is there any way to force jetty (which runs on maven) to ignore ssl handshake problem? currently my machine has self signed certificate. it makes problem when my jetty gets https request from other machine (perhaps my setting is wrong, though). i don't need the ssl certificate to be foolproof, though. because my machine is just a development machine.
Asked
Active
Viewed 982 times
0
-
Are you facing a problem similar to the one discussed [here](http://stackoverflow.com/questions/2215550/mavens-jetty-plugin-ssl-configuration-issue)? – Raghuram Aug 06 '12 at 12:19
-
no, my error is as following: javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown – fajrian Aug 07 '12 at 03:29
-
What are you doing when you get that error? – Kkkev Aug 22 '12 at 21:36
-
@Kkkev I have 2 instances. 1 server instance (with self signed ssl certificate) and 1 client instance (which tries to access https page in the server instance). In the end, I hardcoded in my client code so that it accepts my server's self signed ssl certificate (http://stackoverflow.com/questions/5871279/java-ssl-and-cert-keystore). Ugly solution i must say, but it is probably indeed a reasonable decision by sun/oracle that i must not be able to easily turn blind eye on ssl certificate problem. – fajrian Aug 27 '12 at 04:29
1 Answers
1
you can use EasySSLProtocolSocketFactory from the apache commons library.
// EasySSLProtocolSocketFactory accepts all self-signed certs
Protocol easyhttps = new Protocol("https", new EasySSLProtocolSocketFactory(), 443);
Protocol.registerProtocol("https", easyhttps); // all https connections will be affected
happymeal
- 1,373
- 14
- 24