Get OkHttpClient which ignores all SSL errors.

GagSsl.java

  private static OkHttpClient getUnsafeOkHttpClient() {
    try {
      // Create a trust manager that does not validate certificate chains
      final TrustManager[] trustAllCerts = new TrustManager[] {
          new X509TrustManager() {
            @Override
            public void checkClientTrusted(java.security.cert.X509Certificate[] chain, String authType) throws CertificateException {
            }

            @Override
            public void checkServerTrusted(java.security.cert.X509Certificate[] chain, String authType) throws CertificateException {
            }

            @Override
            public java.security.cert.X509Certificate[] getAcceptedIssuers() {
              return null;
            }
          }
      };

      // Install the all-trusting trust manager
      final SSLContext sslContext = SSLContext.getInstance("SSL");
      sslContext.init(null, trustAllCerts, new java.security.SecureRandom());
      // Create an ssl socket factory with our all-trusting manager
      final SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();

      OkHttpClient okHttpClient = new OkHttpClient();
      okHttpClient.setSslSocketFactory(sslSocketFactory);
      okHttpClient.setHostnameVerifier(new HostnameVerifier() {
        @Override
        public boolean verify(String hostname, SSLSession session) {
          return true;
        }
      });

      return okHttpClient;
    } catch (Exception e) {
      throw new RuntimeException(e);
    }
  }

Real trouble!!

@jbxberg Yes, your comment has been definitely useful.

I want ignore SLL ，but its not work，why？ who can help me ，

Caused by: java.lang.NullPointerException: Attempt to get length of null array at okhttp3.internal.tls.TrustRootIndex$BasicTrustRootIndex.<init>(TrustRootIndex.java:90) at okhttp3.internal.tls.TrustRootIndex.get(TrustRootIndex.java:48) at okhttp3.internal.tls.TrustRootIndex.get(TrustRootIndex.java:43) at okhttp3.internal.platform.Platform.buildCertificateChainCleaner(Platform.java:147) at okhttp3.internal.platform.AndroidPlatform.buildCertificateChainCleaner(AndroidPlatform.java:159) at okhttp3.internal.tls.CertificateChainCleaner.get(CertificateChainCleaner.java:41) at okhttp3.OkHttpClient$Builder.sslSocketFactory(OkHttpClient.java:602)

facing same problem.

+1 to @jbxberg, avoiding the java.lang.NullPointerException: Attempt to get length of null array error is as simple as replacing this:

@Override
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
    return null;
}

with this:

@Override
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
     return new java.security.cert.X509Certificate[0];
}

+1 @cpgree Good Job!

@cogree,

good job

I tweaked the code a bit to work with OkHttp3
https://gist.github.com/mefarazath/c9b588044d6bffd26aac3c520660bf40

Thanks mefarazath!

Ignores all SSL is bad idea.
Using https://network-security.haipq.com to get config ssl for Android

Thanks a lot! This works for me. Although ignoring all the SSL certificates are dangerous, but if we only use it for local development environment, it should be fine.

License?

I have this error.

java.lang.RuntimeException: java.lang.IllegalStateException: trustManager.acceptedIssuers must not be null
at com.example.advertiseapp.API_Package.RetrofitClientBase.getUnsafeOkHttpClient(RetrofitClientBase.java:103)
at com.example.advertiseapp.API_Package.RetrofitClientBase.getEmpConnectService(RetrofitClientBase.java:40)
at com.example.advertiseapp.API_Package.RetrofitClientBase.initInstance(RetrofitClientBase.java:33)
at com.example.advertiseapp.API_Package.RetrofitClientBase.getRetrofitInstance(RetrofitClientBase.java:29)
at com.example.advertiseapp.RegisterDeviceActivity.LogInApi(RegisterDeviceActivity.java:157)
at com.example.advertiseapp.RegisterDeviceActivity.access$000(RegisterDeviceActivity.java:56)
at com.example.advertiseapp.RegisterDeviceActivity$1.onClick(RegisterDeviceActivity.java:136)
at android.view.View.performClick(View.java:6597)
at android.view.View.performClickInternal(View.java:6574)
at android.view.View.access$3100(View.java:778)
at android.view.View$PerformClick.run(View.java:25885)
at android.os.Handler.handleCallback(Handler.java:873)
at android.os.Handler.dispatchMessage(Handler.java:99)
at android.os.Looper.loop(Looper.java:193)
at android.app.ActivityThread.main(ActivityThread.java:6669)
at java.lang.reflect.Method.invoke(Native Method)
at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:493)
at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:858)
Caused by: java.lang.IllegalStateException: trustManager.acceptedIssuers must not be null
at okhttp3.internal.platform.Platform.buildTrustRootIndex(Platform.kt:169)
at okhttp3.internal.platform.AndroidPlatform.buildTrustRootIndex(AndroidPlatform.kt:168)
at okhttp3.internal.platform.Platform.buildCertificateChainCleaner(Platform.kt:159)
at okhttp3.internal.platform.AndroidPlatform.buildCertificateChainCleaner(AndroidPlatform.kt:157)
at okhttp3.internal.tls.CertificateChainCleaner$Companion.get(CertificateChainCleaner.kt:42)
at okhttp3.OkHttpClient$Builder.sslSocketFactory(OkHttpClient.kt:728)
at com.example.advertiseapp.API_Package.RetrofitClientBase.getUnsafeOkHttpClient(RetrofitClientBase.java:92)
at com.example.advertiseapp.API_Package.RetrofitClientBase.getEmpConnectService(RetrofitClientBase.java:40) 
at com.example.advertiseapp.API_Package.RetrofitClientBase.initInstance(RetrofitClientBase.java:33) 
at com.example.advertiseapp.API_Package.RetrofitClientBase.getRetrofitInstance(RetrofitClientBase.java:29) 
at com.example.advertiseapp.RegisterDeviceActivity.LogInApi(RegisterDeviceActivity.java:157) 
at com.example.advertiseapp.RegisterDeviceActivity.access$000(RegisterDeviceActivity.java:56) 
at com.example.advertiseapp.RegisterDeviceActivity$1.onClick(RegisterDeviceActivity.java:136) 
at android.view.View.performClick(View.java:6597) 
at android.view.View.performClickInternal(View.java:6574) 
at android.view.View.access$3100(View.java:778) 
at android.view.View$PerformClick.run(View.java:25885) 
at android.os.Handler.handleCallback(Handler.java:873) 
at android.os.Handler.dispatchMessage(Handler.java:99) 
at android.os.Looper.loop(Looper.java:193) 
at android.app.ActivityThread.main(ActivityThread.java:6669) 
at java.lang.reflect.Method.invoke(Native Method) 
at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:493) 
at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:858) 

you are a life saver.

I have this error.

java.lang.RuntimeException: java.lang.IllegalStateException: trustManager.acceptedIssuers must not be null
at com.example.advertiseapp.API_Package.RetrofitClientBase.getUnsafeOkHttpClient(RetrofitClientBase.java:103)
...

Replace
@Override public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; }

With
@Override public java.security.cert.X509Certificate[] getAcceptedIssuers() { return new java.security.cert.X509Certificate[]{}; }

Hi @chalup Can u license your code to Apache 2.0 same as okhttp library?