The following code snippet will help you to disables the SSL certificate checking for new instances of HttpsURLConnection in Android.

Note: You can use this code for testing purpose only and remove when moving to production. Trusting all certificate in production will expose your box for hackers.

public void trustAllCertificates() {
    try {
        TrustManager[] trustAllCerts = new TrustManager[]{
                new X509TrustManager() {
                    public X509Certificate[] getAcceptedIssuers() {
                        X509Certificate[] myTrustedAnchors = new X509Certificate[0];
                        return myTrustedAnchors;

                    public void checkClientTrusted(X509Certificate[] certs, String authType) {

                    public void checkServerTrusted(X509Certificate[] certs, String authType) {

        SSLContext sc = SSLContext.getInstance("SSL");
        sc.init(null, trustAllCerts, new SecureRandom());
        HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
            public boolean verify(String arg0, SSLSession arg1) {
                return true;
    } catch (Exception e) {
Tagged in : Android Java


A blogger, a bit of tech freak and a software developer. He is a thought leader in the fusion of design and mobile technologies. He is the author of Xamarin Mobile Application Development for Android Book (, DZone MVB and founder of

Join The Discussion

Please note: We reserve the right to delete comments that contains snarky remarks, offensive or off-topic. To know more read our comments policy.