-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Slav,
Slav Inger wrote:
> I saw your reply (on tomcat-user list) to a person who was having
> trouble with Tomcat and SSL.
Please keep on-topic messages on the list. I have cc'd the list for
their edification.
> Could you please elaborate on how to disable the cert validation
> check?
This code has worked for me in the past:
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import javax.net.ssl.HttpsURLConnection;
public static void disableSSLCertificateChecking()
throws NoSuchAlgorithmException, KeyManagementException
{
TrustManager[] trustAllCerts = new TrustManager[] {
new X509TrustManager() {
public X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkClientTrusted(X509Certificate[] certs,
String authType) {
}
public void checkServerTrusted(X509Certificate[] certs,
String authType) {
}
}
};
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new java.security.SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
}
Hope that helps,
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkkRquQACgkQ9CaO5/Lv0PC70gCgsxDYnvhDeE4YJSfMJ3rH4pia
PIcAoJecl5qN9jrB3l1eYHBATekJVq5z
=+G16
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
