JavaFX WebView not working using weak SSL certificate

Question

JavaFX WebView not working using weak SSL certificate

I am developing a simple embedded browser using JavaFX:

final WebView browser = new WebView();
final WebEngine webEngine = browser.getEngine();

When I use webEngineto download any http site, it works fine:

webEngine.load("http://google.es");

Despite this, if I try to load a site with an untrusted certificate (my own ssl certificate), it webEnginedoes not work, and I get a white screen in the browser.

Is there a way (automatically) to trust my ssl certificate?

+4

java certificate ssl https javafx

nach0 Mar 24 '14 at 9:42

source share

1 answer

nach0 · Accepted Answer · 2014-05-21T12:19:11+0000

Finally, I solved my question. You must add this code before downloading the website:

// Create a trust manager that does not validate certificate chains
TrustManager[] trustAllCerts = new TrustManager[] { 
    new X509TrustManager() {     
        public java.security.cert.X509Certificate[] getAcceptedIssuers() { 
            return null;
        } 
        public void checkClientTrusted( 
            java.security.cert.X509Certificate[] certs, String authType) {
            } 
        public void checkServerTrusted( 
            java.security.cert.X509Certificate[] certs, String authType) {
        }
    } 
}; 

// Install the all-trusting trust manager
try {
    SSLContext sc = SSLContext.getInstance("SSL"); 
    sc.init(null, trustAllCerts, new java.security.SecureRandom()); 
    HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
} catch (GeneralSecurityException e) {
} 
// Now you can access an https URL without having the certificate in the truststore
try { 
    URL url = new URL("https://hostname/index.html"); 
} catch (MalformedURLException e) {
} 
//now you can load the content:

webEngine.load("https://example.com");

: , TRUSTS IT.

JavaFX WebView not working using weak SSL certificate

More articles: