Any Apache HttpClient 4.4 Example for trust self signed certificates
Solution 1
Thanks for reply, I found a sample code as below
SSLContext sslcontext = SSLContexts.custom().loadTrustMaterial(null,
new TrustSelfSignedStrategy()).build();
// Allow TLSv1 protocol only, use NoopHostnameVerifier to trust self-singed cert
SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslcontext,
new String[] { "TLSv1" }, null, new NoopHostnameVerifier());
//do not set connection manager
httpclient = HttpClients.custom().setSSLSocketFactory(sslsf).build();
HttpPost httpPost = new HttpPost(url);
RequestConfig defaultRequestConfig = RequestConfig
.custom()
.setCookieSpec(CookieSpecs.DEFAULT)
.setExpectContinueEnabled(true)
.setTargetPreferredAuthSchemes(
Arrays.asList(AuthSchemes.NTLM, AuthSchemes.DIGEST))
.setProxyPreferredAuthSchemes(Arrays.asList(AuthSchemes.BASIC)).build();
RequestConfig requestConfig = RequestConfig.copy(defaultRequestConfig)
.setSocketTimeout(TIME_OUT).setConnectTimeout(TIME_OUT)
.setConnectionRequestTimeout(TIME_OUT).build();
httpPost.setConfig(requestConfig);
httpPost.setHeader("Content-type", "application/json");
StringEntity mEntity = new StringEntity(arg, "UTF-8");
mEntity.setContentType("application/json;charset=UTF-8");
mEntity.setContentEncoding(new BasicHeader(HTTP.CONTENT_TYPE,
"application/json;charset=UTF-8"));
httpPost.setEntity(mEntity);
response = httpclient.execute(httpPost);
Solution 2
I could successfully disable the certificate verification (remember, it's insecure), by using the Alin's answer, but I had to modify his code this way:
SSLContext sslcontext =
SSLContexts
.custom ()
.loadTrustMaterial (
null,
new TrustStrategy ()
{
public boolean isTrusted ( X509Certificate[] chain, String authType ) throws CertificateException {
return true;
}
})
.build();
SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory (
sslcontext, null, null, new NoopHostnameVerifier ()
);
HttpClient httpClient = HttpClients
.custom()
.setSSLSocketFactory ( sslsf )
.build();
...
As you can see, I use the most liberal TrustStrategy
possible, because TrustSelfSignedStrategy
was giving me "unable to find valid certification path to requested target". Moreover, it seems I don't need to pass new String[] { "TLSv1" }
to SSLConnectionSocketFactory
, null
should be interpreted as "all protocols".
This is now available here, which you can link from Maven, through the repo reported here.
Solution 3
i work with httpclient 4.5.2, you can use following code to bypass certificate verification, hope this helps
CloseableHttpClient client = HttpClients.custom()
.setSSLContext(sslContext)
.setSSLHostnameVerifier(new NoopHostnameVerifier())
.build();
HttpPost post = new HttpPost(url);
//set post headers and params
post.setHeader(....);
HttpResponse response = client.execute(post);
Solution 4
As far as I know (I used 4.3), the following ought to work:
....
SSLContext sslContext = SSLContexts.custom()
.loadTrustMaterial((KeyStore)null, new TrustSelfSignedStrategy())
//I had a trust store of my own, and this might not work!
.build();
SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(
sslcontext,
SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
CloseableHttpClient httpclient = HttpClients
.custom()
.setHostnameVerifier(SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER)
.setSSLSocketFactory(sslsf).build();
CloseableHttpResponse response = httpclient.execute(httpUriRequest);
try {
HttpEntity entity = response.getEntity();
//do things
if(entity != null) {
entity.consumeContent();
}
} finally {
response.close();
}
....
Admin
Updated on June 05, 2022Comments
-
Admin almost 2 years
I changed
HttpClient
version from old version to the new4.4
.And got many deprecated method and Class. The original codes can trust self signed certificates and I want to replace to new method and Class.
Could any one give me a guide line how to replace or any example code?
Thank you.
-
EpicPandaForce almost 9 yearsplease use
try-catch-finally
whereever appropriate. -
Zilev av about 8 yearswhat does exactly mean this null value in this call? "SSLContexts.custom().loadTrustMaterial(null, ..." Regards