Package org.apache.hc.client5.http.ssl
Class TrustAllStrategy
- java.lang.Object
-
- org.apache.hc.client5.http.ssl.TrustAllStrategy
-
- All Implemented Interfaces:
org.apache.hc.core5.ssl.TrustStrategy
@Contract(threading=STATELESS) public class TrustAllStrategy extends java.lang.Object implements org.apache.hc.core5.ssl.TrustStrategy
A trust strategy that accepts all certificates as trusted.Security Warning
This trust strategy effectively disables trust verification of SSL / TLS, and allows man-in-the-middle attacks. If possible avoid this trust strategy and use more secure alternatives. For example, for self-signed certificates prefer specifying a keystore containing the certificate chain when calling theSSLContextBuilder
loadTrustMaterial
methods.- Since:
- 4.5.4, 5.0
-
-
Field Summary
Fields Modifier and Type Field Description static TrustAllStrategy
INSTANCE
-
Constructor Summary
Constructors Constructor Description TrustAllStrategy()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description boolean
isTrusted(java.security.cert.X509Certificate[] chain, java.lang.String authType)
-
-
-
Field Detail
-
INSTANCE
public static final TrustAllStrategy INSTANCE
-
-