1 /* 2 * ==================================================================== 3 * Licensed to the Apache Software Foundation (ASF) under one 4 * or more contributor license agreements. See the NOTICE file 5 * distributed with this work for additional information 6 * regarding copyright ownership. The ASF licenses this file 7 * to you under the Apache License, Version 2.0 (the 8 * "License"); you may not use this file except in compliance 9 * with the License. You may obtain a copy of the License at 10 * 11 * http://www.apache.org/licenses/LICENSE-2.0 12 * 13 * Unless required by applicable law or agreed to in writing, 14 * software distributed under the License is distributed on an 15 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 16 * KIND, either express or implied. See the License for the 17 * specific language governing permissions and limitations 18 * under the License. 19 * ==================================================================== 20 * 21 * This software consists of voluntary contributions made by many 22 * individuals on behalf of the Apache Software Foundation. For more 23 * information on the Apache Software Foundation, please see 24 * <http://www.apache.org/>. 25 * 26 */ 27 package org.apache.hc.client5.http.ssl; 28 29 import java.security.cert.CertificateException; 30 import java.security.cert.X509Certificate; 31 32 import org.apache.hc.core5.annotation.Contract; 33 import org.apache.hc.core5.annotation.ThreadingBehavior; 34 import org.apache.hc.core5.ssl.TrustStrategy; 35 36 /** 37 * A trust strategy that accepts all certificates as trusted. 38 * 39 * <h2>Security Warning</h2> 40 * This trust strategy effectively disables trust verification of SSL / TLS, 41 * and allows man-in-the-middle attacks. If possible avoid this trust strategy 42 * and use more secure alternatives. For example, for self-signed certificates 43 * prefer specifying a keystore containing the certificate chain when calling 44 * the {@link org.apache.hc.core5.ssl.SSLContextBuilder} {@code loadTrustMaterial} 45 * methods. 46 * 47 * @since 4.5.4 48 * @since 5.0 49 */ 50 @Contract(threading = ThreadingBehavior.STATELESS) 51 public class TrustAllStrategy implements TrustStrategy { 52 53 /** 54 * Default instance of {@link TrustAllStrategy}. 55 */ 56 public static final TrustAllStrategy INSTANCE = new TrustAllStrategy(); 57 58 @Override 59 public boolean isTrusted(final X509Certificate[] chain, final String authType) throws CertificateException { 60 return true; 61 } 62 63 }