List of usage examples for javax.net.ssl SSLContext getSocketFactory
public final SSLSocketFactory getSocketFactory()
From source file:org.cloudcoder.submitsvc.oop.builder.WebappSocketFactory.java
private SSLSocketFactory createSocketFactory() throws IOException, GeneralSecurityException { String keyStoreType = "JKS"; InputStream keyStoreInputStream = this.getClass().getClassLoader().getResourceAsStream(keystoreFilename); if (keyStoreInputStream == null) { throw new IOException("Could not load keystore " + keystoreFilename); }/* w w w . j a va2 s. c o m*/ KeyStore keyStore; try { keyStore = KeyStore.getInstance(keyStoreType); keyStore.load(keyStoreInputStream, keystorePassword.toCharArray()); } finally { IOUtils.closeQuietly(keyStoreInputStream); } TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("PKIX", "SunJSSE"); //trustManagerFactory.init(trustStore); // XXX Load the cert (public key) here instead of the private key? trustManagerFactory.init(keyStore); // TrustManager X509TrustManager x509TrustManager = null; for (TrustManager trustManager : trustManagerFactory.getTrustManagers()) { if (trustManager instanceof X509TrustManager) { x509TrustManager = (X509TrustManager) trustManager; break; } } if (x509TrustManager == null) { throw new IllegalArgumentException("Cannot find x509TrustManager"); } // KeyManager KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509", "SunJSSE"); keyManagerFactory.init(keyStore, keystorePassword.toCharArray()); X509KeyManager x509KeyManager = null; for (KeyManager keyManager : keyManagerFactory.getKeyManagers()) { if (keyManager instanceof X509KeyManager) { x509KeyManager = (X509KeyManager) keyManager; break; } } if (x509KeyManager == null) { throw new NullPointerException(); } SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(new KeyManager[] { x509KeyManager }, new TrustManager[] { x509TrustManager }, null); return sslContext.getSocketFactory(); }
From source file:org.apache.nifi.mongodb.AbstractMongoDBControllerService.java
protected Builder getClientOptions(final SSLContext sslContext) { MongoClientOptions.Builder builder = MongoClientOptions.builder(); builder.sslEnabled(true);//from w ww . j av a2s . c o m builder.socketFactory(sslContext.getSocketFactory()); return builder; }
From source file:com.sonatype.nexus.ssl.plugin.internal.CertificateRetriever.java
/** * Retrieves certificate chain of specified host:port using direct socket connection. * * @param host to get certificate chain from (cannot be null) * @param port of host to connect to//from w w w.j ava2s . c o m * @return certificate chain * @throws Exception Re-thrown from accessing the remote host */ public Certificate[] retrieveCertificates(final String host, final int port) throws Exception { checkNotNull(host); log.info("Retrieving certificate from {}:{} using direct socket connection", host, port); SSLSocket socket = null; try { SSLContext sc = SSLContext.getInstance("TLS"); sc.init(null, new TrustManager[] { ACCEPT_ALL_TRUST_MANAGER }, null); javax.net.ssl.SSLSocketFactory sslSocketFactory = sc.getSocketFactory(); socket = (SSLSocket) sslSocketFactory.createSocket(host, port); socket.startHandshake(); SSLSession session = socket.getSession(); return session.getPeerCertificates(); } finally { if (socket != null) { socket.close(); } } }
From source file:org.ojbc.web.portal.services.SamlServiceImpl.java
Element retrieveAssertionFromShibboleth(HttpServletRequest request) throws Exception { // Note: pulled this straight from Andrew's demo JSP that displays the assertion and http request... /*/* w w w. java2s . c o m*/ * fix for Exception in thread "main" javax.net.ssl.SSLHandshakeException: * sun.security.validator.ValidatorException: * PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: * unable to find valid certification path to requested target */ TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() { public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; } public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) { } public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) { } } }; SSLContext sc = SSLContext.getInstance("SSL"); sc.init(null, trustAllCerts, new