diff --git a/libraries-http-2/src/main/java/com/baeldung/okhttp/ssl/TrustAllCertsClient.java b/libraries-http-2/src/main/java/com/baeldung/okhttp/ssl/TrustAllCertsClient.java new file mode 100644 index 0000000000..778ffb1302 --- /dev/null +++ b/libraries-http-2/src/main/java/com/baeldung/okhttp/ssl/TrustAllCertsClient.java @@ -0,0 +1,46 @@ +package com.baeldung.okhttp.ssl; + +import okhttp3.OkHttpClient; +import okhttp3.Request; + +import javax.net.ssl.SSLContext; +import javax.net.ssl.TrustManager; +import javax.net.ssl.X509TrustManager; +import java.io.IOException; +import java.security.KeyManagementException; +import java.security.NoSuchAlgorithmException; + +public class TrustAllCertsClient { + + public static OkHttpClient getTrustAllCertsClient() throws NoSuchAlgorithmException, KeyManagementException { + TrustManager[] trustAllCerts = new TrustManager[]{ + new X509TrustManager() { + @Override + public void checkClientTrusted(java.security.cert.X509Certificate[] chain, String authType) { + } + + @Override + public void checkServerTrusted(java.security.cert.X509Certificate[] chain, String authType) { + } + + @Override + public java.security.cert.X509Certificate[] getAcceptedIssuers() { + return new java.security.cert.X509Certificate[]{}; + } + } + }; + + SSLContext sslContext = SSLContext.getInstance("SSL"); + sslContext.init(null, trustAllCerts, new java.security.SecureRandom()); + + OkHttpClient.Builder newBuilder = new OkHttpClient.Builder(); + newBuilder.sslSocketFactory(sslContext.getSocketFactory(), (X509TrustManager) trustAllCerts[0]); + newBuilder.hostnameVerifier((hostname, session) -> true); + return newBuilder.build(); + } + + public static void main(String[] args) throws NoSuchAlgorithmException, KeyManagementException, IOException { + OkHttpClient newClient = getTrustAllCertsClient(); + newClient.newCall(new Request.Builder().url("https://expired.badssl.com/").build()).execute(); + } +}