Only 49 hours left in the trailboss' kickstarter!

New rewards and stretch goals. CLICK HERE!



  • Post Reply Bookmark Topic Watch Topic
  • New Topic

HTTPS: ignoring Certificates  RSS feed

 
marek duda
Greenhorn
Posts: 10
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Howdy
I am working on a Project where I need to send Data via HTTPS to a Server.
I learned how to deal with HTTP and HTTPS from your Site, Thanks!
here some Code perhaps it helps to understand my problem:
System.setProperty("java.protocol.handler.pkgs","com.sun.net.ssl.internal.www.protocol");
System.setProperty("javax.net.ssl.trustStore","cacert");
java.security.Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());

PrintWriter toServer;
URL url = new URL("https://mysuperfastserver/xxx");
HttpURLConnection urlcon1 = (HttpURLConnection)url.openConnection();
urlcon1.setDoOutput(true);
urlcon1.setDoInput(true);
try
{
toServer = new PrintWriter(urlcon1.getOutputStream());
...
Using HTTP works fine but HTTPS
throws javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateExpiredException: NotAfter: Sat Oct 20 20:21:51 CEST 2001
when I want the OutputStream
I understand why: because the SSL-certiciate is an old self-made I added to the trusted ones (keytool -> cacerts)
Now my Question: is there a possibility to ignore the validation of my certificate, a flag or whatever I can set?
Please don't write I need to Buy a valid Cert from Verisign or whatever, I'm just a student that won't be a solution for me!
There could be many Servers, so I don't wan't to Install all the time new self-made certificates!
Greetings
Marek
 
It is sorta covered in the JavaRanch Style Guide.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!