java.security.SecureRandom()); HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory()); // Create all-trusting host name verifier HostnameVerifier allHostsValid = new HostnameVerifier() { @Override public boolean verify(String arg0, SSLSession arg1) { return true; // andrew had this as false...dont know how that would work... } }; // Install the all-trusting host verifier HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid); /* * end of the fix */ //Hard coded to pick up a single assertion...could loop through assertion headers if there will be more than one String assertionHttpHeaderName = request.getHeader("Shib-Assertion-01"); LOG.info("Loading assertion from: " + assertionHttpHeaderName); if (assertionHttpHeaderName == null) { LOG.warn("Shib-Assertion-01 header was null, Returning null asssertion document element"); return null; } URL url = new URL(assertionHttpHeaderName); URLConnection con = url.openConnection(); InputStream is = con.getInputStream(); DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); dbf.setNamespaceAware(true); DocumentBuilder db = dbf.newDocumentBuilder(); Document assertionDoc = db.parse(is); return assertionDoc.getDocumentElement(); }
From source file:org.cloudcoder.builder2.server.WebappSocketFactory.java
private SSLSocketFactory createSocketFactory() throws IOException, GeneralSecurityException { String keyStoreType = "JKS"; String keystoreFilename = options.getKeystoreFilename(); InputStream keyStoreInputStream = this.getClass().getClassLoader().getResourceAsStream(keystoreFilename); if (keyStoreInputStream == null) { throw new IOException("Could not load keystore " + keystoreFilename); }// ww w . j av a 2 s . com KeyStore keyStore; String keystorePassword = options.getKeystorePassword(); try { keyStore = KeyStore.getInstance(keyStoreType); keyStore.load(keyStoreInputStream, keystorePassword.toCharArray()); } finally { IOUtils.closeQuietly(keyStoreInputStream); } TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("PKIX", "SunJSSE"); //trustManagerFactory.init(trustStore); // XXX Load the cert (public key) here instead of the private key? trustManagerFactory.init(keyStore); // TrustManager X509TrustManager x509TrustManager = null; for (TrustManager trustManager : trustManagerFactory.getTrustManagers()) { if (trustManager instanceof X509TrustManager) { x509TrustManager = (X509TrustManager) trustManager; break; } } if (x509TrustManager == null) { throw new IllegalArgumentException("Cannot find x509TrustManager"); } // KeyManager KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509", "SunJSSE"); keyManagerFactory.init(keyStore, keystorePassword.toCharArray()); X509KeyManager x509KeyManager = null; for (KeyManager keyManager : keyManagerFactory.getKeyManagers()) { if (keyManager instanceof X509KeyManager) { x509KeyManager = (X509KeyManager) keyManager; break; } } if (x509KeyManager == null) { throw new NullPointerException(); } SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(new KeyManager[] { x509KeyManager }, new TrustManager[] { x509TrustManager }, null); return sslContext.getSocketFactory(); }
From source file:org.apache.hadoop.io.crypto.bee.RestClient.java
private InputStream httpsIgnoreCertificate(final URL url) throws IOException { // Create a trust manager that does not validate certificate chains TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() { public X509Certificate[] getAcceptedIssuers() { return null; }//w w w. ja v a 2 s .co m public void checkClientTrusted(X509Certificate[] certs, String authType) { } public void checkServerTrusted(X509Certificate[] certs, String authType) { } } }; // Create all-trusting host name verifier HostnameVerifier allHostsValid = new HostnameVerifier() { @Override public boolean verify(String hostname, SSLSession session) { return true; } }; // Install the all-trusting host verifier HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid); try { SSLContext sc = SSLContext.getInstance("TLS"); sc.init(null, trustAllCerts, new SecureRandom()); HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory()); } catch (Exception e) { ; } HttpsURLConnection urlConnection = (HttpsURLConnection) url.openConnection(); return urlConnection.getInputStream(); }
