org.apache.hc.client5.http.ssl

Class TrustSelfSignedStrategy

java.lang.Object

org.apache.hc.client5.http.ssl.TrustSelfSignedStrategy

All Implemented Interfaces:

org.apache.hc.core5.ssl.TrustStrategy

Deprecated.

For self-signed certificates prefer specifying a keystore containing the certificate when calling the SSLContextBuilder loadTrustMaterial methods.

@Deprecated
 @Contract(threading=STATELESS)
public class TrustSelfSignedStrategy
extends Object
implements org.apache.hc.core5.ssl.TrustStrategy

A trust strategy that accepts self-signed certificates as trusted. Verification of all other certificates is done by the trust manager configured in the SSL context.

Security Warning

This acts like TrustAllStrategy, with the only restriction that the certificate chain must have length 1. This means this trust strategy does not protect against man-in-the-middle attacks. See the TrustAllStrategy for more information and more secure alternatives.

Since:

4.1

Field Summary

Fields

Modifier and Type	Field and Description
static TrustSelfSignedStrategy	INSTANCE Deprecated.

Constructor Summary

Constructors

Constructor and Description
TrustSelfSignedStrategy() Deprecated.

Method Summary

Modifier and Type	Method and Description
boolean	isTrusted(X509Certificate[] chain, String authType) Deprecated.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

INSTANCE

public static final TrustSelfSignedStrategy INSTANCE

Deprecated.

Constructor Detail

TrustSelfSignedStrategy

public TrustSelfSignedStrategy()

Deprecated.

Method Detail

isTrusted

public boolean isTrusted(X509Certificate[] chain,
                         String authType)
                  throws CertificateException

Deprecated.

Specified by:

isTrusted in interface org.apache.hc.core5.ssl.TrustStrategy

Throws:

CertificateException