If you're like me and every other user on the planet, you don't give a shit when an SSL certificate doesn't validate.  Unfortunately, commons-httpclient was written by some pedantic fucknozzles who have never tried to fetch real-world webpages.

If you want to turn off SSL certificate validation in httpclient, do this:

1. Put not-yet-commons-ssl.jar on your classpath.
2. Execute the following method before you start any SSL connections:

public static void trustAllCerts() throws GeneralSecurityException, IOException {
	ProtocolSocketFactory sf = new EasySSLProtocolSocketFactory();
	Protocol p = new Protocol("https", sf, 443);
	Protocol.registerProtocol("https", p);
This essentially makes commons-httpclient accept every SSL certificate it gets.  Yeah, that's what I thought. Who's bitching now?