Package org.apache.hc.client5.http.ssl

Class TrustSelfSignedStrategy

java.lang.Object

org.apache.hc.client5.http.ssl.TrustSelfSignedStrategy

All Implemented Interfaces:

org.apache.hc.core5.ssl.TrustStrategy

@Deprecated
@Contract(threading=STATELESS)
public class TrustSelfSignedStrategy
extends java.lang.Object
implements org.apache.hc.core5.ssl.TrustStrategy

Deprecated.

For self-signed certificates prefer specifying a keystore containing the certificate when calling the SSLContextBuilder loadTrustMaterial methods.

A trust strategy that accepts self-signed certificates as trusted. Verification of all other certificates is done by the trust manager configured in the SSL context.

Security Warning

This acts like TrustAllStrategy, with the only restriction that the certificate chain must have length 1. This means this trust strategy does not protect against man-in-the-middle attacks. See the TrustAllStrategy for more information and more secure alternatives.

Since:

4.1

Field Summary

Fields

Modifier and Type	Field	Description
static TrustSelfSignedStrategy	INSTANCE	Deprecated.

Constructor Summary

Constructors

Constructor	Description
TrustSelfSignedStrategy()	Deprecated.

Method Summary

Modifier and Type	Method	Description
boolean	isTrusted(java.security.cert.X509Certificate[] chain, java.lang.String authType)	Deprecated.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

INSTANCE

public static final TrustSelfSignedStrategy INSTANCE

Deprecated.

Constructor Detail

TrustSelfSignedStrategy

public TrustSelfSignedStrategy()

Deprecated.

Method Detail

isTrusted

public boolean isTrusted(java.security.cert.X509Certificate[] chain,
                         java.lang.String authType)
                  throws java.security.cert.CertificateException

Deprecated.

Specified by:

isTrusted in interface org.apache.hc.core5.ssl.TrustStrategy

Throws:

java.security.cert.CertificateException