Trusting all certificates using HttpClient over HTTPS

To trust all certificates when using the Apache HttpClient library to make HTTPS requests, you can create a custom X509TrustManager implementation that trusts all certificates and use it to create an SSLContext with a custom TrustStrategy. You can then use this SSLContext to create an SSLConnectionSocketFactory, which you can use to build an HttpClient that trusts all certificates.

Here's an example of how you can create an HttpClient that trusts all certificates using this approach:

import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.TrustStrategy;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.ssl.SSLContextBuilder;


public class TrustAllHttpClient {

  public static CloseableHttpClient getInstance() throws Exception {
    TrustStrategy trustStrategy = new TrustStrategy() {
      public boolean isTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {
        return true;

    SSLContext sslContext = SSLContextBuilder.create().loadTrustMaterial(null, trustStrategy).build();
    SSLConnectionSocketFactory sslSocketFactory = new SSLConnectionSocketFactory(sslContext);

    return HttpClients.custom().setSSLSocketFactory(sslSocketFactory).build();

You can then use the getInstance method of the TrustAllHttpClient class to get an HttpClient instance that trusts all certificates:

CloseableHttpClient httpClient = TrustAllHttpClient.getInstance();

Keep in mind that trusting all certificates can make your application vulnerable to man-in-the-middle attacks. It is generally recommended to use a trusted certificate authority (CA) to verify the authenticity of the server's certificate.