Solution: How to resolve un-trusted certificate in HttpURLConnection #31
Description
BTW, this issue is not "issue", just provide some solution to resolve un-trust certificate case in HttpURLConnection.
In my case, because my testrail is private instance, and unfortunately, the site's certificate is under un-trust and IT department still not fix it for me (long time, almost 3 months), so I have to fix it by code level.
IMPORTANT: Actually, you should connect to security site in SSL in trued certification, should not to manually TRUST ALL CONNECTION.
In class HTTPUtils, package com.rmn.testrail.util, add methods below:
public TrustManager[] trustCerts() {
TrustManager[] trustAllCerts = new TrustManager[] {
new X509TrustManager() {
@Override
public void checkClientTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {
}
@Override
public void checkServerTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {
}
@Override
public X509Certificate[] getAcceptedIssuers() {
return null;
}
}
};
return trustAllCerts;
}private static final String SSLCONTEXT_INSTANCE_STRING = "SSL";
public SSLContext setupSSLContext(TrustManager[] trustCerts) throws KeyManagementException, NoSuchAlgorithmException {
SSLContext sc = null;
sc = SSLContext.getInstance(SSLCONTEXT_INSTANCE_STRING);
sc.init(null, trustCerts, new SecureRandom());
return sc;
} /**
* Create all-trusting host name verifier
* @return
*/
public HostnameVerifier enabledAllHostsValid() {
HostnameVerifier allHostsValid = new HostnameVerifier() {
@Override
public boolean verify(String s, SSLSession sslSession) {
return true;
}
};
return allHostsValid;
}and then, enabled all http url connection to trust, modify method getHTTPRequest of HTTPUtils class, add the codes before HttpURLConnection connection = (HttpURLConnection) new URL(completeUrl).openConnection(); and after the method declared:
// Handle self-signed Certificate
TrustManager[] trustAllCerts = trustCerts();
SSLContext sc = null;
try {
sc = setupSSLContext(trustAllCerts);
} catch (KeyManagementException e) {
e.printStackTrace();
throw new RuntimeException("Key Management Exception.");
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
throw new RuntimeException("No Such Algorithm Exception.");
}
HostnameVerifier allHostsValid = enabledAllHostsValid();
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid);Also, you have to resolve other http request method such as POST, PATCH, and others.