Setting https certificate trusted in Java

After digging a lot in web, I found the following snippet is useful in some scenarios, where we tries to connect to a HTTPS URL from our java code.

Note: This solution will void the purpose of HTTPS, hence use it only if you are okay with the risk of disabling this security.
 import java.io.BufferedReader;
 import java.io.IOException;
 import java.io.InputStreamReader;
 import java.net.MalformedURLException;
 import java.net.URL;
 import java.net.URLConnection;
 import java.security.KeyManagementException;
 import java.security.NoSuchAlgorithmException;
 import java.security.cert.CertificateException;
 import java.security.cert.X509Certificate;
 
 import javax.net.ssl.HostnameVerifier;
 import javax.net.ssl.HttpsURLConnection;
 import javax.net.ssl.SSLContext;
 import javax.net.ssl.SSLSession;
 import javax.net.ssl.TrustManager;
 import javax.net.ssl.X509TrustManager;
 
public class MySSLCertificateManager {
 
public static void main(String[] args) {
 String result = "";
 String urlString = "https://jyothis.co.in/";
 URL url = null;
 URLConnection urlConn = null;
 String str = null;
 
try {
 HostnameVerifier verifier = new HostnameVerifier() {
 @Override
 public boolean verify(String urlHostName, SSLSession session) {
 return true;
 }
 };
 // Invoking method to trust all certificates blindly.
 try {
 trustAllHttpsCertificates();
 } catch (KeyManagementException e) {
 e.printStackTrace();
 } catch (NoSuchAlgorithmException e) {
 e.printStackTrace();
 }
 HttpsURLConnection.setDefaultHostnameVerifier(verifier);
 
url = new URL(urlString);
 urlConn = url.openConnection();
 urlConn.setDoInput(true);
 urlConn.setUseCaches(false);
 
urlConn.setRequestProperty("Content-Type",
 "application/x-www-form-urlencoded");
 BufferedReader bufferedReader = new BufferedReader(
 new InputStreamReader(urlConn.getInputStream()));
 
while (null != ((str = bufferedReader.readLine()))) {
 if (str.length() > 0) {
 str = str.trim();
 if (!str.equals("")) {
 result += str;
 }
 }
 }
 bufferedReader.close();
 } catch (MalformedURLException mue) {
 mue.printStackTrace();
 } catch (IOException ioe) {
 ioe.printStackTrace();
 }
 System.out.println("Result :" + result);
 }

 

/**
 * Creating a customized Inner class to implement the SSL TrustManager
 */
 public static class MyCustomTrustManager implements TrustManager,
 X509TrustManager {
 public X509Certificate[] getAcceptedIssuers() {
 return null;
 }
 
public boolean isServerTrusted(X509Certificate[] certs) {
 return true;
 }
 
public boolean isClientTrusted(X509Certificate[] certs) {
 return true;
 }
 
public void checkServerTrusted(X509Certificate[] certs, String authType)
 throws CertificateException {
 return;
 }
 
public void checkClientTrusted(X509Certificate[] certs, String authType)
 throws CertificateException {
 return;
 }
 }
 
/**
 * Asking to trust all the HTTPS certificates blindly. Needs to be careful,
 * when the HTTPS URLs are not known to us.
 *
 * @throws NoSuchAlgorithmException
 * @throws KeyManagementException
 * @throws Exception
 */
 private static void trustAllHttpsCertificates()
 throws NoSuchAlgorithmException, KeyManagementException {
 TrustManager[] trustAllCerts = new TrustManager[1];
 TrustManager myTrustManager = new MyCustomTrustManager();
 trustAllCerts[0] = myTrustManager;
 SSLContext sslContext = SSLContext.getInstance("SSL");
 sslContext.init(null, trustAllCerts, null);
 HttpsURLConnection.setDefaultSSLSocketFactory(sslContext
 .getSocketFactory());
 }
 
}

 

 

 

0 thoughts on “Setting https certificate trusted in Java

  1. I am using same code but, I am getting below error: Please assist
    java.io.IOException: Server returned HTTP response code: 403 for URL

Leave a Reply

Your email address will not be published. Required fields are marked *