---
title: TrustAllManager
description: Blindly trusts all server certificates presented the servers for protected applications. Use this only in tests where you can trust server certificates that were not signed by a well-known CA, such as self-signed certificates.
component: pinggateway
version: 2026
page_id: pinggateway:reference:TrustAllManager
canonical_url: https://docs.pingidentity.com/pinggateway/2026/reference/TrustAllManager.html
revdate: 2025-12-11
section_ids:
  TrustAllManager-usage: Usage
  TrustAllManager-example: Example
  TrustAllManager-moreinfo: More information
---

# TrustAllManager

Blindly trusts all server certificates presented the servers for protected applications. Use this only in tests where you can trust server certificates that were not signed by a well-known CA, such as self-signed certificates.

|   |                                                    |
| - | -------------------------------------------------- |
|   | The TrustAllManager isn't safe for production use. |

## Usage

```json
{
    "name": string,
    "type": "TrustAllManager"
}
```

## Example

The following example configures a handler that blindly trusts server certificates and doesn't verify hostnames when PingGateway connects to servers over HTTPS:

```json
{
    "name": "BlindTrustReverseProxyHandler",
    "type": "ReverseProxyHandler",
    "config": {
        "tls": {
            "type": "ClientTlsOptions",
            "config": {
                "trustManager": {
                    "type": "TrustAllManager"
                },
                "hostnameVerifier": "ALLOW_ALL"
            }
        }
    }
}
```

## More information

[org.forgerock.openig.security.TrustAllManager](../_attachments/apidocs/org/forgerock/openig/security/TrustAllManager.html)