fun testIgnoreSSL(url: String) {
val trustAllCerts = arrayOf<TrustManager>(object : X509TrustManager {
override fun getAcceptedIssuers(): Array<X509Certificate>? = null
override fun checkClientTrusted(certs: Array<X509Certificate>, authType: String) {}
override fun checkServerTrusted(certs: Array<X509Certificate>, authType: String) {}
})
val sslContext: SSLContext = SSLContext.getInstance("TLS")
sslContext.init(null, trustAllCerts, SecureRandom())
val httpClient = HttpClient.newBuilder()
.connectTimeout(Duration.ofMillis(10000))
.sslContext(sslContext) // SSL context 'sc' initialised as earlier
.build()
val requestBuilder = HttpRequest.newBuilder()
.uri(URI.create(url))
.GET()
.build()
val response = httpClient.send(requestBuilder, HttpResponse.BodyHandlers.ofString()); // sends the request
println(response.body())
}Allow insecure SSL in Java 11 HttpClient
Carvia Tech | November 24, 2019 | 1 min read | 41 views
We will learn how to allow insecure SSL connections (expired certificate, self-signed certificates) in Java 11 HttpClient.
There could be various reasons for bad SSL - expired SSL certificate, wrong host in SSL certificate, self-signed certificate, untrusted root certificate, revoked certificate, weak key used for certificate, etc.
Using SSL Context settings
We will create and initialize an instance of SSLContext that accepts all SSL certificates without any kind of verification. Such SSL context shall never be used in production environment.
Java 11 HttpClient with Insecure SSLContext
Disabling the host verification
If we just want to disable a particular check for hostname verification, then we can use either of the two below mentioned approaches:
Using command line argument to JVM
-Djdk.internal.httpclient.disableHostnameVerification
Programmatically setting the property before httpclient instance creation
val props = System.getProperties()
props.setProperty("jdk.internal.httpclient.disableHostnameVerification", "true")
//TODO: Initialize the HttpClient nowThat’s all.
Top articles in this category:
- Diamond Problem of Inheritance in Java 8
- Is Java Pure Object Oriented Language?
- can we write a java method that swaps two integers
- Difference between Comparable and Comparator in Java
- What is ThreadLocal in Java, where will you use this class
- What is Deadlock in Java? How to troubleshoot and how to avoid deadlock
- What do you understand by Java Memory Model?
Find more on this topic:
Core Java
Core Java - OOP Concepts, Garbage Collection, Multi-threading, Collections Framework, Java 8 Features, Lambda Functions, Streams.
Last updated 1 week ago
Recommended books for interview preparation:
You may also be interested in..
You may also be interested in..
You may also be interested in..
You may also be interested in..
Similar Posts
- Explain Java Exception Class Hierarchy
- Http download using Java NIO FileChannel
- CRC32 checksum calculation Java NIO
- Set precision and scale for a double value in java
- Difference between HashMap, LinkedHashMap and TreeMap
- What is difference between ExecutorService submit and execute method
- What is left shift right shift and unsigned rght shift operator in Java
- What happens when wait() & notify() method are called
- can we write a java method that swaps two integers
- Find missing numbers in 4 billion unique numbers with 50MB RAM
Free Email Updates
Enter your email address to subscribe to this blog and receive notifications of new posts by email.