Better support for self signed certificates

[GoogleCodeExporter]

What steps will reproduce the problem?
1. test an ssl connection with a self signed certificate (no hostname specified)
2.
3.

What is the expected output? What do you see instead?
I would like to be able to do this but am prevented to because I cannot specify 
the default host name verifier

What version of the product are you using? On what operating system?
1.6.2 (windows)

Please provide any additional information below.

I would like something like this to work. Many thanks!

        /*
         * The following code basically nullifies all SSL checks - this is not recommended to be copied without thought
         * of the consequences!! Sadly rest assured ignores all this so we may well have to ditch rest assured
         */

        TrustManager[] certs = new TrustManager[]
        { new X509TrustManager()
        {
            @Override
            public X509Certificate[] getAcceptedIssuers()
            {
                return null;
            }

            @Override
            public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException
            {
            }

            @Override
            public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException
            {
            }
        } };
        SSLContext ctx = null;
        try
        {
            ctx = SSLContext.getInstance("TLS");
            ctx.init(null, certs, new SecureRandom());
        }
        catch (java.security.GeneralSecurityException ex)
        {
        }

        if (ctx != null)
        {
            HttpsURLConnection.setDefaultSSLSocketFactory(ctx.getSocketFactory());
        }

        HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier()
        {
            public boolean verify(String hostname, SSLSession session)
            {
                return true;
            }
        });

Original issue reported on code.google.com by mjenk...@idbs.com on 29 Jun 2012 at 12:05

[GoogleCodeExporter]

Actually this should be an enhancement - sorry

Original comment by mjenk...@idbs.com on 29 Jun 2012 at 12:05

[GoogleCodeExporter]

And you just execute this before you make a request with HTTP Client and it 
should work?

Original comment by johan.ha...@gmail.com on 14 Jul 2012 at 6:54

• Changed state: Accepted
• Added labels: Type-Enhancement
• Removed labels: Type-Defect

[GoogleCodeExporter]

I just posted to the forum a HttpClient+Jetty sample that might help Johan 
implement this.  included in that post is a suggestion for how I think the API 
should work.  The forum post hasn't show up yet so I can't link it here.  I 
have however attached the sample.

Original comment by kmin...@gmail.com on 22 Oct 2012 at 1:17

Attachments:

• self-signed-certs.zip

[GoogleCodeExporter]

Also see https://github.com/jayway/rest-assured/pull/22

Original comment by webust...@gmail.com on 6 Dec 2013 at 2:20

[GoogleCodeExporter]

Great! I've now merged the pull request.

Original comment by johan.ha...@gmail.com on 7 Dec 2013 at 5:42

[GoogleCodeExporter]

I've actually modified the API (it's not backward compatible). You can now 
specify the host name verification check using "CertificateAuthSettings" that 
you may pass in to the "certificate" method. Please try this out and tell me if 
it works and if you like the API. Depend on version 2.0.2-SNAPSHOT after having 
added the following Maven repo:

<repositories>
        <repository>
            <id>sonatype</id>
            <url>https://oss.sonatype.org/content/repositories/snapshots/</url>
            <snapshots />
        </repository>
</repositories>

Original comment by johan.ha...@gmail.com on 7 Dec 2013 at 7:03

• Changed state: Fixed