Return-Path: Delivered-To: apmail-tomcat-users-archive@www.apache.org Received: (qmail 96011 invoked from network); 5 Nov 2008 14:18:12 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 5 Nov 2008 14:18:12 -0000 Received: (qmail 8934 invoked by uid 500); 5 Nov 2008 14:18:06 -0000 Delivered-To: apmail-tomcat-users-archive@tomcat.apache.org Received: (qmail 8904 invoked by uid 500); 5 Nov 2008 14:18:06 -0000 Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Users List" Delivered-To: mailing list users@tomcat.apache.org Received: (qmail 8893 invoked by uid 99); 5 Nov 2008 14:18:06 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 05 Nov 2008 06:18:06 -0800 X-ASF-Spam-Status: No, hits=1.2 required=10.0 tests=SPF_NEUTRAL X-Spam-Check-By: apache.org Received-SPF: neutral (athena.apache.org: local policy) Received: from [76.96.62.96] (HELO QMTA09.westchester.pa.mail.comcast.net) (76.96.62.96) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 05 Nov 2008 14:16:48 +0000 Received: from OMTA04.westchester.pa.mail.comcast.net ([76.96.62.35]) by QMTA09.westchester.pa.mail.comcast.net with comcast id bSCL1a0070ldTLk59SHMlo; Wed, 05 Nov 2008 14:17:21 +0000 Received: from [192.168.1.105] ([68.50.99.121]) by OMTA04.westchester.pa.mail.comcast.net with comcast id bSHF1a00C2d8Sh83QSHMgM; Wed, 05 Nov 2008 14:17:21 +0000 X-Authority-Analysis: v=1.0 c=1 a=xe8BsctaAAAA:8 a=CMzKXlTJzjkhM-Yl1awA:9 a=zYGk6CiqOXepuD5qITIA:7 a=MW6YM-h0VCY3C766wLA34sE4sWEA:4 a=rPt6xJ-oxjAA:10 Message-ID: <4911AAE4.8000300@christopherschultz.net> Date: Wed, 05 Nov 2008 09:17:08 -0500 From: Christopher Schultz User-Agent: Thunderbird 2.0.0.17 (Windows/20080914) MIME-Version: 1.0 To: Slav Inger , Tomcat Users List Subject: Re: Tomcat problem References: <797293.22090.qm@web65501.mail.ac4.yahoo.com> In-Reply-To: <797293.22090.qm@web65501.mail.ac4.yahoo.com> X-Enigmail-Version: 0.95.7 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Slav, Slav Inger wrote: > I saw your reply (on tomcat-user list) to a person who was having > trouble with Tomcat and SSL. Please keep on-topic messages on the list. I have cc'd the list for their edification. > Could you please elaborate on how to disable the cert validation > check? This code has worked for me in the past: import java.security.KeyManagementException; import java.security.NoSuchAlgorithmException; import java.security.cert.X509Certificate; import javax.net.ssl.SSLContext; import javax.net.ssl.TrustManager; import javax.net.ssl.X509TrustManager; import javax.net.ssl.HttpsURLConnection; public static void disableSSLCertificateChecking() throws NoSuchAlgorithmException, KeyManagementException { TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() { public X509Certificate[] getAcceptedIssuers() { return null; } public void checkClientTrusted(X509Certificate[] certs, String authType) { } public void checkServerTrusted(X509Certificate[] certs, String authType) { } } }; SSLContext sc = SSLContext.getInstance("SSL"); sc.init(null, trustAllCerts, new java.security.SecureRandom()); HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory()); } Hope that helps, - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkkRquQACgkQ9CaO5/Lv0PC70gCgsxDYnvhDeE4YJSfMJ3rH4pia PIcAoJecl5qN9jrB3l1eYHBATekJVq5z =+G16 -----END PGP SIGNATURE----- --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org For additional commands, e-mail: users-help@tomcat.apache.org