Disable TLS/SSL check in Google App Engine - Java

[xybrek]

My app is getting this error when accessing a HTTPS resource:

    javax.net.ssl.SSLHandshakeException: Could not verify SSL certificate for URL: https://some.where/

            at com.google.appengine.api.urlfetch.URLFetchServiceImpl.convertApplicationException(URLFetchServiceImpl.java:175)

            at com.google.appengine.api.urlfetch.URLFetchServiceImpl.fetch(URLFetchServiceImpl.java:45)

            at com.google.apphosting.utils.security.urlfetch.URLFetchServiceStreamHandler$Connection.fetchResponse(URLFetchServiceStreamHandler.java:543)

            at com.google.apphosting.utils.security.urlfetch.URLFetchServiceStreamHandler$Connection.getInputStream(URLFetchServiceStreamHandler.java:422)

            at com.google.apphosting.utils.security.urlfetch.URLFetchServiceStreamHandler$Connection.getResponseCode(URLFetchServiceStreamHandler.java:275)

What can be done so GAE would not check of SSL since in my current purpose for the app, it does not care if it connects via HTTP or HTTPS, so in my case I just want to disable SSL check.

I am running the application from Windows (Linux does not throw  the error above)

Already I have modifiied the *dev_appserver.cmd* like this:

    java -Ddeployment.security.TLSv1.1=false -Ddeployment.security.TLSv1.2=false -cp "%~dp0\..\lib\appengine-tools-api.jar" ^

        com.google.appengine.tools.KickStart ^

           com.google.appengine.tools.development.DevAppServerMain %*

Also in the application itself this is set:

    FetchOptions fetchOptions = FetchOptions.Builder.doNotValidateCertificate();

    HTTPRequest request = new HTTPRequest(getUrl, HTTPMethod.GET, fetchOptions)

What could be wrong with Windows that it throws the error whereas in Linux there is no problem? 

[Katayoon (Cloud Platform Support)]

Apparently, this issue is caused by Java 7 itself only using TLS v1 by default, and you need to explicitly enable v1.2 (JDK 8 uses TLS 1.2 by default). This behavior is noted by PayPal on GitHub.  

This issue is already reported in the public tracker, with a mentioned workaround in Stack Overflow, though I have not had the opportunity to test this workaround. For further support on this issue, I encourage you to star Issue 35900204 and put your comment there since Google Groups are reserved for general product discussions and are not for reporting issues.

PS. I should also note that Java 7 runtime support was deprecated on December 13, 2017, and will be shut down entirely on January 16, 2019. So I recommend to migrate from Java 7 to Java 8 Runtime by following this guide.

[xybrek]

Hello, yes in fact the problem was solved when the JVM got upgraded to Java 8. Thanks for the answer.