Is there a java setting for disabling certificate validation

Question

I received this error while trying to start up an application    Sun security validator ValidatorException  PKIX path validation failed   java security cert CertPathValidatorException   java net UnknownHostException oscp thawte com   The application is behind a closed network and won t ever be able to get to oscp thawte com  Is there a java setting that can disable this

User · Accepted Answer

-Dcom sun net ssl checkRevocation false

User · Answer

In Axis webservice and if you have to disable the certificate checking then use below code   AxisProperties setProperty  axis socketSecureFactory   org apache axis components net SunFakeTrustSocketFactory

User · Answer

Not exactly a setting but you can override the default TrustManager and HostnameVerifier to accept anything  Not a safe approach but in your situation  it can be acceptable   Complete example   Fix certificate problem in HTTPS

User · Answer

In addition to the answers above  You can do it programmatically by implementing the TrustManager   TrustManager   trustAllCerts   new TrustManager             new X509TrustManager               public java security cert X509Certificate   getAcceptedIssuers                return null                         Override           public void checkClientTrusted X509Certificate   arg0  String arg1             throws CertificateException                Override           public void checkServerTrusted X509Certificate   arg0  String arg1              throws CertificateException                           SSLContext sc null    try      sc   SSLContext getInstance  SSL        catch  NoSuchAlgorithmException e       e printStackTrace          try      sc init null  trustAllCerts  new java security SecureRandom         catch  KeyManagementException e       e printStackTrace          HttpsURLConnection setDefaultSSLSocketFactory sc getSocketFactory          Create all-trusting host name verifier   HostnameVerifier validHosts   new HostnameVerifier        Override   public boolean verify String arg0  SSLSession arg1       return true                All hosts will be valid   HttpsURLConnection setDefaultHostnameVerifier validHosts     However this is not a good practice for production   This example on How to disable SSL certificat validation in Java contains a utility class you can copy in your project

User · Answer

It is very simple  In my opinion it is the best way for everyone          Unirest config   verifySsl false          HttpResponse lt String gt  response   null         try              Gson gson   new Gson               response   Unirest post  your api url                       header  Authorization    Basic      authkey                       header  Content-Type    application json                       body  request body                       asString               System out println  ------RESPONSE -------   gson toJson response getBody               catch  Exception e               System out println  ------RESPONSE ERROR--               e printStackTrace

User · Answer

On my Mac that I m sure I m not going to allow java anyplace other than a specific site  I was able to use Preferences- Java to bring up the Java control panel and turned the checking off   If DLink ever fixes their certificate  I ll turn it back on

User · Answer

Use cli utility keytool from java software distribution for import  and trust   needed certificates  Sample     From cli change dir to jre bin Check keystore  file found in jre bin directory  keytool -list -keystore    lib security cacerts Enter keystore password  changeit  Download and save all certificates chain from needed server  Add certificates  before need to remove  read-only  attribute on file     lib security cacerts    keytool -alias REPLACE TO ANY UNIQ NAME -import -keystore    lib security cacerts -file  r  root crt    accidentally I found such a simple tip   Other solutions require the use of InstallCert Java and JDK  source  http   www java-samples com showtutorial php tutorialid 210

[java] Is there a java setting for disabling certificate validation?

Examples related to java

Examples related to ssl-certificate