Is there a java setting for disabling certificate validation? [duplicate]
Not exactly a setting but you can override the default TrustManager and HostnameVerifier to accept anything. Not a safe approach but in your situation, it can be acceptable.
Complete example : Fix certificate problem in HTTPS
In addition to the answers above. You can do it programmatically by implementing the TrustManager:
TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() { public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; } @Override public void checkClientTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {} @Override public void checkServerTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {} } }; SSLContext sc=null; try { sc = SSLContext.getInstance("SSL"); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } try { sc.init(null, trustAllCerts, new java.security.SecureRandom()); } catch (KeyManagementException e) { e.printStackTrace(); } HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory()); // Create all-trusting host name verifier HostnameVerifier validHosts = new HostnameVerifier() { @Override public boolean verify(String arg0, SSLSession arg1) { return true; } }; // All hosts will be valid HttpsURLConnection.setDefaultHostnameVerifier(validHosts);
However this is not a good practice for production.
This example on How to disable SSL certificat validation in Java contains a utility class you can copy in your project.