How to bypass certificate checking in a Java web service client
In Java web service development environment, developer are always generate a test certificate using keytool
. While doing client testing, often times, the web service test client will hits following error messages :
- java.security.cert.CertificateException: No name matching localhost found
- SunCertPathBuilderException: unable to find valid certification path to requested target
Here’s a source code, that i copied from book : Java Web Services: Up and Running, 1st Edition by Martin Kalin, which is used to by pass all the certificate and hostname checking. A very useful code in testing environment ONLY, recommend to study and bookmark for future reference 🙂
Warning
Don’t try it at production environment, unless you have a very solid reason to by pass all the certificate checking. Ans if yes, why are you still using SSL connection? 🙂
Don’t try it at production environment, unless you have a very solid reason to by pass all the certificate checking. Ans if yes, why are you still using SSL connection? 🙂
package com.mkyong.client;
import java.net.MalformedURLException;
import java.net.URL;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.io.*;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
public class HttpsClient{
public static void main(String[] args)
{
new HttpsClient().testIt();
}
private TrustManager[ ] get_trust_mgr() {
TrustManager[ ] certs = new TrustManager[ ] {
new X509TrustManager() {
public X509Certificate[ ] getAcceptedIssuers() { return null; }
public void checkClientTrusted(X509Certificate[ ] certs, String t) { }
public void checkServerTrusted(X509Certificate[ ] certs, String t) { }
}
};
return certs;
}
private void testIt(){
String https_url = "https://localhost:8443/HelloWorld/hello?wsdl";
URL url;
try {
// Create a context that doesn't check certificates.
SSLContext ssl_ctx = SSLContext.getInstance("TLS");
TrustManager[ ] trust_mgr = get_trust_mgr();
ssl_ctx.init(null, // key manager
trust_mgr, // trust manager
new SecureRandom()); // random number generator
HttpsURLConnection.setDefaultSSLSocketFactory(ssl_ctx.getSocketFactory());
url = new URL(https_url);
HttpsURLConnection con = (HttpsURLConnection)url.openConnection();
// Guard against "bad hostname" errors during handshake.
con.setHostnameVerifier(new HostnameVerifier() {
public boolean verify(String host, SSLSession sess) {
if (host.equals("localhost")) return true;
else return false;
}
});
//dumpl all cert info
print_https_cert(con);
//dump all the content
print_content(con);
} catch (MalformedURLException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}catch (KeyManagementException e) {
e.printStackTrace();
}
}
private void print_https_cert(HttpsURLConnection con){
if(con!=null){
try {
System.out.println("Response Code : " + con.getResponseCode());
System.out.println("Cipher Suite : " + con.getCipherSuite());
System.out.println("\n");
Certificate[] certs = con.getServerCertificates();
for(Certificate cert : certs){
System.out.println("Cert Type : " + cert.getType());
System.out.println("Cert Hash Code : " + cert.hashCode());
System.out.println("Cert Public Key Algorithm : " + cert.getPublicKey().getAlgorithm());
System.out.println("Cert Public Key Format : " + cert.getPublicKey().getFormat());
System.out.println("\n");
}
} catch (SSLPeerUnverifiedException e) {
e.printStackTrace();
} catch (IOException e){
e.printStackTrace();
}
}
}
private void print_content(HttpsURLConnection con){
if(con!=null){
try {
System.out.println("****** Content of the URL ********");
BufferedReader br =
new BufferedReader(
new InputStreamReader(con.getInputStream()));
String input;
while ((input = br.readLine()) != null){
System.out.println(input);
}
br.close();
} catch (IOException e) {
e.printStackTrace();
}
}
}
}
How I make a PUT or DELETE request?
Thanks:)
i am using same code in mine its giving 401 exception
Hi there,
May I ask without newing the service, how may I call its methods please? the created HttpsURLConnection does not seem to contain the service methods.