Mercurial > hg > Blog
view content/Java/commons-httpclient-vs-self-signed-certs.md @ 71:6e8d97e43bd7
Automated merge with ssh://xanthippe//home/dirk/Projekte/Blog
author | Dirk Olmes <dirk@xanthippe.ping.de> |
---|---|
date | Sat, 02 Jan 2016 03:18:12 +0100 |
parents | ba3f2e5c6950 |
children | 1d9382b0329b |
line wrap: on
line source
Title: Apache commons-httpclient vs. self signed certificates Date: 2013-10-03 Tags: httpclient Lang: en Recently I tried to retrieve HTML pages from a host that was using self signed HTTPS certificates. I used the excellent [Apache commons httpclient](http://hc.apache.org/httpcomponents-client-4.2.x/index.html) for the job. Their [tutorial](http://hc.apache.org/httpcomponents-client-4.2.x/tutorial/html/) is quite extensive and even gives examples about some customizations that can be made in the context of SSL. But being a good open source documentation, the tutorial only tells you the tiny details of tweaking individual settings, leaving the big picture for you to figure out. So how does all the talk about socket factories and SSLContext and friends go together with your [HttpClient](http://hc.apache.org/httpcomponents-client-ga/httpclient/apidocs/org/apache/http/client/HttpClient.html)? Let's assume you already have a HttpClient instance at hand: HttpClient client = new DefaultHttpClient(); Now let's configure all the socket factories and stuff that's required to make HTTPS traffic with self signed certificates work: TrustStrategy trustStrategy = new TrustSelfSignedStrategy(); X509HostnameVerifier hostnameVerifier = SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER; SchemeSocketFactory socketFactory = new SSLSocketFactory(trustStrategy, hostnameVerifier); And now let's put it all together: Scheme https = new Scheme("https", 443, socketFactory); SchemeRegistry registry = client.getConnectionManager().getSchemeRegistry(); registry.register(https);