remove ability to disable cert chain validation

[aai/rest-client.git] / src / main / java / org / onap / aai / restclient / rest / RestClientBuilder.java

diff --git a/src/main/java/org/onap/aai/restclient/rest/RestClientBuilder.java b/src/main/java/org/onap/aai/restclient/rest/RestClientBuilder.java
index 310a059..26c5fdf 100644 (file)
--- a/src/main/java/org/onap/aai/restclient/rest/RestClientBuilder.java
+++ b/src/main/java/org/onap/aai/restclient/rest/RestClientBuilder.java
@@ -201,28 +201,12 @@ public class RestClientBuilder {
     // Check to see if we need to perform proper validation of\r
     // the certificate chains.\r
     TrustManager[] trustAllCerts = null;\r
-    if (validateServerCertChain) {\r
       if (truststoreFilename != null) {\r
         System.setProperty(TRUST_STORE_PROPERTY, truststoreFilename);\r
       } else {\r
         throw new IllegalArgumentException("Trust store filename must be set!");\r
       }\r
 \r
-    } else {\r
-\r
-      // We aren't validating certificates, so create a trust manager that does\r
-      // not validate certificate chains.\r
-      trustAllCerts = new TrustManager[] {new X509TrustManager() {\r
-        public X509Certificate[] getAcceptedIssuers() {\r
-          return null;\r
-        }\r
-\r
-        public void checkClientTrusted(X509Certificate[] certs, String authType) {}\r
-\r
-        public void checkServerTrusted(X509Certificate[] certs, String authType) {}\r
-      }};\r
-    }\r
-\r
     // Set up the SSL context, keystore, etc. to use for our connection\r
     // to the AAI.\r
     SSLContext ctx = SSLContext.getInstance(sslProtocol);\r