0

I have written some code in Java using the java.net.URL class for reading content from a url. Using java net url connection.


The URL is a secured URL (https).
For now, I have used the suggestion in this answer Dissable SSL Verification.

But I want to do this properly (i.e not dissable ssl verification). How do I achieve this? What are the steps I need to take to achieve this?
This might have been answered already, please point me in the right direction.

Community
  • 1
  • 1
A j
  • 909
  • 1
  • 14
  • 24
  • You need to install the SSL certificate from the host you're trying to access onto your machine. It's just the same with using a browser, if the SSL on the host isn't verifiable then you would need to add an exception. Depending on what OS you use, you can do this fairly easily. – px06 Oct 10 '16 at 11:17
  • If the server doesn't have a CA-signed certificate, complain to them about it. If you are 'them', fix it. There are ways to handle self-signed certificates, but even in the short term, let alone the long term, they are more expensive and less secure. – user207421 Oct 10 '16 at 11:21

1 Answers1

0

If the server uses a valid (signed by an CA) certificate, your code should not make any problems. If the server doesn't use a valid certificate you may import that certificate into your cacerts file of your client jvm:

keytool
    -import
    -alias <provide_an_alias>
    -file <certificate_file>
    -keystore <your_path_to_jre>/lib/security/cacerts

where <certificate file> is the certificate fetched from the webserver. However, this should only be done when connecting to a test environment.

Stefan
  • 430
  • 3
  • 15