Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
[jetty-users] Trusting all certificates after upgrade to Jetty 9

In a recent upgrade from Jetty 8 (8.1.8.v20121106) to Jetty 9 (9.2.13.v20150730), it seems that code for trusting all SSL certificates is no longer working.

We do not always want to trust all certificates and so cannot use the SSLContextFactory(trustAll) constructor. 

After the application is up and running, there may be a specific use case in which the user will need to start trusting all certificates, in which case an all-trusting TrustManager is set up:

// Create a trust manager that does not validate certificate chains
TrustManager[] trustAllCerts = new TrustManager[]{

new X509TrustManager() {
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];

public void checkServerTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {

public void checkClientTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {

// Install the all-trusting trust manager
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, null);

// Create all-trusting host name verifier
HostnameVerifier allHostsValid = new HostnameVerifier() {
public boolean verify(String hostname, SSLSession session) {
return true;

// Install the all-trusting host verifier

// set flag to true so that the process is not repeated
sslDisabled = true;

Is there something specific with this version that will cause this not to work anymore?



Back to the top