From: Brendan cheng <ccp999_at_hotmail.com>
Date: Tue, 5 Jun 2012 00:30:13 +0000

Hi,
I tried to use Jersey client to connect to my HTTPS server with self signed certificate.The result of the following is my system still locate the java default trust store:
trustStore is: /System/Library/Java/JavaVirtualMachines/1.6.0.jdk/Contents/Home/lib/security/cacerts
instead of my program one.  I tested my server with javascript which is running fine.
import com.sun.jersey.api.client.WebResource;
import com.sun.jersey.client.urlconnection.HTTPSProperties;


import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;


import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.security.SecureRandom;
import javax.net.ssl.X509TrustManager;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.UriBuilder;


import com.sun.jersey.client.apache.ApacheHttpClient;
import com.sun.jersey.client.apache.config.DefaultApacheHttpClientConfig;


public class abc {
        
        public static class FakeHostnameVerifier implements HostnameVerifier {
              
              public boolean verify(String hostname, 
                  javax.net.ssl.SSLSession session) {
                  return(true);
              } // verify
          } // FakeHostnameVerifier


        /**
         * @param args
         */
        public static void main(String[] args) {


                System.setProperty("javax.net.debug", "ssl");


                TrustManager[] certs = new TrustManager[] { new X509TrustManager() {
                        @Override
                        public X509Certificate[] getAcceptedIssuers() {
                                return new X509Certificate[] {};
                        }


                        @Override
                        public void checkServerTrusted(X509Certificate[] chain,
                                        String authType) throws CertificateException {
                        }


                        @Override
                        public void checkClientTrusted(X509Certificate[] chain,
                                        String authType) throws CertificateException {
                        }
                } };


                SSLContext ctx = null;
                try {
                        ctx = SSLContext.getInstance("TLS");
                        ctx.init(null, certs, new SecureRandom());
                } catch (java.security.GeneralSecurityException ex) {
                }


                HttpsURLConnection.setDefaultSSLSocketFactory(ctx.getSocketFactory());
                HttpsURLConnection.setDefaultHostnameVerifier(new FakeHostnameVerifier());


                DefaultApacheHttpClientConfig config = new DefaultApacheHttpClientConfig();


                config.getProperties().put(HTTPSProperties.PROPERTY_HTTPS_PROPERTIES,
                                new HTTPSProperties(new FakeHostnameVerifier(), ctx));


                config.getState()
                                .setCredentials("abc", null, -1, "1101", "123");


                ApacheHttpClient client = ApacheHttpClient.create(config);
                WebResource webResource = client.resource(UriBuilder
                                .fromUri("https://192.168.33.156/abc").port(8000).build());


                System.out.println(webResource.path("Account")
                                .accept(MediaType.APPLICATION_XML_TYPE).get(String.class));


        }


}