java: how to manually add certificate string for HttpsURLConnection

This is the "my way" to add certificate string for https during handshake.

Copy paste this method/function:

    String certString = "-----BEGIN CERTIFICATE-----\r\n" +
            "MIIGTTCCBTWgAwIBAgIQYwFvKKkENw6AprzeTBQWoDANBgkqhkiG9w0BAQsFADBy\r\n" +
            "MQswCQYDVQQGEwJVUzELMAkGA1UECBMCVFgxEDAOBgNVBAcTB0hvdXN0b24xFTAT\r\n" +
            "BgNVBAoTDGNQYW5lbCwgSW5jLjEtMCsGA1UEAxMkY1BhbmVsLCBJbmMuIENlcnRp\r\n" +
            "ZmljYXRpb24gQXV0aG9yaXR5MB4XDTE5MTExMDAwMDAwMFoXDTIwMDIwODIzNTk1\r\n" +
            "OVowGjEYMBYGA1UEAxMPZ2FyYXNpa3Uud2ViLmlkMIIBIjANBgkqhkiG9w0BAQEF\r\n" +
            "AAOCAQ8AMIIBCgKCAQEAyO2lGVYVAUE/KNuIds4tg1aG3FsDURt+Qn/dN3Fc00G3\r\n" +
            "rj8+afglg64J7gOL+FR+3o11W+rPffRiN62PAHOTQH5A3b4poIEsFJf6SDTNAuvo\r\n" +
            "v+fffSG8AdjBDtR/G3s994HruhOkX19ucn/0HpxAXD1W3arTSKKdA8ZdQwMqZtNT\r\n" +
            "1wEujfHt3LEYDL7rDE2crqOw+6H05kJV7kzDPjoMjjGE7AiUlDA//t1okQrWft/9\r\n" +
            "soG1Tb7+W29clqZ7UzEeWyFGldknDhGf7vsth0Uz3QAOsqihs+ZcmEsnzLA1vgtj\r\n" +
            "VZcXj49RBCSaHEKUTIEGsTlZZIA8VNt6nXkjnR2WLwIDAQABo4IDNTCCAzEwHwYD\r\n" +
            "VR0jBBgwFoAUfgNaZUFrp34K4bidCOodjh1qx2UwHQYDVR0OBBYEFKamNJ13mwWn\r\n" +
            "rXhh4JobK8WM1UO0MA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1Ud\r\n" +
            "JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBJBgNVHSAEQjBAMDQGCysGAQQBsjEB\r\n" +
            "AgI0MCUwIwYIKwYBBQUHAgEWF2h0dHBzOi8vc2VjdGlnby5jb20vQ1BTMAgGBmeB\r\n" +
            "DAECATBMBgNVHR8ERTBDMEGgP6A9hjtodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9j\r\n" +
            "UGFuZWxJbmNDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDB9BggrBgEFBQcBAQRx\r\n" +
            "MG8wRwYIKwYBBQUHMAKGO2h0dHA6Ly9jcnQuY29tb2RvY2EuY29tL2NQYW5lbElu\r\n" +
            "Y0NlcnRpZmljYXRpb25BdXRob3JpdHkuY3J0MCQGCCsGAQUFBzABhhhodHRwOi8v\r\n" +
            "b2NzcC5jb21vZG9jYS5jb20wgZEGA1UdEQSBiTCBhoIPZ2FyYXNpa3Uud2ViLmlk\r\n" +
            "ghZjcGFuZWwuZ2FyYXNpa3Uud2ViLmlkghRtYWlsLmdhcmFzaWt1LndlYi5pZIIX\r\n" +
            "d2ViZGlzay5nYXJhc2lrdS53ZWIuaWSCF3dlYm1haWwuZ2FyYXNpa3Uud2ViLmlk\r\n" +
            "ghN3d3cuZ2FyYXNpa3Uud2ViLmlkMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHYA\r\n" +
            "B7dcG+V9aP/xsMYdIxXHuuZXfFeUt2ruvGE6GmnTohwAAAFuUzNi8wAABAMARzBF\r\n" +
            "AiAbXbHwluE3WNCuaDRm4LJ14nhviOaenKJm8+lDXX3xwwIhAMwZYecq6gb1aIkl\r\n" +
            "hqCiXHJXhzRnfRTWj0a7Srv5iEieAHYAXqdz+d9WwOe1Nkh90EngMnqRmgyEoRIS\r\n" +
            "hBh1loFxRVgAAAFuUzNi9QAABAMARzBFAiAnBf9n13w3nAS0Jw/R6rzOwwIlQcPv\r\n" +
            "E6SJcfN8/FuoFAIhAPYow52uuEEt7SzFCxnws35AgRvtB6VKEk4WRb3SoBt7MA0G\r\n" +
            "CSqGSIb3DQEBCwUAA4IBAQAropPbjHNwq+/91cdzmRPQW+fXVi4yroDzjggG+paL\r\n" +
            "ul62XbpgWMeX4bjskEAuG0jbOiejAZFMMcdTGGIrmAw/ErcQ3U2AB4k3ilkOr5vr\r\n" +
            "RX3dguPCDmZ12CDBpdSLfYVBKDQRXX/DNsuePr4vOS09XBMNJJdBBRvNW0jKh6Q+\r\n" +
            "nRY/fmJSfRy9U7GF2QyGt9Ni2nphMwobW/UDOy0yHBEar0Fe+QP0sbmeNW9koCid\r\n" +
            "gvDGs+Pm6tcG3KtcCpwGR1nWvFT6hvirYrxPbD3EzSBYzPBpD+LBZghe+06Ib8U9\r\n" +
            "9Oug2n9mIHXsrSXDVXufaaOyWdch1yfAhuFWR5oEkZU3\r\n" +
            "-----END CERTIFICATE-----"; // https://garasiku.web.id
    
    private SSLContext createSSLContext( ) throws CertificateException, IOException, KeyStoreException, NoSuchAlgorithmException, KeyManagementException {
        // https://developer.android.com/training/articles/security-ssl
        // Load CAs from an InputStream
        // (could be from a resource or ByteArrayInputStream or ...)
        CertificateFactory cf = CertificateFactory.getInstance("X.509");
        // From https://www.washington.edu/itconnect/security/ca/load-der.crt
        //InputStream caInput = new BufferedInputStream(new FileInputStream("load-der.crt")); // load from file
        InputStream caInput = new ByteArrayInputStream(certString.getBytes("UTF-8"));
        Certificate ca;
        try {
            ca = cf.generateCertificate(caInput);
            //System.out.println("ca=" + ((X509Certificate) ca).getSubjectDN());
        } finally {
            caInput.close();
        }

        // Create a KeyStore containing our trusted CAs
        String keyStoreType = KeyStore.getDefaultType();
        KeyStore keyStore = KeyStore.getInstance(keyStoreType);
        keyStore.load(null, null);
        keyStore.setCertificateEntry("ca", ca);

        // Create a TrustManager that trusts the CAs in our KeyStore
        String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
        TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm);
        tmf.init(keyStore);

        // Create an SSLContext that uses our TrustManager
        SSLContext context = SSLContext.getInstance("TLS");
        context.init(null, tmf.getTrustManagers(), null);

        return context;
        // Tell the URLConnection to use a SocketFactory from our SSLContext
        //URL url = new URL("https://certs.cac.washington.edu/CAtest/");
        //HttpsURLConnection urlConnection =
        //    (HttpsURLConnection)url.openConnection();
        //urlConnection.setSSLSocketFactory(context.getSocketFactory());
        //InputStream in = urlConnection.getInputStream();
        //copyInputStreamToOutputStream(in, System.out);
        
    }

Using this method

        // 1 Create Url connection
        mUrl = new URL(mUrlStr);
        
        // 2 Retrieve the URLConnection object
        mHttpsURLConnection = (HttpsURLConnection) mUrl.openConnection();

        // 2020 01 04
        // manual add certificate string
        try {
            mHttpsURLConnection.setSSLSocketFactory(createSSLContext().getSocketFactory());
        } catch (CertificateException | KeyStoreException e) {
            // TODO Auto-generated catch block
            //e.printStackTrace();
        }
        

For more detail code https://github.com/dedetok/php-simple-json/blob/master/java/myca/dedetok/com/MyConnection.java