0

Initially I want my program to ignore the ssl certificate validation since my program will contact the exposed web services in HTTPS. I have read quite lot of available solution in StackOverFlow and modified my program until this stage.
This is the first solution I tested
This is the second solution I tested

        SSLContext sslContext = SSLContext.getInstance("SSL");

        // set up a TrustManager that trusts everything
        sslContext.init(null, new TrustManager[] { new X509TrustManager() {
                public X509Certificate[] getAcceptedIssuers() {
                    System.out.println("getAcceptedIssuers =============");
                    return null;
                }

                public void checkClientTrusted(X509Certificate[] certs,
                            String authType) {
                    System.out.println("checkClientTrusted =============");
                }

                public void checkServerTrusted(X509Certificate[] certs,
                            String authType) {
                    System.out.println("checkServerTrusted =============");
                }
        } }, new SecureRandom());

        SSLSocketFactory sf = new SSLSocketFactory(sslContext);
        Scheme httpsScheme = new Scheme("https", 443, sf);
        SchemeRegistry schemeRegistry = new SchemeRegistry();
        schemeRegistry.register(httpsScheme);

        // apache HttpClient version >4.2 should use BasicClientConnectionManager
        ClientConnectionManager cm = new SingleClientConnManager(schemeRegistry);
        HttpClient HttpClient1 = new DefaultHttpClient(cm);       
        HttpPost httpPost = new HttpPost("https://<ServerIP>:<Port>");



When I executed the code,it's show me a lot of the class had been deprecated where you can seen under this section 

test1.java:27: warning: [deprecation] ClientConnectionManager in org.apache.http.conn has been deprecated
import org.apache.http.conn.ClientConnectionManager;
                           ^
test1.java:28: warning: [deprecation] SingleClientConnManager in org.apache.http.impl.conn has been deprecated
import org.apache.http.impl.conn.SingleClientConnManager;
                                ^
test1.java:29: warning: [deprecation] DefaultHttpClient in org.apache.http.impl.client has been deprecated
import org.apache.http.impl.client.DefaultHttpClient;
                                  ^
test1.java:260: error: SSLSocketFactory is abstract; cannot be instantiated
        SSLSocketFactory sf = new SSLSocketFactory(sslContext);
                              ^
test1.java:261: warning: [deprecation] Scheme in org.apache.http.conn.scheme has been deprecated
        Scheme httpsScheme = new Scheme("https", 443, sf);
        ^
test1.java:261: warning: [deprecation] Scheme in org.apache.http.conn.scheme has been deprecated
        Scheme httpsScheme = new Scheme("https", 443, sf);
                                 ^
test1.java:261: error: no suitable constructor found for Scheme(String,int,SSLSocketFactory)
        Scheme httpsScheme = new Scheme("https", 443, sf);
                             ^
    constructor Scheme.Scheme(String,int,SchemeSocketFactory) is not applicable
      (argument mismatch; SSLSocketFactory cannot be converted to SchemeSocketFactory)
    constructor Scheme.Scheme(String,SocketFactory,int) is not applicable
      (argument mismatch; int cannot be converted to SocketFactory)
test1.java:262: warning: [deprecation] SchemeRegistry in org.apache.http.conn.scheme has been deprecated
        SchemeRegistry schemeRegistry = new SchemeRegistry();
        ^
test1.java:262: warning: [deprecation] SchemeRegistry in org.apache.http.conn.scheme has been deprecated
        SchemeRegistry schemeRegistry = new SchemeRegistry();
                                            ^
test1.java:266: warning: [deprecation] ClientConnectionManager in org.apache.http.conn has been deprecated
        ClientConnectionManager cm = new SingleClientConnManager(schemeRegistry);
        ^
test1.java:266: warning: [deprecation] SingleClientConnManager in org.apache.http.impl.conn has been deprecated
        ClientConnectionManager cm = new SingleClientConnManager(schemeRegistry);
                                         ^
test1.java:267: warning: [deprecation] DefaultHttpClient in org.apache.http.impl.client has been deprecated
        HttpClient HttpClient1 = new DefaultHttpClient(cm);



So far I don't have any CA certificate and self-sign certificate to solve this ssl problem, I try to ask my program to ignore the ssl validation since the web service will only use HTTPS because I tested with open source API software with HTTP and it's fail to work but if I try a HTTPS request without any ssl validation,it's work like expected. Please guide me this problem. These are the jar file that I used :

  • httpclient-4.4.jar
  • httpcore-4.4.1
  • javax-ssl-1_1.jar
  • java-rt-jar-stubs-1.5.0.jar
yumi
  • 153
  • 8
  • maybe this one helps: https://stackoverflow.com/questions/21257455/whats-an-easy-way-to-totally-ignore-ssl-with-java-url-connections – Aydin K. Jun 08 '17 at 11:02
  • thanks for ur link, do I need any self-sign cert put inside my java home ?? – yumi Jun 08 '17 at 11:10

0 Answers0