Forum Discussion

mhashemi's avatar
4 years ago

Ignoring self-signed certs in Groovy script

I am trying to connect to a REST API running on a server with a self-signed cert. When I run the following code, I get this error: 


SunCertPathBuilderException: unable to find valid certification path to requested target


package DataSources.Groovy
import org.apache.http.HttpEntity
import org.apache.http.NameValuePair
import org.apache.http.client.entity.UrlEncodedFormEntity
import org.apache.http.client.methods.CloseableHttpResponse
import org.apache.http.client.methods.HttpGet
import org.apache.http.client.methods.HttpPost
import org.apache.http.impl.client.BasicCookieStore
import org.apache.http.impl.client.CloseableHttpClient
import org.apache.http.impl.client.HttpClients
import org.apache.http.impl.client.InternalHttpClient
import org.apache.http.message.BasicNameValuePair
import org.apache.http.util.EntityUtils
import java.util.concurrent.ConcurrentHashMap.ForEachEntryTask
import java.util.regex.Matcher
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import javax.xml.parsers.SAXParser
import org.apache.commons.codec.binary.Hex;
import groovy.json.*;
import groovy.util.XmlSlurper;
import groovy.xml.XmlUtil;
String eol = System.getProperty("line.separator");

CloseableHttpClient httpclient = HttpClients.createDefault();

def loginurl = "https://<url>:8445/finesse/api/Users";

httpGet = new HttpGet(loginurl);
httpGet.setHeader("Authorization", "Basic <token>");
response = httpclient.execute(httpGet);


I did a little googling and tried the first answer from this StackOverflow post, but that was a no-go. Does the collector support any workaround?

3 Replies

  • Anonymous's avatar

    The collector wouldn't have any way of working around this. It would have to be built into your script. Unfortunately, you've surpassed by Groovy fluency already.

    This is why I use python (set verify=false and you're done). 

  • Yeah, I normally work in PowerShell (and can work around it with that), but Groovy is less resource intensive. Hopefully someone else knows how make Groovy ignore the cert.

  • def nullTrustManager = [
        checkClientTrusted: { chain, authType ->  },
        checkServerTrusted: { chain, authType ->  },
        getAcceptedIssuers: { null }
    def nullHostnameVerifier = [
        verify: { hostname, session ->
    sc ="SSL")
        sc.init(null, [nullTrustManager as] as[], null) as
        def doRequest(urlPath, token) {
                def conn = "https://....".toURL().openConnection()
                return conn

    This will do it... my Groovy foo is not strong :D but I have this working using the above