Mercurial > hg > Blog
comparison content/Java/commons-httpclient-vs-self-signed-certs.md @ 18:ba3f2e5c6950
add a blog post on commons-httpclient
| author | Dirk Olmes <dirk@xanthippe.ping.de> |
|---|---|
| date | Thu, 03 Oct 2013 04:43:06 +0200 |
| parents | |
| children | 1d9382b0329b |
comparison
equal
deleted
inserted
replaced
| 17:cf946b015474 | 18:ba3f2e5c6950 |
|---|---|
| 1 Title: Apache commons-httpclient vs. self signed certificates | |
| 2 Date: 2013-10-03 | |
| 3 Tags: httpclient | |
| 4 Lang: en | |
| 5 | |
| 6 Recently I tried to retrieve HTML pages from a host that was using self signed HTTPS certificates. I used the excellent [Apache commons httpclient](http://hc.apache.org/httpcomponents-client-4.2.x/index.html) for the job. Their [tutorial](http://hc.apache.org/httpcomponents-client-4.2.x/tutorial/html/) is quite extensive and even gives examples about some customizations that can be made in the context of SSL. But being a good open source documentation, the tutorial only tells you the tiny details of tweaking individual settings, leaving the big picture for you to figure out. | |
| 7 | |
| 8 So how does all the talk about socket factories and SSLContext and friends go together with your [HttpClient](http://hc.apache.org/httpcomponents-client-ga/httpclient/apidocs/org/apache/http/client/HttpClient.html)? | |
| 9 | |
| 10 Let's assume you already have a HttpClient instance at hand: | |
| 11 | |
| 12 HttpClient client = new DefaultHttpClient(); | |
| 13 | |
| 14 Now let's configure all the socket factories and stuff that's required to make HTTPS traffic with self signed certificates work: | |
| 15 | |
| 16 TrustStrategy trustStrategy = new TrustSelfSignedStrategy(); | |
| 17 X509HostnameVerifier hostnameVerifier = SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER; | |
| 18 SchemeSocketFactory socketFactory = new SSLSocketFactory(trustStrategy, hostnameVerifier); | |
| 19 | |
| 20 And now let's put it all together: | |
| 21 | |
| 22 Scheme https = new Scheme("https", 443, socketFactory); | |
| 23 SchemeRegistry registry = client.getConnectionManager().getSchemeRegistry(); | |
| 24 registry.register(https); |