importPackage(org.apache.http.client);
importPackage(org.apache.http.client.methods);
importPackage(org.apache.http.impl.client);
importPackage(org.apache.http.conn.scheme);
importClass(com.cloupia.lib.cIaaS.vcd.api.FakeSSLSocketFactory);
importPackage(org.apache.http.impl.conn.tsccm);
importPackage(org.apache.http.util);
importPackage(javax.net.ssl);
importPackage(org.apache.http.auth);
function getIgnoreSSLClient() {
var registry = new SchemeRegistry();
//------------WARNING-------------------//
//Certificate verification will be skipped. This may cause man-in-the-middle
//attack as using a malicious host acting like a trusted host. User to modify
//FakeSSLSocketFactory implementation to do strick server certificate validation.
registry.register(new Scheme("https", 443, FakeSSLSocketFactory.getInstance()));
var mgr = new ThreadSafeClientConnManager(registry);
var httpclient = new DefaultHttpClient(mgr);
var auth = new AuthScope(fill in as usual);
var creds = new UsernamePasswordCredentials(fill in as usual);
httpclient.getCredentialsProvider().setCredentials(auth, creds);
return httpclient;
}
Additional Links: