Use HttpURLConnection to get a page with a self-signed certficate

I'm using this code to 开发者_如何学Cdownload the timeline page from our local Trac system:

HttpURLConnection con = (HttpURLConnection) TRAC_TIMELINE_URL.openConnection();
String userpassword = TRAC_USERNAME + ":" + TRAC_PASS;
String encodedAuthorization = new String(Base64.encodeBase64(
        userpassword.getBytes(Charsets.ASCII)), Charsets.ASCII);
con.setRequestProperty("Authorization", "Basic " + encodedAuthorization);
InputStream ins = con.getInputStream();

Because the Trac server is accessed via HTTPS but has a self-signed certificate, I get the following exception on the call to getInputStream:

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

What's the quickest way to make it work? I'm fine with just ignoring the certificate correctness altogether, because this request is going to be made over the LAN.

At the very least, you need to make sure that the public certificate that matches the private certificate used by your Trac system (or the certificate of the CA that signed that server cert) is in your truststore. It's a requirement of the Java SSL libraries that there is a chain of trust to a known trust-root (verifying a binding between the DN of the server cert and the requested hostname is optional, though highly recommended for normal HTTPS).