Skip to content

Instantly share code, notes, and snippets.

@duleitony
Forked from jabbrwcky/InsecureHttpClient.java
Created June 14, 2016 05:17
Show Gist options
  • Save duleitony/73f24cff442613eb488cb436c0d87285 to your computer and use it in GitHub Desktop.
Save duleitony/73f24cff442613eb488cb436c0d87285 to your computer and use it in GitHub Desktop.
A sample how to configure Apache HTTPClient (4.+) to accept SSL connections *without* certificate and hostname validation
package net.hausherr.sample;
import org.apache.http.client.CookieStore;
import org.apache.http.conn.routing.HttpRoute;
import org.apache.http.conn.routing.HttpRoutePlanner;
import org.apache.http.conn.scheme.PlainSocketFactory;
import org.apache.http.conn.scheme.Scheme;
import org.apache.http.conn.scheme.SchemeRegistry;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.conn.ssl.TrustStrategy;
import org.apache.http.cookie.Cookie;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.BasicCookieStore;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.protocol.HttpContext;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import org.apache.log4j.Logger;
/**
* <p>Sample factory for building a HttpClient that configures a HttpClient
* instance to store cookies and to accept SSLcertificates without HostName validation.</p>
* <p>You obviously should not use this class in production, but it may come handy when
* developing with internal Servers using self-signed certificates.</p>
*/
public class InsecureHttpClientFactory {
protected Logger log = Logger.getLogger(this.getClass());
public DefaultHttpClient build HttpClient() {
hc = new DefaultHttpClient();
configureProxy();
configureCookieStore();
configureSSLHandling();
return hc;
}
private void configureProxy() {
HttpHost proxy = new HttpHost("proxy.example.org", 3182);
hc.getParams().setParameter(ConnRoutePNames.DEFAULT_PROXY, proxy);
}
private void configureCookieStore() {
CookieStore cStore = new BasicCookieStore();
hc.setCookieStore(cStore);
}
private void configureSSLHandling() {
Scheme http = new Scheme("http", 80, PlainSocketFactory.getSocketFactory());
SSLSocketFactory sf = buildSSLSocketFactory();
Scheme https = new Scheme("https", 443, sf);
SchemeRegistry sr = hc.getConnectionManager().getSchemeRegistry();
sr.register(http);
sr.register(https);
}
private SSLSocketFactory buildSSLSocketFactory() {
TrustStrategy ts = new TrustStrategy() {
@Override
public boolean isTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {
return true; // heck yea!
}
};
SSLSocketFactory sf = null;
try {
/* build socket factory with hostname verification turned off. */
sf = new SSLSocketFactory(ts, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
} catch (NoSuchAlgorithmException e) {
log.error("Failed to initialize SSL handling.", e);
} catch (KeyManagementException e) {
log.error("Failed to initialize SSL handling.", e);
} catch (KeyStoreException e) {
log.error("Failed to initialize SSL handling.", e);
} catch (UnrecoverableKeyException e) {
log.error("Failed to initialize SSL handling.", e);
}
return sf;
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment