HTTP Resteasy client SSL trust all certificate

java ssl jboss resteasy

11,463

A bit late, but look here: https://stackoverflow.com/a/22444115/1328942

private DefaultHttpClient createAllTrustingClient() throws GeneralSecurityException {
        SchemeRegistry registry = new SchemeRegistry();
        registry.register(new Scheme("http", 80, PlainSocketFactory.getSocketFactory()));

        TrustStrategy trustStrategy = new TrustStrategy() {

            @Override
            public boolean isTrusted(X509Certificate[] chain, String authType) throws CertificateException {
                LOG.info("Is trusted? return true");
                return true;
            }
        };

        SSLSocketFactory factory = new SSLSocketFactory(trustStrategy, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
        registry.register(new Scheme("https", 443, factory));

        ThreadSafeClientConnManager mgr = new ThreadSafeClientConnManager(registry);
        mgr.setMaxTotal(1000);
        mgr.setDefaultMaxPerRoute(1000);

        DefaultHttpClient client = new DefaultHttpClient(mgr, new DefaultHttpClient().getParams());
        return client;
    }

And this is how it works:

@Test
public void testCatchingTheUnknownHostException() throws Exception {
    ApacheHttpClient4Executor apacheHttpClient4Executor = new ApacheHttpClient4Executor(
            createAllTrustingClient());

    ClientRequest clientRequest = new ClientRequest(host, apacheHttpClient4Executor);
}

Tested it with Resteasy 2.3.2.Final (Jboss 7.1.1)

11,463

Author by

thermz

Java Typesafe DSL Jesus

Updated on June 05, 2022

Comments

thermz almost 2 years
I searched any possible solution to trust all certificate using Resteasy client, but I could not find a single working solution. I'm beginning to think that there is no way to do this using Resteasy 2.2.1.

Now, this is a sample of what I've done so far for a normal HTTP connection using resteasy client setting a proxy:
```
org.apache.commons.httpclient.HttpClient hc = new HttpClient();
ApacheHttpClientExecutor ace;
String proxyhost  = getProperty("proxyHost");
Integer proxyport = getProperty("proxyPort", Integer.class);
boolean useProxy = (proxyhost != null);
if(useProxy){
    hc.getHostConfiguration().setProxy(proxyhost, proxyport);
    ace = new ApacheHttpClientExecutor(hc);
} else {
    ace = new ApacheHttpClientExecutor();
}
ClientRequestFactory crf = new ClientRequestFactory(ace,uri);
```
Now, how can I tell to my ClientRequestFactory or my ApacheHttpClientExecutor or my HttpClient to trust all certificate?

Beware: I'm using Resteasy 2.2.1 (JBoss 5.1) I can't migrate to JBoss 7 or use a different resteasy version so I can't accept any answer that uses ResteasyClientBuilder

I can already see the good guy that answer "You shouldn't trust all certificate, it's evil!". This is an HTTP client used for Integration test, so it's pointless to consider (at this test level) the SSL certificate. I will absolutely not do this in production.
thermz over 9 years

Thanks for the response, however the question was about Resteasy 2.2.1
Kescha Skywalker over 9 years

The link is for 3* version, but my code is for the 2.3.2. it's the same major version, are the differences that big?