Disable SSL certificate validation for testing
This task outlines the process for disabling certificate validation. Do not use these settings in a production environment.
About this task
CAUTION: Disabling certificate validation should only be used for testing. Using these settings in a production environment will leave users vulnerable to man in the middle attacks.
Procedure
-
Open the service configuration file application.conf in a text editor.
Note: Use a plain text editor to avoid inserting invalid formatting or symbols into application.conf. Do not use a rich text editor such as Microsoft Word for editing configuration files.
-
Set the value for the key
ephox.http.websphere.use-ssl-config
to false andephox.http.trust-all-cert
to true.