Is it possible to disable ssl for https?

Question

Application on java. OkHttp version 2.7.5 is used. A request is made to another service and an error occurs.

SSLHandshakeException: sun.security.validator.ValidatorException: 
PKIX path building failed: 
sun.security.provider.certpath.SunCertPathBuilderException: 
unable to find valid certification path to requested target

I do not have a certificate. It seems there are solutions for the version of okHttp3. But the version can not be changed. How to solve a problem?

Answer 1

Is it possible to disable ssl for https?

Literally, no.

Use of SSL is fundamental to the HTTPS protocol. If you don't want to use SSL at all, configure your server with an HTTP endpoint and use that instead of HTTPS.

Furthermore use of SSL requires a certificate that is (at least) syntactically well-formed. That is also fundamental to the HTTPS protocol.

Now if the problem is that your server certificate has expired, then a possible solution is to use the approach described in:

• Make a connection to a HTTPS server from Java and ignore the validity of the security certificate.

And if the problem is that you cannot get a proper certificate for the server (e.g. you can't afford it) then an alternative solution is:

1. generate a self-signed certificate; see How to generate a self-signed certificate using Java Keytool,
2. install it on the server side,
3. configure the client as above to ignore certificate validity.

But note that doing either of those things has security issues.

There is a third solution that is more secure.

1. generate a self-signed certificate (as above)
2. install it on the server side,
3. use Keytool to add the certificate to the client app's keystore as a trusted certificate.