TrustSelfSignedStrategy only allows self-signed certificates by
checking that the chain length is 1. This doesn't work for certificates
that are signed by an untrusted CA. Newer versions of httpclient (>=
4.5.4) provide TrustAllStrategy, which returns true for all
certificate chains. That won't be available until
https://github.com/cheald/manticore/pull/99 is merged, so this copies
the implementation and uses it when SSL verification is disabled.
TrustSelfSignedStrategy
only allows self-signed certificates by checking that the chain length is 1. This doesn't work for certificates that are signed by an untrusted CA. Newer versions of httpclient (>= 4.5.4) provideTrustAllStrategy
, which returns true for all certificate chains. That won't be available until https://github.com/cheald/manticore/pull/99 is merged, so this copies the implementation and uses it when SSL verification is disabled.