• Post Reply Bookmark Topic Watch Topic
  • New Topic

HTTPS: is there a way to ignore the validation of certificates  RSS feed

 
marek duda
Greenhorn
Posts: 10
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
posted October 24, 2003 01:48 AM
--------------------------------------------------------------------------------
Howdy
I am working on a Project where I need to send Data via HTTPS to a Server.
I learned how to deal with HTTP and HTTPS from your Site, Thanks!
here some Code perhaps it helps to understand my problem:
System.setProperty("java.protocol.handler.pkgs","com.sun.net.ssl.internal.www.protocol");
System.setProperty("javax.net.ssl.trustStore","cacert");
java.security.Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
PrintWriter toServer;
URL url = new URL("https://mysuperfastserver/xxx");
HttpURLConnection urlcon1 = (HttpURLConnection)url.openConnection();
urlcon1.setDoOutput(true);
urlcon1.setDoInput(true);
try
{
toServer = new PrintWriter(urlcon1.getOutputStream());
...
Using HTTP works fine but HTTPS
throws javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateExpiredException: NotAfter: Sat Oct 20 20:21:51 CEST 2001
when I want the OutputStream
I understand why: because the SSL-certiciate is an old self-made I added to the trusted ones (keytool -> cacerts)
Now my Question: is there a possibility to ignore the validation of my certificate, a flag or whatever I can set?
Please don't write I need to Buy a valid Cert from Verisign or whatever, I'm just a student that won't be a solution for me!
There could be many Servers, so I don't wan't to Install all the time new self-made certificates!
Greetings
Marek
ps: sorry again for my clumsy english
 
Stephen Huey
Ranch Hand
Posts: 618
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I'm not sure from what you're saying *exactly* what it is you need to do, but I know that there were times when I thought I needed to bother with certificates just because I was interacting with an HTTPS site and that wasn't the case. You may be trying too hard, depending on your situation. It's possible that all you'll need is the open source Apache Commons HttpClient since it often takes care of a lot of details for you and thus gives you a high level object for doing things over HTTP and HTTPS. I actually do use it to interact with several HTTPS sites where I have to log in with a password, etc. Good luck...
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!