My Java application connects to a server via https. The server has a self-signed certificate, but Java is refusing the connection because it can't verify the validity of the certificate. I know I can force it to ignore the certificate completely, but then there's not much value in using https and certificates at all. I'm wondering if it's possible to bundle the server's self-signed certificate with the application, so that it recognizes the certificate from the server only if it matches.
I have found an answer here: telling java to accept self-signed ssl certificate, but this would require the user to run the command themselves. If possible I would like to be able to have the certificate bundled in the JAR, without the user needing to do anything for it to work.
Getting a proper certificate is not an option at this point.