Crap, my fat fingered typing prematurely sent the
response.
Execute this at any time before the SSL session:
public static void trustAllCerts() throws Exception {
ProtocolSocketFactory sf=new
EasySSLProtocolSocketFactory();
Protocol p = new Protocol("https", sf, 443);
Protocol.registerProtocol("https", p);
}
As a side comment, is there any reason why the
contribs area is not included by default in the
httpclient binary distribution? It just complicates my
project management, seemingly unnecessarily.
Thanks again Greg!
-George
--- "Moore, Greg" <[EMAIL PROTECTED]> wrote:
> George,
> Did you take a look at
> http://hc.apache.org/httpclient-3.x/sslguide.html
> at the EasySSLProtocolSocketFactory. there is an
> EasySSLProtocolSocketFactory and an EasyTrustmanager
> in SVN that seem to
> do ok. of course I wouldn't use it for production.
>
> maybe this would help too.
>
http://www.matthewekent.com/2007/09/httpclient-ssl-support-how-to-.html
>
>
> Greg.
>
> -----Original Message-----
> From: George Ludwig [mailto:[EMAIL PROTECTED]
> Sent: Monday, April 07, 2008 5:07 PM
> To: HttpClient User Discussion
> Subject: getting httpclient to trust all certs for
> ssl?
>
> This seems to have come up before, but I've not been
> able to find a resolution that works.
>
> Basically, I want to trust all SSL certs. I doing
> web
> harvesting, and I just don't care if a cert is
> valid,
> self signed, or has valid trust chain.
>
> I've tried a couple of solutions I found on the web,
> but they don't seem to work. Does anyone have a
> reliable solution to this?
>
> The last one I tried was this:
>
> public static void trustAllCerts() {
> // Create a trust manager that does not validate
> certificate chains
> TrustManager[] trustAllCerts = new
> TrustManager[]{
> new X509TrustManager() {
> public
> java.security.cert.X509Certificate[]
> getAcceptedIssuers() {
> return null;
> }
> public void checkClientTrusted(
> java.security.cert.X509Certificate[]
> certs, String authType) {
> }
> public void checkServerTrusted(
> java.security.cert.X509Certificate[]
> certs, String authType) {
> }
> }
> };
>
> // Install the all-trusting trust manager
> try {
> SSLContext sc =
> SSLContext.getInstance("SSL");
> sc.init(null, trustAllCerts, new
> java.security.SecureRandom());
>
>
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
> } catch (Exception e) {
> }
> }
>
> I'm currently getting this exception:
>
> javax.net.ssl.SSLHandshakeException:
> sun.security.validator.ValidatorException: PKIX path
> validation failed:
> java.security.cert.CertPathValidatorException: Path
> does not chain with any of the trust anchors
> error!
>
>
> [stack trace deleted]
>
>
> This message and any attachments are intended only
> for the use of the addressee and may contain
> information that is privileged and confidential. If
> the reader of the message is not the intended
> recipient or an authorized representative of the
> intended recipient, you are hereby notified that any
> dissemination of this communication is strictly
> prohibited. If you have received this communication
> in error, please notify us immediately by e-mail and
> delete the message and any attachments from your
> system.
>
>
---------------------------------------------------------------------
> To unsubscribe, e-mail:
> [EMAIL PROTECTED]
> For additional commands, e-mail:
> [EMAIL PROTECTED]
>
>
____________________________________________________________________________________
You rock. That's why Blockbuster's offering you one month of Blockbuster Total
Access, No Cost.
http://tc.deals.yahoo.com/tc/blockbuster/text5.com
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
