List of usage examples for javax.net.ssl SSLContext init
public final void init(KeyManager[] km, TrustManager[] tm, SecureRandom random) throws KeyManagementException
From source file:org.forgerock.openig.http.HttpClient.java
/** * Returns a new SSL socket factory that does not perform hostname verification. * * @param keyManagerFactory/* w w w . ja va 2s .c om*/ * Provides Keys/Certificates in case of SSL/TLS connections * @param trustManagerFactory * Provides TrustManagers in case of SSL/TLS connections * @throws GeneralSecurityException * if the SSL algorithm is unsupported or if an error occurs during SSL configuration */ private static SSLSocketFactory newSSLSocketFactory(final KeyManagerFactory keyManagerFactory, final TrustManagerFactory trustManagerFactory) throws GeneralSecurityException { SSLContext context = SSLContext.getInstance("TLS"); context.init((keyManagerFactory == null) ? null : keyManagerFactory.getKeyManagers(), (trustManagerFactory == null) ? null : trustManagerFactory.getTrustManagers(), null); SSLSocketFactory factory = new SSLSocketFactory(context); factory.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); return factory; }
From source file:io.apiman.gateway.platforms.servlet.connectors.ssl.SSLSessionStrategyFactory.java
/** * <strong><em>Do not use in production</em></strong> * <p>/* w ww .j av a2 s . co m*/ * Returns an SSLSessionStrategy that trusts any Certificate. * <p> * Naturally, this is vulnerable to a raft of MIITM and forgery attacks, so users should exercise extreme * caution and only use it for development purposes. * * @return the ssl strategy */ public static SSLSessionStrategy buildUnsafe() { System.err.println("ATTENTION: SSLSessionStrategy will trust *any* certificate." //$NON-NLS-1$ + " This is extremely unsafe for production. Caveat utilitor!"); //$NON-NLS-1$ try { SSLContext sslContext = SSLContext.getInstance("TLS"); //$NON-NLS-1$ // This accepts anything. sslContext.init(null, new X509TrustManager[] { new X509TrustManager() { @Override public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { } @Override public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { } @Override public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[0]; } } }, new SecureRandom()); return new SSLSessionStrategy(ALLOW_ANY, sslContext.getSocketFactory()); } catch (Exception e) { throw new RuntimeException(e); } }
From source file:com.sckftr.android.utils.net.Network.java
private static SSLSocketFactory getAllHostsValidSocketFactory() throws NoSuchAlgorithmException, KeyManagementException { if (sAllHostsValidSocketFactory == null) { TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() { public X509Certificate[] getAcceptedIssuers() { return null; }//from w w w . jav a 2s. c om public void checkClientTrusted(X509Certificate[] certs, String authType) { } public void checkServerTrusted(X509Certificate[] certs, String authType) { } } }; SSLContext sc = SSLContext.getInstance("TLS"); sc.init(null, trustAllCerts, new java.security.SecureRandom()); sAllHostsValidSocketFactory = sc.getSocketFactory(); } return sAllHostsValidSocketFactory; }
From source file:io.kodokojo.brick.gitlab.GitlabConfigurer.java
public static OkHttpClient provideDefaultOkHttpClient() { OkHttpClient httpClient = new OkHttpClient(); final TrustManager[] certs = new TrustManager[] { new X509TrustManager() { @Override//from www . ja v a 2 s. co m public X509Certificate[] getAcceptedIssuers() { return null; } @Override public void checkServerTrusted(final X509Certificate[] chain, final String authType) throws CertificateException { } @Override public void checkClientTrusted(final X509Certificate[] chain, final String authType) throws CertificateException { } } }; SSLContext ctx = null; try { ctx = SSLContext.getInstance("TLS"); ctx.init(null, certs, new SecureRandom()); } catch (final java.security.GeneralSecurityException ex) { // } httpClient.setHostnameVerifier(new HostnameVerifier() { @Override public boolean verify(String s, SSLSession sslSession) { return true; } }); httpClient.setSslSocketFactory(ctx.getSocketFactory()); CookieManager cookieManager = new CookieManager(new GitlabCookieStore(), CookiePolicy.ACCEPT_ALL); httpClient.setCookieHandler(cookieManager); httpClient.setReadTimeout(2, TimeUnit.MINUTES); httpClient.setConnectTimeout(1, TimeUnit.MINUTES); httpClient.setWriteTimeout(1, TimeUnit.MINUTES); return httpClient; }
From source file:com.sun.identity.proxy.client.ClientHandler.java
