Reputation: 152
How to get Remote server untrusted SSL certificate using Apache HTTP Client API
I have a remote server which may or may not be running using a valid SSL cert (using self-signed SSL cert).
We are making connection to remote server, which may fail if remote server is using self-signed SSL cert. So, we want to be able to download/view the remote server cert if our SSL handshake fails.
If I use Apache HTTP Client then I couldn't find a method which could allow me to view remote server certificate (you can do it with HttpsURLConnection but we are trying to avoid using it see this example).
I also looked into Spring RestTemplate, and it didn't provide any option either - I searched on Google and didn't find anything around Spring or Apache HTTP Client.
Upvotes: 0
Views: 393
Answers (1)
Reputation: 27528
This should give you pretty much a complete control over the process of trust verification.
SSLContext sslContext = SSLContextBuilder.create()
.loadTrustMaterial((chain, authType) -> {
for (X509Certificate cert: chain) {
System.out.println(cert.getSubjectDN());
}
// Let the standard trust managers decide
// whether or not the cert chain is trusted
return false;
})
.build();
CloseableHttpClient client = HttpClientBuilder.create()
.setSSLContext(sslContext)
.build();
Upvotes: 1
Related Questions
- Trusting all certificates using HttpClient over HTTPS
- How do I pass the client certificate with HTTP client?
- How do I use an SSL client certificate with Apache HttpClient?
- Apache Http Client SSL certificate error
- SSL in HttpClient
- How to use HttpClient with ANY ssl cert, no matter how "bad" it is
- Apache HttpClient get server certificate
- HttpClient 403 error when using valid client certificate
- HTTP Client with https
- Using HttpClient with SSL and certificates