iSharkFly-Docs
/
java-tutorials
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

BAEL-4858] Trusting all certificates using OkHttp (#11284) 

* Trusting all certificates using OkHttp

* refactor

Co-authored-by: tienvn4 <tienvn4@ghtk.co>
This commit is contained in:
vunamtien 2021-10-09 09:42:35 +07:00 committed by GitHub
parent 74532f3165
commit 8430e9eaa8
1 changed files with 46 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
libraries-http-2/src/main/java/com/baeldung/okhttp/ssl/TrustAllCertsClient.java Normal file
View File

@ -0,0 +1,46 @@
package com.baeldung.okhttp.ssl;
import okhttp3.OkHttpClient;
import okhttp3.Request;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import java.io.IOException;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
public class TrustAllCertsClient {
public static OkHttpClient getTrustAllCertsClient() throws NoSuchAlgorithmException, KeyManagementException {
TrustManager[] trustAllCerts = new TrustManager[]{
new X509TrustManager() {
@Override
public void checkClientTrusted(java.security.cert.X509Certificate[] chain, String authType) {
}
@Override
public void checkServerTrusted(java.security.cert.X509Certificate[] chain, String authType) {
}
@Override
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return new java.security.cert.X509Certificate[]{};
}
}
};
SSLContext sslContext = SSLContext.getInstance("SSL");
sslContext.init(null, trustAllCerts, new java.security.SecureRandom());
OkHttpClient.Builder newBuilder = new OkHttpClient.Builder();
newBuilder.sslSocketFactory(sslContext.getSocketFactory(), (X509TrustManager) trustAllCerts[0]);
newBuilder.hostnameVerifier((hostname, session) -> true);
return newBuilder.build();
}
public static void main(String[] args) throws NoSuchAlgorithmException, KeyManagementException, IOException {
OkHttpClient newClient = getTrustAllCertsClient();
newClient.newCall(new Request.Builder().url("https://expired.badssl.com/").build()).execute();
}
}