Adding SSL Context to a class which extends AbstractHtmlPageAction

Hi,

is it possible to set an SSL Context on a class which extends the AbstractHtmlPageAction class?

I am creating the SSL Context as follows:
SSLContext context = SSLContext.getInstance(“TLS”);
context.init(
keyManagerFactory.getKeyManagers(),
null,
new SecureRandom()
);

and creating the Homepage just like in the Posters sample:

Homepage hompage = new Homepage(url);

Can I trigger the load page Method with the SSL Context already set? The reason why I would like to create the Hompage in this way is so that I can use the validation methods provided by HtmlPageUtils, which all take a HTMLPage as a parameter.

Kind regards,
Ivan

The WebClient of HtmlUnit manages its own instance of SSLContext internally, but some options are configurable. What exactly are you trying to achieve with your custom SSL context? Maybe I can give guidance how to get the WebClient set up to match your requirements.

So basically I am doing this:
CloseableHttpClient httpClient = HttpClients.custom().setSSLContext(SSLContext).build();

this way every request made by the httpClient automatically sends the SSL Context with each request. Is there a way to do this for the WebClient of the HtmlUnit? To set the SSL Conext once and each request afterwards uses the SSL Context?

Hi!

The WebClient creates the SSL context internally. It cannot be set directly. But the WebClient provides various options that influence the creation of the SSL context. So in the end, we might achieve the same effect as if we were setting the context directly.

In order to connect to most HTTPS servers with valid certificates, there is no need to tamper with the SSL context. The out-of-box configuration is sufficient. But I understand that you have a need to set a custom SSL context. Typical reasons to do so are:

  • be able to connect to servers with invalid certificates
  • use a custom trust store (for example, for self-signed server certificates)
  • use a custom key store (for example, for client certificates)
  • use a limited set of protocols (for example, TLSv1.2 only)
  • use a limited set of cipher suites

All this can be configured at the WebClient. See webClient.getOptions().setXXX().

What are your reasons for a custom SSL context? Is it something from the list above or something different?

Hi,

thanks I will look into webClient.getOptions().setXXX(). I am doing this so that we can use a custom key and trust store.