Hi,

I have

Code:
System.setProperty("javax.net.ssl.trustStore", location);
System.setProperty("javax.net.ssl.trustStorePassword", password);
//... some more code here

String Url = "https://server/path";
HttpURLConnection MySession = (HttpURLConnection)new URL(Url).openConnection();
//... some more code here
Via the MySession object I can communictate with the server. This all works fine. The problem is that the server uses a certificate signed by an unknown CA. In my code I can work around this problem via the setProperty commands and an own keystore I have created in 'location'.

The problem is of course that I cannot ask every user to create a personal keystore. The network communication is always to this server, so it is not the user who chooses a server it is a hardcoded server. The end user should not worry if the certificate is validated or not. I know some people would argue that this is a security issue, but at the end they are trusting my application as well. Please try avoiding discussing this aspect ;-)

The question is now how can I communicate with the server without these issues?

Can I somehow tell the coding to ignore certificate issues?
Can I somehow import the root certificate into my application that the user doesn't have to deal with it?

Thanks.