Apache HttpClient 4.5.x Usage with NTLM Proxy Authentication, ignore SSL Certificate

example_request.java

    @Test
    public void fetch_something() throws Exception {
        URI uri = UriBuilder.fromPath(path)
                .resolveTemplates(ImmutableMap.<String, Object>builder()
                                .put("country", VALID_COUNTRY)
                                .put("language", VALID_LANGUAGE)
                                .build()
                )
                .build();

        Registry<AuthSchemeProvider> authSchemeRegistry = RegistryBuilder.<AuthSchemeProvider>create()
            .register(AuthSchemes.NTLM, new NTLMSchemeFactory())
//            .register(AuthSchemes.BASIC, new BasicSchemeFactory())
//            .register(AuthSchemes.DIGEST, new DigestSchemeFactory())
//            .register(AuthSchemes.SPNEGO, new SPNegoSchemeFactory())
//            .register(AuthSchemes.KERBEROS, new KerberosSchemeFactory())
            .build();

        BasicCredentialsProvider credsProvider = new BasicCredentialsProvider();
        credsProvider.setCredentials(AuthScope.ANY, new NTCredentials("myuser", "mypassword", null, "domain"));

        HttpClientBuilder b  = HttpClientBuilder.create()
            .useSystemProperties()
            .setDefaultAuthSchemeRegistry(authSchemeRegistry)
            .setDefaultCredentialsProvider(credsProvider);

        // setup a Trust Strategy that allows all certificates.
        SSLContext sslContext = new SSLContextBuilder().loadTrustMaterial(null, new TrustStrategy() {
            @Override
            public boolean isTrusted(java.security.cert.X509Certificate[] chain, String authType) throws java.security.cert.CertificateException {
                return true;
            }
        }).build();
        b.setSSLContext(sslContext);

        // don't check Hostnames, either.
        //      -- use SSLConnectionSocketFactory.getDefaultHostnameVerifier(), if you don't want to weaken
        HostnameVerifier hostnameVerifier = SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER;

        // here's the special part:
        //      -- need to create an SSL Socket Factory, to use our weakened "trust strategy";
        //      -- and create a Registry, to register it.
        //
        SSLConnectionSocketFactory sslSocketFactory = new SSLConnectionSocketFactory(sslContext, hostnameVerifier);
        Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create()
            .register("http", PlainConnectionSocketFactory.getSocketFactory())
            .register("https", sslSocketFactory)
            .build();

        // now, we create connection-manager using our Registry.
        //      -- allows multi-threaded use
        PoolingHttpClientConnectionManager connMgr = new PoolingHttpClientConnectionManager( socketFactoryRegistry);
        b.setConnectionManager( connMgr);

        CloseableHttpClient httpclient = b
            .setProxy(new HttpHost("my-proxy.example.com", 3128))
            .setProxyAuthenticationStrategy(ProxyAuthenticationStrategy.INSTANCE)
            .build();

        HttpGet httpGet = new HttpGet(uri);
        httpGet.setConfig(RequestConfig.custom()
            .setAuthenticationEnabled(true)
            .setProxyPreferredAuthSchemes(Arrays.asList("NTLM"))
            .build());
        httpGet.addHeader("X-Trace-Id", TRACE_ID);

        CloseableHttpResponse response = httpclient.execute(httpGet);
        String responseContent = EntityUtils.toString(response.getEntity());

        assertThat("response status code equals 200", response.getStatusLine().getStatusCode(), equalTo(200));
    }