-
Notifications
You must be signed in to change notification settings - Fork 5
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Disabling SSL checks doesn't work #94
Comments
Hi, thanks for raising the issue. |
Cool should be able to get you something by end of next week. So we're on the same page:
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
There's a bunch of StackOverflow answers and Kong/unirest-java#197 pointing out how to disable SSL certificate and hostname checks using something like:
But it looks like that won't work for this library as implemented because at least the sync RestClient uses a connection manager and because of that the calls to setSSLContext have no effect.
It looks like what needs to change is at https://github.com/josueeduardo/rest-client/blob/master/src/main/java/io/joshworks/restclient/http/ClientBuilder.java#L55 if a custom sslContext is present the connection manager needs to be configured to use it.
Ex. I created a custom build with the following to just always disable SSL checks (long story)
So it seems like you'd definitely need a custom SSLConnectionSocketFactory if a sslContext has been set. And maybe also make it possible to disable host name verification on the configuration object?
Happy to provide a PR if you agree.
The text was updated successfully, but these errors were encountered: