Class TrustAllStrategy

  • All Implemented Interfaces:
    org.apache.hc.core5.ssl.TrustStrategy

    @Contract(threading=STATELESS)
    public class TrustAllStrategy
    extends java.lang.Object
    implements org.apache.hc.core5.ssl.TrustStrategy
    A trust strategy that accepts all certificates as trusted.

    Security Warning

    This trust strategy effectively disables trust verification of SSL / TLS, and allows man-in-the-middle attacks. If possible avoid this trust strategy and use more secure alternatives. For example, for self-signed certificates prefer specifying a keystore containing the certificate chain when calling the SSLContextBuilder loadTrustMaterial methods.
    Since:
    4.5.4, 5.0
    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      boolean isTrusted​(java.security.cert.X509Certificate[] chain, java.lang.String authType)  
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Constructor Detail

      • TrustAllStrategy

        public TrustAllStrategy()
    • Method Detail

      • isTrusted

        public boolean isTrusted​(java.security.cert.X509Certificate[] chain,
                                 java.lang.String authType)
                          throws java.security.cert.CertificateException
        Specified by:
        isTrusted in interface org.apache.hc.core5.ssl.TrustStrategy
        Throws:
        java.security.cert.CertificateException