George, Did you take a look at http://hc.apache.org/httpclient-3.x/sslguide.html at the EasySSLProtocolSocketFactory. there is an EasySSLProtocolSocketFactory and an EasyTrustmanager in SVN that seem to do ok. of course I wouldn't use it for production.
maybe this would help too. http://www.matthewekent.com/2007/09/httpclient-ssl-support-how-to-.html Greg. -----Original Message----- From: George Ludwig [mailto:[EMAIL PROTECTED] Sent: Monday, April 07, 2008 5:07 PM To: HttpClient User Discussion Subject: getting httpclient to trust all certs for ssl? This seems to have come up before, but I've not been able to find a resolution that works. Basically, I want to trust all SSL certs. I doing web harvesting, and I just don't care if a cert is valid, self signed, or has valid trust chain. I've tried a couple of solutions I found on the web, but they don't seem to work. Does anyone have a reliable solution to this? The last one I tried was this: public static void trustAllCerts() { // Create a trust manager that does not validate certificate chains TrustManager[] trustAllCerts = new TrustManager[]{ new X509TrustManager() { public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; } public void checkClientTrusted( java.security.cert.X509Certificate[] certs, String authType) { } public void checkServerTrusted( java.security.cert.X509Certificate[] certs, String authType) { } } }; // Install the all-trusting trust manager try { SSLContext sc = SSLContext.getInstance("SSL"); sc.init(null, trustAllCerts, new java.security.SecureRandom()); HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory()); } catch (Exception e) { } } I'm currently getting this exception: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: Path does not chain with any of the trust anchors error! [stack trace deleted] This message and any attachments are intended only for the use of the addressee and may contain information that is privileged and confidential. If the reader of the message is not the intended recipient or an authorized representative of the intended recipient, you are hereby notified that any dissemination of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by e-mail and delete the message and any attachments from your system. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
