I have created a webcrawler, that will return the page for a URL. For some URLs I get : javax.net.ssl.SSLHandshakeException: Received fatal alert: protocol_version
The purpose of this is just to parse the webpage returned. So I am looking at ways to bypass. The SSL verification
(s, sslSession) -> true
So I create a SSLConnectionSocketFactory
private SSLConnectionSocketFactory sslFactory() {
SSLContext sslcontext = null;
try {
sslcontext = SSLContexts.custom().loadTrustMaterial(null, new TrustSelfSignedStrategy()).build();
} catch (KeyManagementException | NoSuchAlgorithmException | KeyStoreException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
SSLConnectionSocketFactory sslConnectionSocketFactory = new SSLConnectionSocketFactory(sslcontext, (s, sslSession) -> true);
return sslConnectionSocketFactory;
}
And then add it to the HTMLClient
var clientBuilder = HttpClientBuilder.create()
.setDefaultRequestConfig(RequestConfig.custom().setCookieSpec(CookieSpecs.STANDARD).build())
.setRedirectStrategy(new LaxRedirectStrategy())
.setDefaultCookieStore(cookieStore)
.setSSLSocketFactory(sslFactory());
According to what I have researched this should bypass SSL verification, but it still throws the exception. I am using httpclient-4.5.13.
I understand the security implications, but this is parsing a webpage, it will not be sending any data. Thanks for any help.