List of usage examples for javax.net.ssl TrustManagerFactory getInstance
public static final TrustManagerFactory getInstance(String algorithm) throws NoSuchAlgorithmException
TrustManagerFactory object that acts as a factory for trust managers. From source file:org.everit.osgi.authentication.cas.tests.SecureHttpClient.java
public SecureHttpClient(final String principal, final BundleContext bundleContext) throws Exception { this.principal = principal; httpClientContext = HttpClientContext.create(); httpClientContext.setCookieStore(new BasicCookieStore()); KeyStore trustStore = KeyStore.getInstance("jks"); trustStore.load(bundleContext.getBundle().getResource("/jetty-keystore").openStream(), "changeit".toCharArray()); TrustManagerFactory trustManagerFactory = TrustManagerFactory .getInstance(TrustManagerFactory.getDefaultAlgorithm()); trustManagerFactory.init(trustStore); TrustManager[] trustManagers = trustManagerFactory.getTrustManagers(); SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(null, trustManagers, new SecureRandom()); httpClient = HttpClientBuilder.create().setSslcontext(sslContext) .setRedirectStrategy(new DefaultRedirectStrategy()).build(); }
From source file:ch.admin.vbs.cube.core.webservice.CubeSSLSocketFactory.java
/** * Create a new SSL socket factory.//from ww w . java 2 s. c o m * * @param keyStoreBuilder * the key store builder * @param trustStore * the trust store * @param checkRevocation * <code>true</code> if certificate revocations should be * checked, else <code>false</code> * @throws WebServiceException * if the creation failed */ public static SSLSocketFactory newSSLSocketFactory(KeyStore.Builder keyStoreBuilder, KeyStore trustStore, boolean checkRevocation) throws WebServiceException { KeyManagerFactory keyManagerFactory; try { keyManagerFactory = KeyManagerFactory.getInstance("NewSunX509"); } catch (NoSuchAlgorithmException e) { String message = "Unable to create key manager factory"; LOG.error(message + ": " + e.getMessage()); throw new WebServiceException(message, e); } KeyStoreBuilderParameters keyStoreBuilderParameters = new KeyStoreBuilderParameters(keyStoreBuilder); try { keyManagerFactory.init(keyStoreBuilderParameters); } catch (InvalidAlgorithmParameterException e) { String message = "Unable to initialize key manager factory"; LOG.error(message + ": " + e.getMessage()); throw new WebServiceException(message, e); } TrustManagerFactory trustManagerFactory; try { trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); } catch (NoSuchAlgorithmException e) { String message = "Unable to create trust manager factory"; LOG.error(message + ": " + e.getMessage()); throw new WebServiceException(message, e); } PKIXBuilderParameters pkixBuilderParameters; try { pkixBuilderParameters = new PKIXBuilderParameters(trustStore, null); } catch (KeyStoreException e) { String message = "The trust store is not initialized"; LOG.error(message + ": " + e.getMessage()); throw new WebServiceException(message, e); } catch (InvalidAlgorithmParameterException e) { String message = "The trust store does not contain any trusted certificate"; LOG.error(message + ": " + e.getMessage()); throw new WebServiceException(message, e); } catch (NullPointerException e) { String message = "The trust store is null"; LOG.error(message + ": " + e.getMessage()); throw new WebServiceException(message, e); } pkixBuilderParameters.setRevocationEnabled(checkRevocation); CertPathTrustManagerParameters certPathTrustManagerParameters = new CertPathTrustManagerParameters( pkixBuilderParameters); try { trustManagerFactory.init(certPathTrustManagerParameters); } catch (InvalidAlgorithmParameterException e) { String message = "Unable to initialize trust manager factory"; LOG.error(message + ": " + e.getMessage()); throw new WebServiceException(message, e); } SSLContext sslContext; try { sslContext = SSLContext.getInstance("TLS"); } catch (NoSuchAlgorithmException e) { String message = "Unable to create SSL context"; LOG.error(message + ": " + e.getMessage()); throw new WebServiceException(message, e); } try { sslContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null); } catch (KeyManagementException e) { String message = "Unable to initialize SSL context"; LOG.error(message + ": " + e.getMessage()); throw new WebServiceException(message, e); } SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory(); return sslSocketFactory; }
From source file:org.gw2InfoViewer.factories.HttpsConnectionFactory.java
public static HttpClient getHttpsClient(byte[] sslCertificateBytes) { DefaultHttpClient httpClient;//from w w w .j a v a2 s. c om Certificate[] sslCertificate; httpClient = new DefaultHttpClient(); try { sslCertificate = convertByteArrayToCertificate(sslCertificateBytes); TrustManagerFactory tf = TrustManagerFactory.getInstance("X509"); KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType()); ks.load(null); for (int i = 0; i < sslCertificate.length; i++) { ks.setCertificateEntry("StartCom" + i, sslCertificate[i]); } tf.init(ks); TrustManager[] tm = tf.getTrustManagers(); SSLContext sslCon = SSLContext.getInstance("SSL"); sslCon.init(null, tm, new SecureRandom()); SSLSocketFactory socketFactory = new SSLSocketFactory(ks); Scheme sch = new Scheme("https", 443, socketFactory); httpClient.getConnectionManager().getSchemeRegistry().register(sch); } catch (CertificateException | NoSuchAlgorithmException | KeyStoreException | IOException | KeyManagementException | UnrecoverableKeyException ex) { Logger.getLogger(HttpsConnectionFactory.class.getName()).log(Level.SEVERE, null, ex); } return httpClient; }
From source file:com.mani.fileupload.http.EasySSLSocketFactory.java
private static SSLContext createEasySSLContext() throws IOException { try {/*from ww w . j a va 2 s . c om*/ // Client should send the valid key to Server InputStream clientStream = null; char[] password = null; clientStream = FileUploadApplication.getContext().getResources().openRawResource(R.raw.client); password = "fileupload".toCharArray(); KeyStore keyStore = KeyStore.getInstance("PKCS12"); keyStore.load(clientStream, password); KeyManagerFactory keyManagerFactory = KeyManagerFactory .getInstance(KeyManagerFactory.getDefaultAlgorithm()); keyManagerFactory.init(keyStore, password); // CA key obtained from server. KeyStore trustStore = KeyStore.getInstance("BKS"); InputStream instream = null; instream = FileUploadApplication.getContext().getResources().openRawResource(R.raw.ca); try { trustStore.load(instream, "casecret".toCharArray()); } catch (Exception e) { e.printStackTrace(); } finally { try { instream.close(); } catch (Exception ignore) { } } String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm(); TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm); tmf.init(trustStore); // Create an SSLContext that uses our TrustManager SSLContext context = SSLContext.getInstance("TLS"); context.init(keyManagerFactory.getKeyManagers(), tmf.getTrustManagers(), null); return context; } catch (Exception e) { e.printStackTrace(); throw new IOException(e.getMessage()); } }
From source file:ddf.security.common.util.CommonSSLFactory.java
/** * Creates a new SSLSocketFactory from a truststore and keystore. This is used during SSL * communication.//from ww w . ja v a 2s .co m * * @param trustStoreLoc * File path to the truststore. * @param trustStorePass * Password to the truststore. * @param keyStoreLoc * File path to the keystore. * @param keyStorePass * Password to the keystore. * @return new SSLSocketFactory instance containing the trust and key stores. * @throws IOException */ public static SSLSocketFactory createSocket(String trustStoreLoc, String trustStorePass, String keyStoreLoc, String keyStorePass) throws IOException { String methodName = "createSocket"; logger.debug("ENTERING: " + methodName); try { logger.debug("trustStoreLoc = " + trustStoreLoc); FileInputStream trustFIS = new FileInputStream(trustStoreLoc); logger.debug("keyStoreLoc = " + keyStoreLoc); FileInputStream keyFIS = new FileInputStream(keyStoreLoc); // truststore stuff KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType()); try { logger.debug("Loading trustStore"); trustStore.load(trustFIS, trustStorePass.toCharArray()); } catch (CertificateException e) { throw new IOException("Unable to load certificates from truststore. " + trustStoreLoc, e); } finally { IOUtils.closeQuietly(trustFIS); } TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); tmf.init(trustStore); logger.debug("trust manager factory initialized"); // keystore stuff KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); try { logger.debug("Loading keyStore"); keyStore.load(keyFIS, keyStorePass.toCharArray()); } catch (CertificateException e) { throw new IOException("Unable to load certificates from