/** * Returns a new SSL socket factory that does not perform hostname * verification./*from ww w .j a v a2 s. c om*/ * * @return the new SSL socket factory. */ private static SSLSocketFactory newSSLSocketFactory() { SSLContext sslContext; try { sslContext = SSLContext.getInstance("TLS"); } catch (NoSuchAlgorithmException nsae) { throw new IllegalStateException(nsae); // TODO: handle this better? } try { sslContext.init(null, null, null); } catch (KeyManagementException kme) { throw new IllegalStateException(kme); // TODO: handle this better? } SSLSocketFactory sslSocketFactory = new SSLSocketFactory(sslContext); sslSocketFactory.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); return sslSocketFactory; }
From source file:es.uvigo.ei.sing.jarvest.core.HTTPUtils.java
private static SSLContext createEasySSLContext() { try {// w w w. j a va2 s.co m SSLContext context = SSLContext.getInstance("SSL"); context.init(null, new TrustManager[] { new EasyX509TrustManager(null) }, null); return context; } catch (Exception e) { throw new HttpClientError(e.toString()); } }
From source file:org.eclipse.lyo.testsuite.server.util.OSLCUtils.java
static public void setupLazySSLSupport(HttpClient httpClient) { ClientConnectionManager connManager = httpClient.getConnectionManager(); SchemeRegistry schemeRegistry = connManager.getSchemeRegistry(); schemeRegistry.unregister("https"); /** Create a trust manager that does not validate certificate chains */ TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() { public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) { /** Ignore Method Call */ }//from ww w . ja v a2 s .c o m public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) { /** Ignore Method Call */ } public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; } } }; SSLContext sc = null; try { sc = SSLContext.getInstance("SSL"); //$NON-NLS-1$ sc.init(null, trustAllCerts, new java.security.SecureRandom()); } catch (NoSuchAlgorithmException e) { /* Fail Silently */ } catch (KeyManagementException e) { /* Fail Silently */ } SSLSocketFactory sf = new SSLSocketFactory(sc); sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); Scheme https = new Scheme("https", sf, 443); schemeRegistry.register(https); }
From source file:org.forgerock.openig.handler.ClientHandler.java
/** * Returns a new SSL socket factory that does not perform hostname verification. */// ww w . j a v a 2 s . co m private static SSLSocketFactory newSSLSocketFactory() { SSLContext sslContext; try { sslContext = SSLContext.getInstance("TLS"); } catch (NoSuchAlgorithmException nsae) { throw new IllegalStateException(nsae); } try { sslContext.init(null, null, null); } catch (KeyManagementException kme) { throw new IllegalStateException(kme); } SSLSocketFactory sslSocketFactory = new SSLSocketFactory(sslContext); sslSocketFactory.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); return sslSocketFactory; }
From source file:com.ah.be.common.PresenceUtil.java
public static HttpClient getHttpClientInstance(int maxConnections) { try {// w w w. ja va 2 s . com SSLContext ctx = SSLContext.getInstance("TLS"); ctx.init(null, new TrustManager[] { new ClientTrustManager() }, null); SSLSocketFactory ssf = new SSLSocketFactory(ctx, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); SchemeRegistry schemeRegistry = new SchemeRegistry(); schemeRegistry.register(new Scheme("http", 80, PlainSocketFactory.getSocketFactory())); schemeRegistry.register(new Scheme("https", 443, ssf)); PoolingClientConnectionManager connMgr = new PoolingClientConnectionManager(schemeRegistry); connMgr.setMaxTotal(maxConnections); connMgr.setDefaultMaxPerRoute(maxConnections); HttpParams params = new BasicHttpParams(); HttpConnectionParams.setConnectionTimeout(params, SOCKET_TIMEOUT); HttpConnectionParams.setSoTimeout(params, SOCKET_TIMEOUT); HttpClient httpClient = new DefaultHttpClient(connMgr, params); return httpClient; } catch (Exception e) { log.error("getHttpClientInstance error.", e); return null; } }
From source file:org.tellervo.desktop.wsi.WebJaxbAccessor.java
public static void setSelfSignableHTTPSScheme(HttpClient client) { if (selfSignableHTTPSScheme == null) { try {/* w w w . j a v a2 s . c om*/ // make a new SSL context SSLContext sc = SSLContext.getInstance("SSL"); sc.init(null, trustAllCerts, new java.security.SecureRandom()); // make a new socket factory SSLSocketFactory socketFactory = new SSLSocketFactory(sc); // register the scheme with the connection selfSignableHTTPSScheme = new Scheme("https", socketFactory, 443); } catch (Exception e) { // don't do anything; we'll just get errors later. return; } } client.getConnectionManager().getSchemeRegistry().register(selfSignableHTTPSScheme); }