CODEWITHSUNDEEP
javaandroidssl
Dikobraz
Dikobraz

Reputation: 659

How do I accept an expired ssl certificate with Apache client?

I'm trying to make DefaultHttpClient() work with expired SSL certificate.

Android API 2.2

It won't compile because of this line:

SSLSocketFactory sf = new SSLSocketFactory(sslContext);

Error: The constructor SSLSocketFactory(SSLContext) is undefined

What am I doing wrong?

    import javax.net.ssl.SSLContext;
    import javax.net.ssl.TrustManager;
    import javax.net.ssl.X509TrustManager;
    import org.apache.http.conn.ssl.SSLSocketFactory;
    {...}

        SSLContext sslContext = SSLContext.getInstance("SSL");

        // set up a TrustManager that trusts everything
        sslContext.init(null, new TrustManager[] { new X509TrustManager() {
                    public X509Certificate[] getAcceptedIssuers() {
                            System.out.println("getAcceptedIssuers =============");
                            return null;
                    }

                    public void checkClientTrusted(X509Certificate[] certs,
                                    String authType) {
                            System.out.println("checkClientTrusted =============");
                    }

                    public void checkServerTrusted(X509Certificate[] certs,
                                    String authType) {
                            System.out.println("checkServerTrusted =============");
                    }
        } }, new SecureRandom());

        SSLSocketFactory sf = new SSLSocketFactory(sslContext);
        Scheme httpsScheme = new Scheme("https", sf, 443);
        SchemeRegistry schemeRegistry = new SchemeRegistry();
        schemeRegistry.register(httpsScheme);

        HttpParams params = new BasicHttpParams();
        ClientConnectionManager cm = new SingleClientConnManager(params, schemeRegistry);

        //DefaultHttpClient httpclient = new DefaultHttpClient();
        DefaultHttpClient httpclient = new DefaultHttpClient(cm, params);

Upvotes: 2

Views: 1926

Answers (2)

Saad Farooq
Saad Farooq

Reputation: 13402

You didn't do anything wrong (except perhaps using some standard Java code).

It appears that the Android implementation of the Apache SSLSocketFactory class does not implement all the constructors of the original Apache SSLSocketFactory class

You'll just have to improvise.

Upvotes: 0

Marvin Pinto
Marvin Pinto

Reputation: 30980

Looking through the documentation for SSLSocketFactory, there doesn't appear to be a constructor:

SSLSocketFactory(javax.net.ssl.SSLContext)

The available constructors are:

SSLSocketFactory(String algorithm, KeyStore keystore, String keystorePassword, KeyStore truststore, SecureRandom random, HostNameResolver nameResolver)
SSLSocketFactory(KeyStore keystore, String keystorePassword, KeyStore truststore)
SSLSocketFactory(KeyStore keystore, String keystorePassword)
SSLSocketFactory(KeyStore truststore)

Am I missing something here?

See also javax.net.ssl.SSLContext

Upvotes: 1

Related Questions