List of usage examples for javax.net.ssl HttpsURLConnection setDefaultHostnameVerifier
public static void setDefaultHostnameVerifier(HostnameVerifier v)
HostnameVerifier inherited by a new instance of this class. From source file:org.qi4j.library.http.AbstractSecureJettyTest.java
@AfterClass public static void afterSecureClass() { HttpsURLConnection.setDefaultHostnameVerifier(defaultHostnameVerifier); HttpsURLConnection.setDefaultSSLSocketFactory(defaultSSLSocketFactory); }
From source file:test.integ.be.fedict.trust.XKMSTrustTest.java
@Test public void testValidateUnilateralTLSTrust() throws Exception { LOG.debug("validate using unilateral TLS Trust."); // Retrieve server public key SSLTrustManager.initialize();//from w w w . j a va2 s .c o m SSLSocketFactory factory = HttpsURLConnection.getDefaultSSLSocketFactory(); SSLSocket socket = (SSLSocket) factory.createSocket(TestUtils.XKMS_WS_HOST, port); socket.startHandshake(); Certificate[] serverCerts = socket.getSession().getPeerCertificates(); PublicKey publicKey = serverCerts[0].getPublicKey(); LOG.debug("server public key: " + publicKey); socket.close(); /* * Override default verification that CN of server SSL certificate has * to be equal to the hostname. */ HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() { public boolean verify(String hostname, SSLSession session) { return hostname.equals(TestUtils.XKMS_WS_HOST); } }); // setup List<X509Certificate> signCertificateChain = TestUtils.getSignCertificateChain(); XKMS2Client client = new XKMS2Client( "https://" + TestUtils.XKMS_WS_HOST + ":" + port + TestUtils.XKMS_WS_CONTEXT_PATH); client.setServicePublicKey(publicKey); /* * Operate: validate non repudiation */ client.validate(TrustServiceDomains.BELGIAN_EID_NON_REPUDIATION_TRUST_DOMAIN, signCertificateChain); }
From source file:org.apache.hadoop.io.crypto.bee.RestClient.java
private InputStream httpsWithCertificate(final URL url) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException, KeyManagementException { KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType()); trustStore.load(null);// Make an empty store CertificateFactory cf = CertificateFactory.getInstance("X.509"); FileInputStream fis = new FileInputStream(BeeConstants.BEE_HTTPS_CERTIFICATE_DEFAULT_PATH); BufferedInputStream bis = new BufferedInputStream(fis); while (bis.available() > 0) { Certificate cert = cf.generateCertificate(bis); // System.out.println(cert.getPublicKey().toString()); trustStore.setCertificateEntry("jetty" + bis.available(), cert); }/* w ww .j av a 2s. c o m*/ TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); tmf.init(trustStore); SSLContext ctx = SSLContext.getInstance("TLS"); ctx.init(null, tmf.getTrustManagers(), null); SSLSocketFactory sslFactory = ctx.getSocketFactory(); // Create all-trusting host name verifier HostnameVerifier allHostsValid = new HostnameVerifier() { @Override public boolean verify(String hostname, SSLSession session) { if (0 == hostname.compareToIgnoreCase(url.getHost())) { return true; } return false; } }; // Install the all-trusting host verifier HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid); HttpsURLConnection urlConnection = (HttpsURLConnection) url.openConnection(); urlConnection.setSSLSocketFactory(sslFactory); return urlConnection.getInputStream(); }
From source file:com.jwrapper.maven.java.JavaDownloadMojo.java
protected void setupNonVerifingSSL() throws Exception { // Create a trust manager that does not validate certificate chains final TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() { @Override/*from w w w . ja va 2 s . com*/ public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; } @Override public void checkClientTrusted(final X509Certificate[] arg0, final String arg1) throws CertificateException { } @Override public void checkServerTrusted(final X509Certificate[] arg0, final String arg1) throws CertificateException { } } }; // Install the all-trusting trust manager final SSLContext sc = SSLContext.getInstance("SSL"); sc.init(null, trustAllCerts, new java.security.SecureRandom()); HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory()); // Create all-trusting host name verifier final HostnameVerifier allHostsValid = new HostnameVerifier() { @Override public boolean verify(final String hostname, final SSLSession session) { return true; } }; // Install the all-trusting host verifier HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid); }
From source file:com.dongfang.utils.OtherUtils.java
public static void trustAllSSLForHttpsURLConnection() { // Create a trust manager that does not validate certificate chains if (trustAllCerts == null) { trustAllCerts = new TrustManager[] { new X509TrustManager() { public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; }/*from w w w . j ava2s . c o m*/ public void checkClientTrusted(X509Certificate[] certs, String authType) { } public void checkServerTrusted(X509Certificate[] certs, String authType) { } } }; } // Install the all-trusting trust manager final SSLContext sslContext; try { sslContext = SSLContext.getInstance("TLS"); sslContext.init(null, trustAllCerts, null); HttpsURLConnection.setDefaultSSLSocketFactory(sslContext.getSocketFactory()); } catch (Throwable e) { ULog.e(e.getMessage(), e); } HttpsURLConnection .setDefaultHostnameVerifier(org.apache.http.conn.ssl.SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); }
From source file:net.atos.aeon.AEONSDK.java
