Win a copy of Beginning Java 17 Fundamentals: Object-Oriented Programming in Java 17 this week in the Java in General forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Tim Cooke
  • Campbell Ritchie
  • Ron McLeod
  • Liutauras Vilda
  • Jeanne Boyarsky
Sheriffs:
  • Junilu Lacar
  • Rob Spoor
  • Paul Clapham
Saloon Keepers:
  • Tim Holloway
  • Tim Moores
  • Jesse Silverman
  • Stephan van Hulst
  • Carey Brown
Bartenders:
  • Al Hobbs
  • Piet Souris
  • Frits Walraven

creating naive Trust Providers to get around testing agaisnt a different domain to the cert

 
Ranch Hand
Posts: 333
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi all,
I am trying to test an application I have control over, however I can not change the application as that would invalidate the testing I am trying to carry out.
The application uses certificates to talk to a third party server.

The problem is, the values are hard coded, and we have hacked hosts file and iptables so we can connect it to the the third parties testing site.
(please dont ask, its horrible if you ask I may cry).

So the test site is a sub domain (partners.test.somedomain.com rather than partners.somedomain.com) and of course java complains.
So I would like to create a trust provider that just trusts everything.

Is it possible, from the command line, to somehow "install" this provider into the virtual machine so that my application will just trust all the responses?



Thanks
G

 
Gavin Tranter
Ranch Hand
Posts: 333
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Ok, seems the easiest way was to call the main class of the jar from an external class that had already added a naive security provide that just accepted everything.

Not the cleanest but it works.
 
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
reply
    Bookmark Topic Watch Topic
  • New Topic