Metadata

ID: java-security/no-trust-strategy

Language: Java

Severity: Info

Category: Best Practices

Description

This rule flags the use of TrustStrategy implementations such as TrustSelfSignedStrategy and TrustAllStrategy that accept certificates without proper validation. These strategies inherently trust certificates blindly, which undermines the security guarantees of SSL/TLS connections and exposes applications to man-in-the-middle attacks.

Using such TrustStrategies is dangerous because it bypasses critical certificate verification steps, allowing potentially untrusted or malicious certificates to be accepted. This can lead to sensitive data exposure, unauthorized access, and other security vulnerabilities in your application.

To comply with this rule, avoid using TrustStrategies that indiscriminately trust certificates. Instead, ensure that your SSLContext is configured with proper trust material that enforces rigorous certificate validation.

Non-Compliant Code Examples

import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
import org.apache.http.conn.ssl.TrustAllStrategy;

public class ContextMaker {
    public static SSLContext makeSelfSigned() {
        return SSLContext.custom().loadTrustMaterial(null, new TrustSelfSignedStrategy()).build();
    }

    public static SSLContext makeAll() {
        TrustStrategy strategy = new TrustAllStrategy();
        return SSLContext.custom().loadTrustMaterial(null, strategy).build();
    }

    public static SSLContext makeSelfSignedFullName() {
        return SSLContext.custom().loadTrustMaterial(null, new org.apache.http.conn.ssl.TrustSelfSignedStrategy()).build();
    }

}

Compliant Code Examples

import javax.net.ssl.SSLContext;

public class ContextMaker {
    public static SSLContext makeSecure() throws Exception {
        // Safe: using default trust material with proper certificate validation
        return SSLContext.getDefault();
    }
}

Seamless integrations. Try Datadog Code Security

Datadog Code Security