1

I have java websocket connection that tries to login to the server followed by establishing the websocket connection. The websocket class has the mechanism to connect the socket connection where's the main class call for the websocket class constructor.

WebSocket(URI serverUri, Map<String, String> head) {
        super(serverUri, head);
    }

socketUri = new URI(sockPath);
Map<String, String> head = new HashMap<>();
head.put("Authorization", "Bearer ".concat(headerToken));
client = new WebSocket(websocketUri, head);
client.setServerWebSocketUrlPathsockPath);
client.connect();

How to make the socket connection to disable the SSL certificate check.

Jexxer
  • 13
  • 4

1 Answers1

1

While disabling SSL certificate checks is not good practice, here is a solution:

The following code comes from Nakov.com

    // Create a trust manager that does not validate certificate chains
        TrustManager[] trustAllCerts = new TrustManager[] {new X509TrustManager() {
                public java.security.cert.X509Certificate[] getAcceptedIssuers() {
                    return null;
                }
                public void checkClientTrusted(X509Certificate[] certs, String authType) {
                }
                public void checkServerTrusted(X509Certificate[] certs, String authType) {
                }
            }
        };
 
        // Install the all-trusting trust manager
        SSLContext sc = SSLContext.getInstance("SSL");
        sc.init(null, trustAllCerts, new java.security.SecureRandom());
        HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
 
        // Create all-trusting host name verifier
        HostnameVerifier allHostsValid = new HostnameVerifier() {
            public boolean verify(String hostname, SSLSession session) {
                return true;
            }
        };
 
        // Install the all-trusting host verifier
        HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid);
Flav
  • 188
  • 2
  • 15
  • I would recommend to use a custom X509ExtendedTrustManager instead of the X509TrustManager as it will partially will disable the SSL verifications. See here for an example https://stackoverflow.com/a/64982379/6777695 – Hakan54 Sep 28 '21 at 18:05
  • how can I use this in my above code? @Flav – Jexxer Sep 29 '21 at 06:01
  • You just need to execute this code once (before creating your socket). I also suggest you look into @Hakan54 's comment. – Flav Sep 29 '21 at 10:31
  • Used the above code before `socketUri = new URI(sockPath);` but didnt worked. – Jexxer Sep 29 '21 at 11:55
  • I have just edited the answer. What is your implementation of WebSocket? – Flav Sep 29 '21 at 15:46
  • thanks for help, but im stil getting same error `javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative names present` any clue how it could be resolved? – Jexxer Oct 01 '21 at 07:20
  • I think that [this post](https://stackoverflow.com/questions/19540289/how-to-fix-the-java-security-cert-certificateexception-no-subject-alternative) covers your problem – Flav Oct 01 '21 at 07:31
  • used same but no help yet. used `disableSslVerification()` defined in that post above `socketUri = new URI(sockPath);`. Is that right place to call it? – Jexxer Oct 01 '21 at 13:40
  • It should work yes. Have you tried Hakan54's method in the first comment? – Flav Oct 01 '21 at 13:48
  • @Jexxer did you manage to solve it? im facing exactly the same issue and everything i tried failed. – Lea2501 Oct 28 '21 at 16:36
  • No clue @LeaChescotta – Jexxer Oct 29 '21 at 12:53