Platinum Partner
ssl

How to call a rest webservice with an untrusted SSL certificate

In our development environments we have configured self signed SSL certificates for our applications. Obviously we won't spend money for internal dev servers. So, what we do is self sign certificates and there is where the problems starts.

I use Jersey rest client to call rest webservices and this is the workaround that I did to get to actual dev service with the self signed certificate.

I hope this works for you. Follow me on twitter @rasensio or visit my site www.rodrigoasensio.com

TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
public X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkClientTrusted(X509Certificate[] certs, String authType) {}
public void checkServerTrusted(X509Certificate[] certs, String authType) {}
} };

SSLContext context = SSLContext.getInstance("TLS");
context.init(null, trustAllCerts, new SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(context.getSocketFactory());

ClientConfig config = new DefaultClientConfig();
config.getProperties().put(HTTPSProperties.PROPERTY_HTTPS_PROPERTIES, new HTTPSProperties(new HostnameVerifier() {
@Override
public boolean verify(String s, SSLSession sslSession) {
return true;
}
}, context));

Client client = Client.create(config);
client.setFollowRedirects(true);
WebResource resource = client.resource("https://myserver/myws");
resource.accept(MediaType.APPLICATION_JSON_TYPE);
String result = resource.post(String.class);
{{ tag }}, {{tag}},

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}
{{ parent.authors[0].realName || parent.author}}

{{ parent.authors[0].tagline || parent.tagline }}

{{ parent.views }} ViewsClicks
Tweet

{{parent.nComments}}