keystore. " + keyStoreLoc, e); } finally { IOUtils.closeQuietly(keyFIS); } KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); kmf.init(keyStore, keyStorePass.toCharArray()); logger.debug("key manager factory initialized"); // ssl context SSLContext sslCtx = SSLContext.getInstance("TLS"); sslCtx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null); sslCtx.getDefaultSSLParameters().setNeedClientAuth(true); sslCtx.getDefaultSSLParameters().setWantClientAuth(true); logger.debug(exiting + methodName); return sslCtx.getSocketFactory(); } catch (KeyManagementException e) { logger.debug(exiting + methodName); throw new IOException("Unable to initialize the SSL context.", e); } catch (NoSuchAlgorithmException e) { logger.debug(exiting + methodName); throw new IOException( "Problems creating SSL socket. Usually this is " + "referring to the certificate sent by the server not being trusted by the client.", e); } catch (UnrecoverableKeyException e) { logger.debug(exiting + methodName); throw new IOException("Unable to load keystore. " + keyStoreLoc, e); } catch (KeyStoreException e) { logger.debug(exiting + methodName); throw new IOException("Unable to read keystore. " + keyStoreLoc, e); } }
From source file:com.fatwire.dta.sscrawler.EasyX509TrustManager.java
/** * Constructor for EasyX509TrustManager. *///from ww w. ja v a 2 s. com public EasyX509TrustManager(final KeyStore keystore) throws NoSuchAlgorithmException, KeyStoreException { super(); final TrustManagerFactory factory = TrustManagerFactory .getInstance(TrustManagerFactory.getDefaultAlgorithm()); factory.init(keystore); final TrustManager[] trustmanagers = factory.getTrustManagers(); if (trustmanagers.length == 0) { throw new NoSuchAlgorithmException("no trust manager found"); } standardTrustManager = (X509TrustManager) trustmanagers[0]; }
From source file:org.devproof.portal.core.module.common.util.httpclient.ssl.EasyX509TrustManager.java
/** * Constructor for EasyX509TrustManager. *///from ww w.j a v a 2s .com public EasyX509TrustManager(KeyStore keystore) throws NoSuchAlgorithmException, KeyStoreException { super(); TrustManagerFactory factory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); factory.init(keystore); TrustManager[] trustmanagers = factory.getTrustManagers(); if (trustmanagers.length == 0) { throw new NoSuchAlgorithmException("no trust manager found"); } standardTrustManager = (X509TrustManager) trustmanagers[0]; }
From source file:org.jivesoftware.sparkimpl.updater.EasyX509TrustManager.java
public EasyX509TrustManager(KeyStore keystore) throws NoSuchAlgorithmException, KeyStoreException { super();/*from w ww . jav a 2s . co m*/ TrustManagerFactory factory = TrustManagerFactory.getInstance("SunX509"); factory.init(keystore); TrustManager[] trustmanagers = factory.getTrustManagers(); if (trustmanagers.length == 0) { throw new NoSuchAlgorithmException("SunX509 trust manager not supported"); } this.standardTrustManager = (X509TrustManager) trustmanagers[0]; }
From source file:com.silverpeas.util.security.SilverpeasX509TrustManager.java
public SilverpeasX509TrustManager(String trustStoreFile, char[] password) { InputStream fis = null;//from ww w . jav a 2 s.c om try { KeyStore trustore = KeyStore.getInstance(KeyStore.getDefaultType()); fis = new FileInputStream(trustStoreFile); trustore.load(fis, password); TrustManagerFactory tmf = TrustManagerFactory.getInstance("PKIX"); tmf.init(trustore); TrustManager tms[] = tmf.getTrustManagers(); for (TrustManager trustManager : tms) { if (trustManager instanceof X509TrustManager) { defaultTrustManager = (X509TrustManager) trustManager; return; } } } catch (IOException ioex) { logger.error("Couldn't load trustore " + trustStoreFile, ioex); } catch (GeneralSecurityException secEx) { logger.error("Couldn't create trustore " + trustStoreFile, secEx); } finally { IOUtils.closeQuietly(fis); } }
From source file:com.thoughtworks.go.security.AuthSSLX509TrustManagerFactory.java
private TrustManager[] setStoreOnTrustManagers(KeyStore keystore) throws KeyStoreException, NoSuchAlgorithmException { if (keystore == null) { throw new IllegalArgumentException("Keystore may not be null"); }//from w ww. ja v a 2 s . c o m LOG.trace("Initializing trust manager"); TrustManagerFactory tmfactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); tmfactory.init(keystore); return selfSignedX509WrappedTrustManagers(keystore, tmfactory); }