How to ignore SSL certificate errors in Apache HttpComponents HttpClient 5.1

Question

How do I bypass certificate verification errors with Apache HttpComponents HttpClient 5.1?

I've found a working solution to bypass such errors in HttpClient 4.5 that suggests customizing HttpClient instance:

HttpClient httpClient = HttpClients
            .custom()
            .setSSLContext(new SSLContextBuilder().loadTrustMaterial(null, TrustAllStrategy.INSTANCE).build())
            .setSSLHostnameVerifier(NoopHostnameVerifier.INSTANCE)
            .build();

But it is not applicable to HttpClient 5.1, as setSSLContext and setSSLHostnameVerifier methods do not exist in HttpClientBuilder (which HttpClients.custom() returns).

ok2c · Accepted Answer

There are several specialized builders in HC 5.1 that can be used to do the same:

CloseableHttpClient httpclient = HttpClients.custom()
        .setConnectionManager(PoolingHttpClientConnectionManagerBuilder.create()
                .setSSLSocketFactory(SSLConnectionSocketFactoryBuilder.create()
                        .setSslContext(SSLContextBuilder.create()
                                .loadTrustMaterial(TrustAllStrategy.INSTANCE)
                                .build())
                        .setHostnameVerifier(NoopHostnameVerifier.INSTANCE)
                        .build())
                .build())
        .build();

UPDATE: For HC version 5.4 please see Travis Schneeberger answer.

How to ignore SSL certificate errors in Apache HttpComponents HttpClient 5.1

Answers (2)

Related Questions