Class TrustSelfSignedStrategy

  • All Implemented Interfaces:
    org.apache.hc.core5.ssl.TrustStrategy

    @Deprecated
    @Contract(threading=STATELESS)
    public class TrustSelfSignedStrategy
    extends java.lang.Object
    implements org.apache.hc.core5.ssl.TrustStrategy
    Deprecated.
    For self-signed certificates prefer specifying a keystore containing the certificate when calling the SSLContextBuilder loadTrustMaterial methods.
    A trust strategy that accepts self-signed certificates as trusted. Verification of all other certificates is done by the trust manager configured in the SSL context.

    Security Warning

    This acts like TrustAllStrategy, with the only restriction that the certificate chain must have length 1. This means this trust strategy does not protect against man-in-the-middle attacks. See the TrustAllStrategy for more information and more secure alternatives.
    Since:
    4.1
    • Constructor Detail

      • TrustSelfSignedStrategy

        public TrustSelfSignedStrategy()
        Deprecated.
    • Method Detail

      • isTrusted

        public boolean isTrusted​(java.security.cert.X509Certificate[] chain,
                                 java.lang.String authType)
                          throws java.security.cert.CertificateException
        Deprecated.
        Specified by:
        isTrusted in interface org.apache.hc.core5.ssl.TrustStrategy
        Throws:
        java.security.cert.CertificateException