How can i disable certifcate verification at client side. I dont need to verify the certificate at client side.
Can you help me achieve HTTPS connection without verifying certifcate at client side. On Wed, Apr 20, 2016 at 3:34 PM, <e...@zusammenkunft.net> wrote: > Hello, > > If you specify a URL with an IP literal, then the target host must have a > SSL/TLS certificate mentioning this name as commonName or > subjectAlternateName. This prevents person-in-the-middle attacks and is, as > you noticed enforced by the Hostname Verifier. > > Not sure about android, but on a pc i would add a hostname alias to the > /etc/hosts file and specify the name in the URL for testing purposes > (production servers should obviously use DNS). > > If you absolutely must use an IP you could think about a specific verifier > which binds the certificate to the IP with no additional checking. > > As for your "other error", you need to tell us which one. > > Does not look like an issue with Android or your code so far. > > Gruss > Bernd > > -- > http://bernd.eckenfels.net > > -----Original Message----- > From: Sunil Chandrasekharan <sunil.kai...@gmail.com> > To: httpclient-users@hc.apache.org > Sent: Mi., 20 Apr. 2016 8:02 > Subject: issue with https connection using Apache http client 4.3.5 with > android > > Hi , > > I am trying to implement https connection support using Apache http client > 4.3.5 on my Android devices > > HttpClientBuilder builder = HttpClientBuilder.create();KeyStore > trustStore = KeyStore.getInstance(KeyStore.getDefaultType()); > trustStore.load(null, null); > SSLContext sslContext = > SSLContexts.custom().loadTrustMaterial(trustStore, new > TrustSelfSignedStrategy()).build(); > SSLConnectionSocketFactory sslConnectionFactory = new > SSLConnectionSocketFactory(sslContext, new String[] { "TLSv1" > },null,SSLConnectionSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER); > > builder.setSSLSocketFactory(sslConnectionFactory); > Registry<ConnectionSocketFactory> registry = > RegistryBuilder.<ConnectionSocketFactory>create() > .register("https", sslConnectionFactory) > .register("http", PlainConnectionSocketFactory.getSocketFactory()) > .build(); > HttpClientConnectionManager connectionManager = new > BasicHttpClientConnectionManager(registry); > builder.setConnectionManager(connectionManager); > > builder.setDefaultCredentialsProvider(credsProvider); > builder.setRedirectStrategy(new MyRedirectStrategy()); > > builder.setHostnameVerifier(SSLConnectionSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER);CloseableHttpClient > client = builder.build(); > > I did this example by referring many posts on SSL confirguration with > Apache HttpClient 4.3.5 > > But when i try to run, my execute method fails with this error > > javax.net.ssl.SSLException: hostname in certificate didn't match: > <12.17.7.0> != <suniltv.com.in> > at > org.apache.http.conn.ssl.AbstractVerifierHC4.verify(AbstractVerifierHC4.java:234) > > I tried lot of samples given on web related to ApacheHTTPclient > library 4.3.5 . But i am just not able to come out of this situation. > I dont know what is happening . > > I even tried changing to Allow-All-HostNameVerifier. but it gives > another exception. > > Kindly help me to achieve HTTPS connection > > --------------------------------------------------------------------- > To unsubscribe, e-mail: httpclient-users-unsubscr...@hc.apache.org > For additional commands, e-mail: httpclient-users-h...@hc.apache.org > >
