HTTP Resteasy client SSL trust all certificate

Question

I searched any possible solution to trust all certificate using Resteasy client, but I could not find a single working solution. I'm beginning to think that there is no way to do this using Resteasy 2.2.1.

Now, this is a sample of what I've done so far for a normal HTTP connection using resteasy client setting a proxy:

org.apache.commons.httpclient.HttpClient hc = new HttpClient();
ApacheHttpClientExecutor ace;
String proxyhost  = getProperty("proxyHost");
Integer proxyport = getProperty("proxyPort", Integer.class);
boolean useProxy = (proxyhost != null);
if(useProxy){
    hc.getHostConfiguration().setProxy(proxyhost, proxyport);
    ace = new ApacheHttpClientExecutor(hc);
} else {
    ace = new ApacheHttpClientExecutor();
}
ClientRequestFactory crf = new ClientRequestFactory(ace,uri);

Now, how can I tell to my ClientRequestFactory or my ApacheHttpClientExecutor or my HttpClient to trust all certificate?

Beware: I'm using Resteasy 2.2.1 (JBoss 5.1) I can't migrate to JBoss 7 or use a different resteasy version so I can't accept any answer that uses ResteasyClientBuilder

I can already see the good guy that answer "You shouldn't trust all certificate, it's evil!". This is an HTTP client used for Integration test, so it's pointless to consider (at this test level) the SSL certificate. I will absolutely not do this in production.

It's maybe duplicate with http://stackoverflow.com/questions/21257455/whats-an-easy-way-to-totally-ignore-ssl-with-java-url-connections/21257694#21257694 — Yasser Zamani, Jan 23 '14 at 15:00
No, it's not! Because I'm talking about Resteasy Client, not HTTPUrlConnection nor base Apache HttpClient, I already check those answer without finding any useful information — thermz, Jan 23 '14 at 15:03

score 2 · Answer 1 · edited May 23 '17 at 12:33

A bit late, but look here: https://stackoverflow.com/a/22444115/1328942

private DefaultHttpClient createAllTrustingClient() throws GeneralSecurityException {
        SchemeRegistry registry = new SchemeRegistry();
        registry.register(new Scheme("http", 80, PlainSocketFactory.getSocketFactory()));

        TrustStrategy trustStrategy = new TrustStrategy() {

            @Override
            public boolean isTrusted(X509Certificate[] chain, String authType) throws CertificateException {
                LOG.info("Is trusted? return true");
                return true;
            }
        };

        SSLSocketFactory factory = new SSLSocketFactory(trustStrategy, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
        registry.register(new Scheme("https", 443, factory));

        ThreadSafeClientConnManager mgr = new ThreadSafeClientConnManager(registry);
        mgr.setMaxTotal(1000);
        mgr.setDefaultMaxPerRoute(1000);

        DefaultHttpClient client = new DefaultHttpClient(mgr, new DefaultHttpClient().getParams());
        return client;
    }

And this is how it works:

@Test
public void testCatchingTheUnknownHostException() throws Exception {
    ApacheHttpClient4Executor apacheHttpClient4Executor = new ApacheHttpClient4Executor(
            createAllTrustingClient());

    ClientRequest clientRequest = new ClientRequest(host, apacheHttpClient4Executor);
}

Tested it with Resteasy 2.3.2.Final (Jboss 7.1.1)

Thanks for the response, however the question was about Resteasy 2.2.1 — thermz, Oct 24 '14 at 07:52
The link is for 3* version, but my code is for the 2.3.2. it's the same major version, are the differences that big? — Kescha Skywalker, Oct 24 '14 at 14:26

HTTP Resteasy client SSL trust all certificate

1 Answers1