private void Init(String subscribeUrl, String id, String desc) { this.messages = new AEONSDKMessages(); try {/* ww w . j a v a2s . c om*/ if (subscribeUrl.indexOf("/subscribe") != -1) { if (subscribeUrl.startsWith("https")) { this.webClient = ClientHelper.createClient(); SSLContext sc = SSLContext.getInstance("TLS"); sc.init(null, ClientHelper.trustAllCerts, new SecureRandom()); SocketIO.setDefaultSSLSocketFactory(sc); HttpsURLConnection.setDefaultHostnameVerifier(new RelaxedHostNameVerifier()); } else this.webClient = Client.create(); this.subscribeUrl = subscribeUrl; this.socketServer = getSocketServerEndpoint(getServerEndpoint(subscribeUrl)); this.socket = new SocketIO(socketServer); this.socket.addHeader("force_new_connection", "true"); // this.socket.addHeader("transports", "xhr-polling"); // this.socket.addHeader("polling duration", "20"); this.id = id; this.desc = desc; this.mode = "subscribe"; sioLogger.setLevel(Level.OFF); } else this.mode = "error"; } catch (MalformedURLException e) { e.printStackTrace(); this.mode = "error"; } catch (NoSuchAlgorithmException e) { // TODO Auto-generated catch block e.printStackTrace(); this.mode = "error"; } catch (KeyManagementException e) { // TODO Auto-generated catch block e.printStackTrace(); this.mode = "error"; } }
From source file:com.ycj.android.common.utils.OtherUtils.java
public static void trustAllSSLForHttpsURLConnection() { // Create a trust manager that does not validate certificate chains if (trustAllCerts == null) { trustAllCerts = new TrustManager[]{new X509TrustManager() { public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; }/*from w w w. j a v a 2s . co m*/ public void checkClientTrusted(X509Certificate[] certs, String authType) { } public void checkServerTrusted(X509Certificate[] certs, String authType) { } }}; } // Install the all-trusting trust manager final SSLContext sslContext; try { sslContext = SSLContext.getInstance("TLS"); sslContext.init(null, trustAllCerts, null); HttpsURLConnection.setDefaultSSLSocketFactory(sslContext.getSocketFactory()); } catch (Throwable e) { LogUtils.e(e.getMessage(), e); } HttpsURLConnection.setDefaultHostnameVerifier(org.apache.http.conn.ssl.SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); }
From source file:edu.indiana.d2i.sloan.ui.LoginSuccessAction.java
private boolean disableSSL() { // Create empty HostnameVerifier HostnameVerifier hv = new HostnameVerifier() { public boolean verify(String urlHostName, SSLSession session) { return true; }//from ww w.j a v a 2 s.c om }; // Create a trust manager that does not validate certificate chains TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() { public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; } public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) { } public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) { } } }; // install all-trust manager try { SSLContext sc = SSLContext.getInstance("SSL"); sc.init(null, trustAllCerts, new java.security.SecureRandom()); SSLSocketFactory sslSocketFactory = sc.getSocketFactory(); HttpsURLConnection.setDefaultSSLSocketFactory(sslSocketFactory); HttpsURLConnection.setDefaultHostnameVerifier(hv); return true; } catch (NoSuchAlgorithmException e) { logger.error(e.getMessage(), e); addActionError(e.getMessage()); return false; } catch (KeyManagementException e) { logger.error(e.getMessage(), e); addActionError(e.getMessage()); return false; } }
From source file:cn.com.infohold.p2papp.common.gate.OtherUtils.java
public static void trustAllSSLForHttpsURLConnection() { // Create a trust manager that does not validate certificate chains if (trustAllCerts == null) { trustAllCerts = new TrustManager[] { new X509TrustManager() { public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; }/*from ww w. j a va2 s . co m*/ public void checkClientTrusted(X509Certificate[] certs, String authType) { } public void checkServerTrusted(X509Certificate[] certs, String authType) { } } }; } // Install the all-trusting trust manager final SSLContext sslContext; try { sslContext = SSLContext.getInstance("TLS"); sslContext.init(null, trustAllCerts, null); HttpsURLConnection.setDefaultSSLSocketFactory(sslContext.getSocketFactory()); } catch (Throwable e) { LogUtils.e(e.getMessage(), e); } HttpsURLConnection .setDefaultHostnameVerifier(org.apache.http.conn.ssl.SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); }
From source file:org.apache.jmeter.util.JsseSSLManager.java
/** * Create the SSLContext, and wrap all the X509KeyManagers with * our X509KeyManager so that we can choose our alias. * * @param provider//from ww w .j a v a 2s. co m * Description of Parameter */ public JsseSSLManager(Provider provider) { log.debug("ssl Provider = " + provider); setProvider(provider); if (null == this.rand) { // Surely this is always null in the constructor? this.rand = new SecureRandom(); } try { if (SHARED_SESSION_CONTEXT) { log.debug("Creating shared context"); this.defaultContext = createContext(); } else { this.threadlocal = new ThreadLocal<>(); } HttpsURLConnection.setDefaultSSLSocketFactory(new HttpSSLProtocolSocketFactory(this, CPS)); HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() { @Override public boolean verify(String hostname, SSLSession session) { return true; } }); /* * Also set up HttpClient defaults */ Protocol protocol = new Protocol(JsseSSLManager.HTTPS, (ProtocolSocketFactory) new HttpSSLProtocolSocketFactory(this, CPS), 443); Protocol.registerProtocol(JsseSSLManager.HTTPS, protocol); log.debug("SSL stuff all set"); } catch (GeneralSecurityException ex) { log.error("Could not set up SSLContext", ex); } log.debug("JsseSSLManager installed"); }