Java - Trying to log into website with invalid ssl certificate using httpclient

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Posted by PCBEEF on Stack Overflow See other posts from Stack Overflow or by PCBEEF
Published on 2010-03-17T05:58:20Z Indexed on 2010/03/17 6:01 UTC
Read the original article Hit count: 656

Filed under:
|
|
|

I'm trying to log into site with invalid ssl certificate and I have the following code.

I bypass the the invalid cert by using my all certificate and then bypass the invalid Hostname by using hostnameverifier.

However, the hostnameverifier does not seem to work and I still get the error message

javax.net.ssl.SSLException: hostname in certificate didn't match:

The code is:

public static void main(String[] args) {
    TrustManager[] trustAllCerts = new TrustManager[] {
            new X509TrustManager() {
                public java.security.cert.X509Certificate[] getAcceptedIssuers() {
                    return null;
                }

                public void checkClientTrusted( java.security.cert.X509Certificate[] certs, String authType) { }

                public void checkServerTrusted( java.security.cert.X509Certificate[] certs, String authType) { } 
            } 
    };


    HostnameVerifier hv = new HostnameVerifier() {
        public boolean verify(String urlHostName, SSLSession session) {
            System.out.println("Warning: URL Host: "+urlHostName+" vs. "+session.getPeerHost());
            return true;
        }

    };


    try {
        SSLContext sc = SSLContext.getInstance("SSL");
        sc.init(null, trustAllCerts, new java.security.SecureRandom());
        HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
        HttpsURLConnection.setDefaultHostnameVerifier(hv);
    } catch (Exception e) {

    }


    try {
        DefaultHttpClient httpclient = new DefaultHttpClient();
        HttpContext localContext = new BasicHttpContext();

        List<NameValuePair> formparams = new ArrayList<NameValuePair>();
        formparams.add(new BasicNameValuePair("username", "user"));
        formparams.add(new BasicNameValuePair("password", "pword"));
        UrlEncodedFormEntity entity;

        entity = new UrlEncodedFormEntity(formparams, "UTF-8");
        HttpPost httppost = new HttpPost("https://www.mysite.com/");
        httppost.setEntity(entity);
        HttpResponse response = httpclient.execute(httppost, localContext);
    } catch (UnsupportedEncodingException e) {
        e.printStackTrace();
    } catch (IOException e) {
        e.printStackTrace();
    }

}

© Stack Overflow or respective owner

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Related posts about java

Related posts about ssl

Categories cloud

.NET ASP.NET iphone linux python Windows mysql android sql windows-7 html c ruby-on-rails css objective-c ubuntu networking sql-server wpf asp.net-mvc ruby database Xml apache AJAX osx security regex django Performance 12.04 windows-xp mac web-development iphone-sdk vb.net Silverlight apache2 flash server perl best-practices email installation eclipse visual-studio algorithm windows-server-2008 winforms wcf firefox bash dns /Oracle