0

I am getting the exception javax.net.ssl.SSLHandshakeException. I have read up you can bypass this at the coding level. Which is what I have been attempting to do. I have added NoopHostnameVerifier.INSTANCE and SSLContext to the client builder, but still getting the SSL exception.

var clientBuilder  = HttpClientBuilder.create()
            .setDefaultRequestConfig(RequestConfig.custom().setCookieSpec(CookieSpecs.STANDARD).build())
            .setRedirectStrategy(new LaxRedirectStrategy())
            .setDefaultCookieStore(cookieStore)
            .setSSLHostnameVerifier(NoopHostnameVerifier.INSTANCE)
            .setSSLContext(createSSLContext());

private SSLContext createSSLContext() {
              TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
              @Override
                    public java.security.cert.X509Certificate[] getAcceptedIssuers() {
                      return null;
                   }

                    @Override
                    public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
                    }

                    @Override
                    public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {

                    }
           } };

       SSLContext sc = null;
        try {
           sc = SSLContext.getInstance ("SSL");
           sc.init (null, trustAllCerts, new java.security.SecureRandom ());
        } catch (KeyManagementException | NoSuchAlgorithmException e) {
           e.printStackTrace ();
        }
        return sc;
    }
Anton Cavanaugh
  • 719
  • 1
  • 4
  • 14
  • 1
    Where did you read it? Did you follow https://stackoverflow.com/questions/6659360/how-to-solve-javax-net-ssl-sslhandshakeexception-error – Scary Wombat Oct 29 '21 at 00:24
  • What benefit would it give you to "bypass" this exception at one end of the connection? The other end would still insist on the protocol and you wouldn't be able to communicate. – Jim Garrison Oct 29 '21 at 00:34
  • What is the cause of this handshake exception? You seem to be assuming that it is happening during certification verification. It could happen for other reasons; e.g. mismatched requirements for protocols or encryption algorithms. What have you done to diagnose the cause of the failure? – Stephen C Oct 29 '21 at 00:44
  • Note that the kind of stuff you are doing is inherently insecure ... and depending on the context ... dangerous. – Stephen C Oct 29 '21 at 00:47
  • Yes, I did Scary Wombat, but I noticed it was set up at the connection level not at the clientBuild level, – Anton Cavanaugh Oct 29 '21 at 08:30
  • Its for webcrawler functionlity/ – Anton Cavanaugh Oct 29 '21 at 08:34

0 Answers0