Package uk.ac.ebi.utils.opt.net

Class SSLUtils

java.lang.Object
uk.ac.ebi.utils.opt.net.SSLUtils
public final class SSLUtils extends Object
SSL Utilities. At the moment contains methods to disable SSL certificate verification in HTTP connections. WARNING: doing this is UNSAFE, you should fix the bad certificate on server side instead. Courtesy of this.
Author:
brandizi
Date:
29 Nov 2016

  • Field Details

    • FAKE_SSL_CONTEXT

      public static final SSLContext FAKE_SSL_CONTEXT

    • FAKE_TLS_STRATEGY

      public static final org.apache.hc.client5.http.ssl.DefaultClientTlsStrategy FAKE_TLS_STRATEGY

    • FAKE_HTTP_CLIENT_CONNECTION_MANAGER

      public static final org.apache.hc.client5.http.io.HttpClientConnectionManager FAKE_HTTP_CLIENT_CONNECTION_MANAGER

    • FAKE_AUTH_SCOPE

      public static final org.apache.hc.client5.http.auth.AuthScope FAKE_AUTH_SCOPE

  • Constructor Details

    • SSLUtils

      public SSLUtils()

  • Method Details

    • trustAllHostnames

      public static void trustAllHostnames()
      Set the default host name Verifier to an instance of a fake class that trust all hostnames.

    • trustAllHttpsCertificates

      public static void trustAllHttpsCertificates()
      Set the default X509 Trust Manager to an instance of a fake class that trust all certificates, even the self-signed ones.

    • noCertClient

      public static org.apache.hc.client5.http.classic.HttpClient noCertClient(String user, String pwd)
      Gets an HttpClient that doesn't do any SSL certificate verification. If user is null, returns a client that doesn't deal with authentication, else sets up a client that does basic HTTP Auth.