W3Docs

Appearance

  1. Snippets
  2. Java
  3. Accept server's self-signed ssl certificate in Java client

Accept server's self-signed ssl certificate in Java client

To accept a server's self-signed SSL certificate in a Java client, you can create a custom javax.net.ssl.X509TrustManager and use it to override the default trust manager. The custom trust manager will trust all SSL certificates, including self-signed ones.

Here is an example of how you can create a custom trust manager to accept a server's self-signed SSL certificate in a Java client:

java
import java.security.cert.X509Certificate;

import javax.net.ssl.X509TrustManager;

public class CustomTrustManager implements X509TrustManager {
    @Override
    public void checkClientTrusted(X509Certificate[] x509Certificates, String s) {
        // Trust all clients
    }

    @Override
    public void checkServerTrusted(X509Certificate[] x509Certificates, String s) {
        // Trust all servers
    }

    @Override
    public X509Certificate[] getAcceptedIssuers() {
        // Return empty array of certificates
        return new X509Certificate[0];
    }
}

This code defines a custom trust manager, CustomTrustManager, that trusts all SSL certificates by overriding the checkClientTrusted() and checkServerTrusted() methods.

⚠️ Security Warning: This approach disables certificate validation entirely. It should only be used for testing or development environments. Never use this in production, as it makes your application vulnerable to man-in-the-middle attacks.

To use the custom trust manager, you will need to create an SSLContext and set the trust manager using the init() method. Here is a complete, modern example using the built-in java.net.http.HttpClient (Java 11+):

java
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import java.net.URI;
import java.net.http.HttpClient;
import java.net.http.HttpRequest;
import java.net.http.HttpResponse;

public class Main {
    public static void main(String[] args) throws Exception {
        // Create an SSL context with the custom trust manager
        SSLContext sslContext = SSLContext.getInstance("TLS");
        sslContext.init(null, new TrustManager[] { new CustomTrustManager() }, null);

        // Create an HTTP client with the custom SSL context
        HttpClient client = HttpClient.newBuilder()
                .sslContext(sslContext)
                .build();

        try {
            // Create and send an HTTP request
            HttpRequest request = HttpRequest.newBuilder()
                    .uri(URI.create("https://example.com"))
                    .GET()
                    .build();

            HttpResponse<String> response = client.send(request, HttpResponse.BodyHandlers.ofString());
            System.out.println("Status: " + response.statusCode());
            System.out.println("Body: " + response.body());
        } finally {
            // Close the client to release resources
            client.close();
        }
    }
}

This example demonstrates how to configure the SSLContext, attach it to a modern HttpClient, execute a request, handle the response, and properly close the client.

Dual-run preview — compare with live Symfony routes.