hc-httpclient-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Simon Wong <simo...@gmail.com>
Subject How to set multiple SSLContext for Httpclient
Date Wed, 27 Sep 2017 06:32:46 GMT
If I choose the TrustSelfSignedStrategy.INSTANCE as the TrustStrategy, the
constructed HttpClient could be used for both self-signed and valid
certificate. But it could not be used to trust expired certificate (throws
java.security.cert.CertificateExpiredException exeption).

I guess if the HttpClientBuilder allows me to construct multiple SSLContext
and the problem should be solved. But I don't know how to set mutlple
SSLContext.

Current workaround is implement the TrustStrategy and always return "true"
in isTrusted() method.


        HttpClientBuilder clientBuilder = HttpClients.custom();

        SSLContext sslContext = SSLContexts.custom()
                .loadTrustMaterial((KeyStore) null,
TrustSelfSignedStrategy.INSTANCE)
                .build();

        try (CloseableHttpClient httpclient = clientBuilder
                .setSSLContext(sslContext)
                .setSSLHostnameVerifier(NoopHostnameVerifier.INSTANCE)
                .build()) {

            // working (valid cert)
            try (CloseableHttpResponse response = httpclient.execute(new
HttpGet("https://sha256.badssl.com/"))) {
                String bodyAsString =
EntityUtils.toString(response.getEntity());
                System.out.println("response 1: " + bodyAsString);
            }

            // working (trusted self-sgined cert)
            try (CloseableHttpResponse response = httpclient.execute(new
HttpGet("https://self-signed.badssl.com/"))) {
                String bodyAsString =
EntityUtils.toString(response.getEntity());
                System.out.println("response 2: " + bodyAsString);
            }

            // throw java.security.cert.CertificateExpiredException here
            try (CloseableHttpResponse response = httpclient.execute(new
HttpGet("https://expired.badssl.com/"))) {
                String bodyAsString =
EntityUtils.toString(response.getEntity());
                System.out.println("response 3: " + bodyAsString);
            }
        }

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message