Forked from aembleton/Ignore certificate for HttpURLConnection in Android.java
Last active
July 8, 2016 16:11
-
-
Save hunMyrte/d9b89e76deb4b67775d5741d2d586e7f to your computer and use it in GitHub Desktop.
The following code disables SSL certificate checking for any new instances of HttpsUrlConnection
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/** | |
* Disables the SSL certificate checking for new instances of {@link HttpsURLConnection} This has been created to | |
* aid testing on a local box, not for use on production. | |
*/ | |
/** | |
* Google has dropped support for Anonymous Diffie Hellman ciphers. So If your server uses, the connection works under Android 6.0. | |
*/ | |
private static void disableSSLCertificateChecking() { | |
HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() { | |
@Override | |
public boolean verify(String hostname, SSLSession session) { | |
return true; | |
} | |
}); | |
TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() { | |
public X509Certificate[] getAcceptedIssuers() { | |
return new java.security.cert.X509Certificate[]{}; | |
} | |
@Override | |
public void checkClientTrusted(X509Certificate[] arg0, String arg1) throws CertificateException { | |
// Not implemented | |
} | |
@Override | |
public void checkServerTrusted(X509Certificate[] arg0, String arg1) throws CertificateException { | |
// Not implemented | |
} | |
} }; | |
try { | |
SSLContext sc = SSLContext.getInstance("TLS"); | |
sc.init(null, trustAllCerts, new java.security.SecureRandom()); | |
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory()); | |
} catch (KeyManagementException e) { | |
e.printStackTrace(); | |
} catch (NoSuchAlgorithmException e) { | |
e.printStackTrace(); | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment