Inspectopedia Help

Call to SSLCertificateSocketFactory.getInsecure()

Call to SSLCertificateSocketFactory.getInsecure()

The SSLCertificateSocketFactory.getInsecure() method returns an SSLSocketFactory with all TLS/SSL security checks disabled, which could result in insecure network traffic caused by trusting arbitrary TLS/SSL certificates presented by peers. This method should be avoided unless needed for a special circumstance such as debugging. Instead, SSLCertificateSocketFactory.getDefault() should be used.

Issue id: SSLCertificateSocketFactoryGetInsecure

Inspection Details

Available in:

IntelliJ IDEA 2023.3, Qodana for Android 2023.3, Qodana for JVM 2023.3


Android, 2022.3.1 Beta 2

Last modified: 13 July 2023