Relaxing TLS for java.net.http.HttpClient
Pavel Rappo
pavel.rappo at gmail.com
Thu Mar 27 18:20:10 UTC 2025
Hello,
I would like java.net.http.HttpClient to send a request to an HTTPS
endpoint whose certificate is invalid and cannot be changed. In
particular, the certificate's CN is incompatible with the endpoint's
domain:
javax.net.ssl.SSLHandshakeException: No subject alternative DNS
name matching ... found.
>From the documentation, it's not obvious how to configure HttpClient
to skip the hostname check. The
jdk.internal.httpclient.disableHostnameVerification property seems
internal and overly broad as it affects _all_ instances of HttpClient.
What's the official recommendation or better yet code snippet for
configuring a particular instance of HttpClient?
Thanks,
-Pavel
More information about the net-dev
mailing list