Mercurial > hg > Blog
view content/Java/commons-httpclient-vs-self-signed-certs.md @ 112:cf31bf5fce72 default tip
Author of the blog post as mail header for efficient spam filtering
| author | Dirk Olmes <dirk.olmes@codedo.de> |
|---|---|
| date | Tue, 06 Sep 2022 07:04:11 +0200 |
| parents | 1d9382b0329b |
| children |
line wrap: on
line source
Title: Apache commons-httpclient vs. self signed certificates Date: 2013-10-03 Tags: httpclient Lang: en Recently I tried to retrieve HTML pages from a host that was using self signed HTTPS certificates. I used the excellent [Apache commons httpclient](http://hc.apache.org/httpcomponents-client-4.2.x/index.html) for the job. Their [tutorial](http://hc.apache.org/httpcomponents-client-4.2.x/tutorial/html/) is quite extensive and even gives examples about some customizations that can be made in the context of SSL. But being a good open source documentation, the tutorial only tells you the tiny details of tweaking individual settings, leaving the big picture for you to figure out. So how does all the talk about socket factories and SSLContext and friends go together with your [HttpClient](http://hc.apache.org/httpcomponents-client-ga/httpclient/apidocs/org/apache/http/client/HttpClient.html)? Let's assume you already have a HttpClient instance at hand: :::java HttpClient client = new DefaultHttpClient(); Now let's configure all the socket factories and stuff that's required to make HTTPS traffic with self signed certificates work: :::java TrustStrategy trustStrategy = new TrustSelfSignedStrategy(); X509HostnameVerifier hostnameVerifier = SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER; SchemeSocketFactory socketFactory = new SSLSocketFactory(trustStrategy, hostnameVerifier); And now let's put it all together: :::java Scheme https = new Scheme("https", 443, socketFactory); SchemeRegistry registry = client.getConnectionManager().getSchemeRegistry(); registry.register(https);