How to ignore SSL certificate errors in Apache HttpClient 4.0

Question

How do I bypass invalid SSL certificate errors with Apache HttpClient 4.0? Answer You need to create a SSLContext with your own TrustManager and create HTTPS scheme using this context. Here is the code,

Accepted Answer

You need to create a SSLContext with your own TrustManager and create HTTPS scheme using this context. Here is the code,SSLContext sslContext = SSLContext.getInstance("SSL");// set up a TrustManager that trusts everythingsslContext.init(null, new TrustManager[] { new X509TrustManager() {            public X509Certificate[] getAcceptedIssuers() {                    System.out.println("getAcceptedIssuers =============");                    return null;            }            public void checkClientTrusted(X509Certificate[] certs,                            String authType) {                    System.out.println("checkClientTrusted =============");            }            public void checkServerTrusted(X509Certificate[] certs,                            String authType) {                    System.out.println("checkServerTrusted =============");            }} }, new SecureRandom());SSLSocketFactory sf = new SSLSocketFactory(sslContext);Scheme httpsScheme = new Scheme("https", 443, sf);SchemeRegistry schemeRegistry = new SchemeRegistry();schemeRegistry.register(httpsScheme);// apache HttpClient version >4.2 should use BasicClientConnectionManagerClientConnectionManager cm = new SingleClientConnManager(schemeRegistry);HttpClient httpClient = new DefaultHttpClient(cm);

Advertisement

Answer