From source file:mendhak.teamcity.stash.api.StashClient.java
private HttpURLConnection GetConnection(String targetURL) throws IOException, NoSuchAlgorithmException, KeyManagementException { URL url = new URL(targetURL); if (targetURL.startsWith("http://")) { return (HttpURLConnection) url.openConnection(); }// ww w .j a va 2 s . c o m //Create an all trusting SSL URL Connection //For in-house Stash servers with self-signed certs // Create a trust manager that does not validate certificate chains TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() { public X509Certificate[] getAcceptedIssuers() { return null; } public void checkClientTrusted(X509Certificate[] certs, String authType) { } public void checkServerTrusted(X509Certificate[] certs, String authType) { } } }; // Install the all-trusting trust manager SSLContext sc = SSLContext.getInstance("SSL"); sc.init(null, trustAllCerts, new java.security.SecureRandom()); HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory()); // Create all-trusting host name verifier HostnameVerifier allHostsValid = new HostnameVerifier() { public boolean verify(String hostname, SSLSession session) { return true; } }; // Install the all-trusting host verifier HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid); return (HttpsURLConnection) url.openConnection(); }
From source file:com.springsource.hq.plugin.tcserver.serverconfig.web.support.UntrustedSSLProtocolSocketFactory.java
public UntrustedSSLProtocolSocketFactory() { super();/*from ww w . j a v a 2s . c o m*/ try { BogusTrustManager trustMan; SSLContext tlsContext; trustMan = new BogusTrustManager(); tlsContext = SSLContext.getInstance("TLS"); tlsContext.init(null, new X509TrustManager[] { trustMan }, null); this.factory = tlsContext.getSocketFactory(); } catch (NoSuchAlgorithmException exc) { throw new IllegalStateException("Unable to get SSL context: " + exc.getMessage()); } catch (KeyManagementException exc) { throw new IllegalStateException( "Unable to initialize ctx " + "with BogusTrustManager: " + exc.getMessage()); } }
From source file:wsattacker.plugin.intelligentdos.requestSender.Http4RequestSenderImpl.java
private SSLSocketFactory get() { // Create a trust manager that does not validate certificate chains TrustManager[] trustAllCerts = new TrustManager[] { new TrustAllManager() }; // Install the all-trusting trust manager try {//www .ja va2s.c o m SSLContext sc = SSLContext.getInstance("TLS"); sc.init(null, trustAllCerts, new SecureRandom()); HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory()); return new SSLSocketFactory(sc, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); } catch (RuntimeException e) { ; } catch (Exception e) { ; } return null; }
From source file:it.serverSystem.HttpsTest.java
private void connectUntrusted() throws Exception { // Create a trust manager that does not validate certificate chains TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() { public X509Certificate[] getAcceptedIssuers() { return null; }//from w w w. ja va2 s.c om public void checkClientTrusted(X509Certificate[] certs, String authType) { } public void checkServerTrusted(X509Certificate[] certs, String authType) { } } }; // Install the all-trusting trust manager // SSLv3 is disabled since SQ 4.5.2 : https://jira.codehaus.org/browse/SONAR-5860 SSLContext sc = SSLContext.getInstance("TLS"); sc.init(null, trustAllCerts, new java.security.SecureRandom()); SSLSocketFactory untrustedSocketFactory = sc.getSocketFactory(); // Create all-trusting host name verifier HostnameVerifier allHostsValid = new HostnameVerifier() { public boolean verify(String hostname, SSLSession session) { return true; } }; URL url = new URL("https://localhost:" + httpsPort + "/sessions/login"); HttpsURLConnection connection = (HttpsURLConnection) url.openConnection(); connection.setRequestMethod("POST"); connection.setAllowUserInteraction(true); connection.setSSLSocketFactory(untrustedSocketFactory); connection.setHostnameVerifier(allHostsValid); InputStream input = connection.getInputStream(); checkCookieFlags(connection); try { String html = IOUtils.toString(input); assertThat(html).contains("<body"); } finally { IOUtils.closeQuietly(input); } }