Trusting a self-signed certificate

[notfed]

Hi,

I'm using OpenJDK6 (installed via java/openjdk6) and trying to create a web service client with Java Axis2/Rampart. The server is using a self-signed SSL certificate, and my client is rejecting it as untrusted.

This is just a test project, so I'd like to add the self-signed certificate to my list of trusted certificates. How do I do this? I thought I'd just have to add the certificate to /usr/local/openjdk6/jre/lib/security/cacerts but I don't know the default KeyStore password!

Thanks,
Jay

 

[olav]

You need to let the TrustManager in Java accept self signed certificates. I have a code example that does that.

import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLSession;

public class UnsignedCertificate {
	public static void activate(){
		// Create a trust manager that does not validate certificate chains
		TrustManager[] trustAllCerts = new TrustManager[]{
		    new X509TrustManager() {
		        public java.security.cert.X509Certificate[] getAcceptedIssuers() {
		            return null;
		        }
		        public void checkClientTrusted(
		            java.security.cert.X509Certificate[] certs, String authType) {
		        }
		        public void checkServerTrusted(
		            java.security.cert.X509Certificate[] certs, String authType) {
		        }
		    }
		};
		HttpsURLConnection.setDefaultHostnameVerifier( new HostnameVerifier(){
			public boolean verify(String string,SSLSession ssls) {
				return true;
			}
		});
		// Install the all-trusting trust manager
		try {
			SSLContext sc = SSLContext.getInstance("SSL");
			sc.init(null, trustAllCerts, new java.security.SecureRandom());
		HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
		} catch (Exception e) {
		}
	}
}