Apache HttpClient Error: javax.net.ssl.SSLPeerUnverifiedException: Peer Not Authenticated

Question

I'm trying to configure org.apache.http.client.HttpClient to work with https. This is the client configuration:

TrustManager[] trustManagers = new TrustManager[] { new DummyTrustManager() };

SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(keyManagers, trustManagers, null);

SSLSocketFactory sf = new SSLSocketFactory(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);

Scheme scheme = new Scheme("https", 443, sf);
SchemeRegistry registry = new SchemeRegistry();
registry.register(scheme);

ThreadSafeClientConnManager cm = new ThreadSafeClientConnManager(registry);

DefaultHttpClient client = new DefaultHttpClient(cm, httpParameters);

This is the code of DummyTrustManager:

public static class DummyTrustManager implements X509TrustManager {

    @Override
    public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
    }

    @Override
    public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
    }

    @Override
    public X509Certificate[] getAcceptedIssuers() {
        return null;
    }
}

And when I send request, I get

 `javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated`

What could be the problem?

Answer 1

You also need to adjust the TrustStrategy:

TrustStrategy acceptingTrustStrategy = new TrustStrategy() {
    @Override
    public boolean isTrusted(X509Certificate[] certificate, String authType) {
        return true;
    }
};
SSLSocketFactory sf = new SSLSocketFactory(acceptingTrustStrategy, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
...

see a full example at: http://www.baeldung.com/httpclient-ssl