Skip to content

Instantly share code, notes, and snippets.

@patelm5
Created February 5, 2014 10:31
Show Gist options
  • Save patelm5/8820842 to your computer and use it in GitHub Desktop.
Save patelm5/8820842 to your computer and use it in GitHub Desktop.
Example of overridding self signed cert process in spring.
@Component
@Profile("untrusted")
public class SelfSignedTrustCertConfigurer {
private final static Logger logger = LoggerFactory.getLogger(SelfSignedTrustCertConfigurer.class.getName());
@PostConstruct
public void allowUntrustedCerts() {
HostnameVerifier hv = new HostnameVerifier() {
public boolean verify(String urlHostName, SSLSession session) {
logger.warn("Warning: URL Host: " + urlHostName + " vs. " + session.getPeerHost());
return true;
}
};
// Create a trust manager that does not validate certificate chains
TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) {
}
public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) {
}
} };
// Install the all-trusting trust manager
try {
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new java.security.SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
HttpsURLConnection.setDefaultHostnameVerifier(hv);
} catch (Exception e) {
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment