Reputation: 2030
Trusting all certificates in java Websocket client
First of all, I'm aware of the possible risks of trusting all certificates, however for some test purposes I have to implement this.
How can I force my client to trust all certificates? I'm implementing with javax.websocket
All I've done is simply connecting to ws like
WebSocketContainer client = ContainerProvider.getWebSocketContainer();
try {
session = client.connectToServer(ClientImpl.class, URI.create(uri));
} catch (DeploymentException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
} catch (Exception e) {
e.printStackTrace();
}
Upvotes: 4
Views: 4341
Answers (1)
Reputation: 138
I had the same problem. I haven't found any solution, but I was able to use a self-signed certificate.
I describe all the steps:
- Download the server certificate you want to connect, you can do it from your browser (in google chrome click right on the lock near the url of the page)
- Create a keystore with the following command (Remember password you entered)
keytool -import -alias localhost -file certificate_path -keystore your_new_keystore
I recommend you to use ClientManager instead of WebSocketContainer. This allows you to override the hostname verification.
My code
System.getProperties().put("javax.net.debug", "all"); //usefull to understand problems
System.getProperties().put(SSLContextConfigurator.KEY_STORE_FILE, your_new_keystore_path);
System.getProperties().put(SSLContextConfigurator.TRUST_STORE_FILE, your_new_keystore_path);
System.getProperties().put(SSLContextConfigurator.KEY_STORE_PASSWORD, the_password_you_entered);
System.getProperties().put(SSLContextConfigurator.TRUST_STORE_PASSWORD, the_password_you_enterede);
ClientManager client = ClientManager.createClient();
SslEngineConfigurator sslEngineConfigurator = new SslEngineConfigurator(new SslContextConfigurator());
sslEngineConfigurator.setHostVerificationEnabled(false); //skip host verification
client.getProperties().put(ClientProperties.SSL_ENGINE_CONFIGURATOR, sslEngineConfigurator);
client.connectToServer(you_class_with_ws_methods, your_ws_uri);
you_class_with_ws_methods can be the same you use with WebSocketContainer Useful resources:
https://tyrus.java.net/documentation/1.10/user-guide.html#d0e1128 https://blogs.oracle.com/PavelBucek/entry/securing_websocket_applications_on_glassfish
Upvotes: 3
Related Questions
- How to give certificate to Java Websocket?
- Disable SSL certification in websocket java
- Java Secure Websocket - Load SSL context from TLS cert file and connect to WSS URI
- Websocket with Client Certificate
- WebSocket server get client certificate onOpen
- WebSocket SSL in JAVA
- Certificate for securing webscocket connection
- Accept server certificate for secured websocket connection
- Java 7 - SSL how to trust all certificates
- Websockets via secure http server with client certificate authentication