public static CloseableHttpClient acceptsUntrustedCertsHttpClient() throws KeyStoreException, NoSuchAlgorithmException, KeyManagementException {

        HttpClientBuilder b = HttpClientBuilder.create();

        // setup a Trust Strategy that allows all certificates.

        //

        SSLContext sslContext = new SSLContextBuilder().loadTrustMaterial(null, new TrustStrategy() {

            public boolean isTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {

                return true;

            }

        }).build();

        b.setSslcontext( sslContext);

        // don't check Hostnames, either.

        //      -- use SSLConnectionSocketFactory.getDefaultHostnameVerifier(), if you don't want to weaken

        HostnameVerifier hostnameVerifier = NoopHostnameVerifier.INSTANCE;

        // here's the special part:

        //      -- need to create an SSL Socket Factory, to use our weakened "trust strategy";

        //      -- and create a Registry, to register it.

        //

        SSLConnectionSocketFactory sslSocketFactory = new SSLConnectionSocketFactory(sslContext, hostnameVerifier);

        Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create()

                .register("http", PlainConnectionSocketFactory.getSocketFactory())

                .register("https", sslSocketFactory)

                .build();

        // now, we create connection-manager using our Registry.

        //      -- allows multi-threaded use

        PoolingHttpClientConnectionManager connMgr = new PoolingHttpClientConnectionManager( socketFactoryRegistry);

        b.setConnectionManager( connMgr);

        // finally, build the HttpClient;

        //      -- done!

        CloseableHttpClient client = b.build();

        return client;

    }