correct host name, so do that instead of adding the SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER
flag.
I had to add the argument SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER to the constructor to get this working with the HttpClientBuilder (as mentioned in holmis83's response to vasekt).
also refer to the example on the httpclient site hc.apache.org/httpcomponents-client-4.3.x/httpclient/examples/…
I also had to use the ALLOW_ALL_HOSTNAME_VERIFIER: SSLConnectionSocketFactory(builder.build(), SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
This code works for me without using deprecated constructor with argument
SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER
I wish you had specified full reference of the class you were using. Multiple classes called
SSLContextBuilder
are found by Idea.