Menu
How do you disable certificate validation in JAX-WS client using javax.xml.ws.Service?
I tried creating an all-trusting TrustManager in the SSLSocketFactory and tried to bind it with BindingProvider
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new java.security.SecureRandom());
Map<String, Object> ctxt = ((BindingProvider) wsport ).getRequestContext();
ctxt.put(JAXWSProperties.SSL_SOCKET_FACTORY, sc.getSocketFactory());
but I still getting Exception: unable to find valid certification path to requested target
But it works when I just use
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
Or is there a way to make javax.xml.ws.Service use the HttpsURLConnection that I created?
612
If the SSL certificate is not validates as trusted or does not match the target host, an HTTPS and other SSL encrypted connection cannot be established and all attempts will result in SSLHandshakeException or IOException.
I found a solution here: http://schrepfler.blogspot.com.br/2009/06/relaxing-ssl-validation-for-jaxws.html
I'm using that solution calling the two static methods on a static block at the main class, like this:
static {
SSLUtilities.trustAllHostnames();
SSLUtilities.trustAllHttpsCertificates();
}
Hope this helps
EDIT: As David J. Liszewski pointed out, this breaks SSL/TLS for all connections from this JVM. So, keep that in mind.
57
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
