A very common problem developers face while building client applications is the
If you are using a raw HttpUrlConnection, you can follow the guide provided at
Obsidian Scheduler - Ignoring Self Signed Certificates in Java.
But if you are using a client library like jersey or retrofit, you can follow this guide.
Jersey Client :-
Dependencies :-
Code :-
Dependencies :-
Code :-
java.security.cert.CertificateException: Untrusted Server Certificate Chain
javax.net.ssl.SSLHandshakeException:
sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to
find valid certification path to requested target
If you are using a raw HttpUrlConnection, you can follow the guide provided at
Obsidian Scheduler - Ignoring Self Signed Certificates in Java.
But if you are using a client library like jersey or retrofit, you can follow this guide.
Jersey Client :-
Dependencies :-
'com.sun.jersey:jersey-client:1.9.1'
Code :-
import java.security.SecureRandom;Retrofit:-
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import com.sun.jersey.api.client.Client;
import com.sun.jersey.api.client.config.ClientConfig;
import com.sun.jersey.api.client.config.DefaultClientConfig;
import com.sun.jersey.client.urlconnection.HTTPSProperties;
@SuppressWarnings("unused")
public class ClientHelper {
public static ClientConfig configureClient() {
TrustManager[] certs = new TrustManager[] { new X509TrustManager() {
@Override
public X509Certificate[] getAcceptedIssuers() {
return null;
}
@Override
public void checkServerTrusted(X509Certificate[] chain,
String authType) throws CertificateException {
}
@Override
public void checkClientTrusted(X509Certificate[] chain,
String authType) throws CertificateException {
}
} };
SSLContext ctx = null;
try {
ctx = SSLContext.getInstance("TLS");
ctx.init(null, certs, new SecureRandom());
} catch (java.security.GeneralSecurityException ex) {
}
HttpsURLConnection.setDefaultSSLSocketFactory(ctx.getSocketFactory());
ClientConfig config = new DefaultClientConfig();
try {
config.getProperties().put(
HTTPSProperties.PROPERTY_HTTPS_PROPERTIES,
new HTTPSProperties(new HostnameVerifier() {
@Override
public boolean verify(String hostname,
SSLSession session) {
return true;
}
}, ctx));
} catch (Exception e) {
}
return config;
}
public static Client createClient() {
return Client.create(ClientHelper.configureClient());
}
}
Dependencies :-
'com.squareup.retrofit:retrofit:1.6.1'
'com.squareup.okhttp:okhttp:2.0.0'
'com.squareup.okhttp:okhttp-urlconnection:2.0.0'
Code :-
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import retrofit.RestAdapter;
import retrofit.client.OkClient;
import com.squareup.okhttp.OkHttpClient;
@SuppressWarnings("unused")
public class ProcessorHelper {
private final static Logger logger = LoggerFactory
.getLogger(ProcessorHelper.class);
@SuppressWarnings("null")
public static OkHttpClient configureClient(final OkHttpClient client) {
final TrustManager[] certs = new TrustManager[] { new X509TrustManager() {
@Override
public X509Certificate[] getAcceptedIssuers() {
return null;
}
@Override
public void checkServerTrusted(final X509Certificate[] chain,
final String authType) throws CertificateException {
}
@Override
public void checkClientTrusted(final X509Certificate[] chain,
final String authType) throws CertificateException {
}
} };
SSLContext ctx = null;
try {
ctx = SSLContext.getInstance("TLS");
ctx.init(null, certs, new SecureRandom());
} catch (final java.security.GeneralSecurityException ex) {
}
try {
final HostnameVerifier hostnameVerifier = new HostnameVerifier() {
@Override
public boolean verify(final String hostname,
final SSLSession session) {
return true;
}
};
client.setHostnameVerifier(hostnameVerifier);
client.setSslSocketFactory(ctx.getSocketFactory());
} catch (final Exception e) {
}
return client;
}
public static OkHttpClient createClient() {
final OkHttpClient client = new OkHttpClient();
return configureClient(client);
}
public static WebHookService createWebHookService(final String url) {
final OkHttpClient client = ProcessorHelper.createClient();
final RestAdapter restAdapter = new RestAdapter.Builder()
.setEndpoint(url).setClient(new OkClient(client)).build();
return restAdapter.create(WebHookService.class);
}
}