1

I need to disable the SSL for a given url or for the restTemplate right know i can disable all the SSL's with the code bellow. How can i make this code for given URL only. Or how to disable it for the restTemplate.

 public class SSLTool {

            public static void disableCertificateValidation() {
                // Create a trust manager that does not validate certificate chains
                        TrustManager[] trustAllCerts = new TrustManager[] {
                                new X509TrustManager() {
                    public X509Certificate[] getAcceptedIssuers() {
                                                return new X509Certificate[0];
                                            }
                    public void checkClientTrusted(X509Certificate[] certs, String authType) {}
                    public void checkServerTrusted(X509Certificate[] certs, String authType) {}
                }};
        
                        // Ignore differences between given hostname and certificate hostname
                                HostnameVerifier hv = new HostnameVerifier() {
            public boolean verify(String hostname, SSLSession session) { return true; }
        };
        
                        // Install the all-trusting trust manager
                                try {
                        SSLContext sc = SSLContext.getInstance("SSL");
                        sc.init(null, trustAllCerts, new SecureRandom());
                        HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
                        HttpsURLConnection.setDefaultHostnameVerifier(hv);
                    } catch (Exception e) {/* intentionally left blank */}
            }
}
Improve this question
1
  • I have posted my answer, you can have a look Commented May 20, 2022 at 10:56

2 Answers 2

Reset to default
2

I solved this with the following code down below. here is the link to the source https://stackoverflow.com/a/42689331/16529288

TrustStrategy acceptingTrustStrategy = (X509Certificate[] chain, String authType) -> true;

SSLContext sslContext = org.apache.http.ssl.SSLContexts.custom()
        .loadTrustMaterial(null, acceptingTrustStrategy)
        .build();

SSLConnectionSocketFactory csf = new SSLConnectionSocketFactory(sslContext);

CloseableHttpClient httpClient = HttpClients.custom()
        .setSSLSocketFactory(csf)
        .build();

HttpComponentsClientHttpRequestFactory requestFactory =
        new HttpComponentsClientHttpRequestFactory();

requestFactory.setHttpClient(httpClient);

RestTemplate restTemplate = new RestTemplate(requestFactory);
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

Returning RestTemplate with SSL disabled can be achieved via below(You can add other properties as your requirements.) :

CloseableHttpClient client = HttpClients.custom().setSSLHostnameVerifier(new HostnameVerifier() {

            @Override
            public boolean verify(String hostname, SSLSession session) {
                return true;
            }
        }).setSSLHostnameVerifier(new HostnameVerifier() {

            @Override
            public boolean verify(String hostname, SSLSession session) {
                return true;
            }
        }).build();
        HttpComponentsClientHttpRequestFactory req = new HttpComponentsClientHttpRequestFactory(client);
        RestTemplate template = new RestTemplate(req);
Improve this answer

3 Comments

doesnt work still get the ssl exception
what error you are getting? share some more details
Added the answer down below thanks for your help.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.