httpclient and ssl

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

httpclient and ssl

I am trying to set up httpclient to replace another ad hoc class we
have. It uses https. HttpClient fails the ssl handshake. The current
class has the following in a static initializer

    static {
         SSLContext context;
         SSLSocketFactory ssf;
         try {
              X509TrustManager trustManager = new X509TrustManager() {
                 public X509Certificate[] getAcceptedIssuers() {
                     return null;

                 public void checkClientTrusted(X509Certificate[] arg0,
tring arg1)
                     throws CertificateException {

                 public void checkServerTrusted(X509Certificate[] arg0,
String arg1)
                     throws CertificateException {

             HostnameVerifier verifier = new HostnameVerifier() {
                 public boolean verify(String arg0, SSLSession arg2) {
                     return true;

             TrustManager[] tma = {trustManager};
             context = SSLContext.getInstance("SSLv3");
             context.init(null, tma, null);

             ssf = context.getSocketFactory();
         catch (GeneralSecurityException e) {
             // if this has failed, we wont allow https connections
             failedToInitialize = true;

It works fine. Does anyone understand why this works and why HttpClient


To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]