WeakSSL
Dependency:
compile "org.grails.plugins:weak-ssl:1.3"
Summary
This plugin deliberately breaks SSL for you by acceptingany SSL certificate.
Installation
$ grails install-plugin weak-ssl
Description
Makes Java/Groovy work with self-signed certificates or other malformed SSL certificates. It is useful for working in development environments or test environments where you have a generated SSL certificate. Notice one of the modules detects the Grails test mode and reads the Grails generated SSL cert and provides an SSL exception for it.By default this plugin deactivates itself in production environments and only adds exceptions for SSL certificates served by localhost. You may choose to override this behavior.
produces this error
To fix this problem in development and test environments install this plugin.now run in https mode
If the trustAll mode is used in production, the grails app will print a warning statement that the trusting provider is enabled in a production environment then proceed as if it were in a test or development environment.
use case
If you are running an application in test that uses SSL and you attempt to connect to your own host over SSL in your code, you will get an error. That's because grails is using a self generated SSL certificate.For example:def text = new URL("https://localhost:8443/${myapp}").text
sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)
$ grails install-plugin weak-ssl
$ grails run-app -https
trust certain hosts
Configure a list of trusted host names. These are hosts that we will trust the certificates from even if they are self-signed.Config.groovyweakssl.trustedhosts = ['myhost','myotherhost','localhost','someotherhost']
trust all
Force trusted mode SSL to work in all contexts. The trustAll setting breaks the SSL certificate provider causing Java to trust all certificates presented to it. I strongly caution against using this mode in production.Config.groovytrustAll = true