Changes for page Web Services-How to Trust Any SSL Certificate
Last modified by Pascal Robert on 2007/09/03 19:33
From version 4.1
edited by Pascal Robert
on 2007/09/03 19:33
on 2007/09/03 19:33
Change comment:
There is no comment for this version
To version 5.1
edited by Pascal Robert
on 2007/09/03 19:33
on 2007/09/03 19:33
Change comment:
There is no comment for this version
Summary
-
Page properties (1 modified, 0 added, 0 removed)
Details
- Page properties
-
- Content
-
... ... @@ -13,14 +13,14 @@ 13 13 14 14 But this can be painful, even more if the application must be tested with various servers using self-signed or bad defined certificate. And if a server is using a certificate with a hostname different from the one you use to test it, it will still fail. 15 15 16 -It's also possible to change the ##TrustManager##and##HostnameVerifier##in Java code, but the API did change from JDK 1.3 and 1.4. Unfortunately, the old deprecated##"com.sun.net.ssl"##package is still available, making setting of a custom##TrustManager##and##HostnameVerifier##a bit difficult.16 +It's also possible to change the {{code language="none"}}TrustManager{{/code}} and {{code language="none"}}HostnameVerifier{{/code}} in Java code, but the API did change from JDK 1.3 and 1.4. Unfortunately, the old deprecated {{code language="none"}}"com.sun.net.ssl"{{/code}} package is still available, making setting of a custom {{code language="none"}}TrustManager{{/code}} and {{code language="none"}}HostnameVerifier{{/code}} a bit difficult. 17 17 18 18 So I've created an utility class that allow relaxing of the SSL trust rules. Simply add it to a package, an application or a framework, and call: 19 19 20 -* ##SSLUtilities.trustAllHostnames()##to turn off the default hostname verification on HTTPS connection;21 -* ##SSLUtilities.trustAllHttpsCertificates()##to turn off the default certificate validation on HTTPS connection.20 +* {{code language="none"}}SSLUtilities.trustAllHostnames(){{/code}} to turn off the default hostname verification on HTTPS connection; 21 +* {{code language="none"}}SSLUtilities.trustAllHttpsCertificates(){{/code}} to turn off the default certificate validation on HTTPS connection. 22 22 23 -{{code title="SSLUtilities.java"}} 23 +{{code title="SSLUtilities.java" 0="java"}} 24 24 25 25 import java.security.GeneralSecurityException; 26 26 import java.security.SecureRandom;