List of usage examples for javax.net.ssl TrustManagerFactory getInstance
public static final TrustManagerFactory getInstance(String algorithm) throws NoSuchAlgorithmException
TrustManagerFactory object that acts as a factory for trust managers. From source file:io.specto.hoverfly.junit.HoverflyRuleUtils.java
static void setHoverflyTrustStore() throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException, KeyManagementException, URISyntaxException { // load your key store as a stream and initialize a KeyStore InputStream trustStream = findResourceOnClasspath("hoverfly.jks").toURL().openStream(); KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType()); // load the stream to your store trustStore.load(trustStream, "hoverfly".toCharArray()); // initialize a trust manager factory with the trusted store TrustManagerFactory trustFactory = TrustManagerFactory .getInstance(TrustManagerFactory.getDefaultAlgorithm()); trustFactory.init(trustStore);/*from ww w .ja v a 2 s . com*/ // get the trust managers from the factory TrustManager[] trustManagers = trustFactory.getTrustManagers(); // initialize an ssl context to use these managers and set as default SSLContext sslContext = SSLContext.getInstance("SSL"); sslContext.init(null, trustManagers, null); SSLContext.setDefault(sslContext); }
From source file:com.michael.openexercise.mc_network.volleydemo.ssl.EasySSLSocketFactory.java
private static SSLContext createEasySSLContext() throws IOException { try {// w ww . j a v a 2 s . c o m // Client should authenticate itself with the valid certificate to Server. InputStream clientStream = VolleySampleApplication.getContext().getResources() .openRawResource(R.raw.production_test_client); char[] password = "XXXXXXXXXXXXX".toCharArray(); KeyStore keyStore = KeyStore.getInstance("PKCS12"); keyStore.load(clientStream, password); KeyManagerFactory keyManagerFactory = KeyManagerFactory .getInstance(KeyManagerFactory.getDefaultAlgorithm()); keyManagerFactory.init(keyStore, password); // Client should also add the CA certificate obtained from server and create TrustManager from it for the client to validate the // identity of the server. KeyStore trustStore = KeyStore.getInstance("BKS"); InputStream instream = null; instream = VolleySampleApplication.getContext().getResources() .openRawResource(R.raw.production_test_ca); try { trustStore.load(instream, "XXXXXXXX".toCharArray()); } catch (Exception e) { e.printStackTrace(); } finally { try { instream.close(); } catch (Exception ignore) { } } String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm(); TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm); tmf.init(trustStore); // Create an SSLContext that uses our TrustManager & Keystore SSLContext context = SSLContext.getInstance("TLS"); context.init(keyManagerFactory.getKeyManagers(), tmf.getTrustManagers(), null); return context; } catch (Exception e) { e.printStackTrace(); throw new IOException(e.getMessage()); } }
From source file:com.longluo.volleydemo.ssl.EasySSLSocketFactory.java
private static SSLContext createEasySSLContext() throws IOException { try {/* w ww .ja va2 s .c o m*/ // Client should authenticate itself with the valid certificate to // Server. InputStream clientStream = VolleySampleApplication.getContext().getResources() .openRawResource(R.raw.production_test_client); char[] password = "XXXXXXXXXXXXX".toCharArray(); KeyStore keyStore = KeyStore.getInstance("PKCS12"); keyStore.load(clientStream, password); KeyManagerFactory keyManagerFactory = KeyManagerFactory .getInstance(KeyManagerFactory.getDefaultAlgorithm()); keyManagerFactory.init(keyStore, password); // Client should also add the CA certificate obtained from server // and create TrustManager from it for the client to validate the // identity of the server. KeyStore trustStore = KeyStore.getInstance("BKS"); InputStream instream = null; instream = VolleySampleApplication.getContext().getResources() .openRawResource(R.raw.production_test_ca); try { trustStore.load(instream, "XXXXXXXX".toCharArray()); } catch (Exception e) { e.printStackTrace(); } finally { try { instream.close(); } catch (Exception ignore) { } } String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm(); TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm); tmf.init(trustStore); // Create an SSLContext that uses our TrustManager & Keystore SSLContext context = SSLContext.getInstance("TLS"); context.init(keyManagerFactory.getKeyManagers(), tmf.getTrustManagers(), null); return context; } catch (Exception e) { e.printStackTrace(); throw new IOException(e.getMessage()); } }
From source file:jp.pigumer.mqtt.Client.java
Optional<TrustManager[]> initTrustManagers() {
return loadKeyStore().map(keyStore -> {
try {/* w w w. ja va2 s. c om*/
Security.addProvider(new BouncyCastleProvider());
TrustManagerFactory tmf = TrustManagerFactory
.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(keyStore);
return tmf.getTrustManagers();
} catch (Exception e) {
LOGGER.log(Level.SEVERE, "failed load", e);
return null;
}
});
}
From source file:inet.encode.SecureMonitor.java
private static void createHttpsServer() { try {/*from w ww .ja va 2s . c o m*/ server = HttpsServer.create(new InetSocketAddress(MONITOR_SERVER_PORT), 0); SSLContext sslContext = SSLContext.getInstance("TLS"); // initialise the keystore char[] password = Encoder.KEY_STORE_PASS_PHRASE.toCharArray(); KeyStore ks = KeyStore.getInstance("JKS"); FileInputStream fis = new FileInputStream(Encoder.KEY_STORE_PATH); ks.load(fis, password); // setup the key manager factory KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509"); kmf.init(ks, password); // setup the trust manager factory TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509"); tmf.init(ks); // setup the HTTPS context and parameters sslContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null); server.setHttpsConfigurator(new HttpsConfigurator(sslContext)); server.setExecutor(java.util.concurrent.Executors.newCachedThreadPool()); server.start(); } catch (Exception ex) { Logger.log(ex); } }
From source file:org.kuali.mobility.push.factory.iOSConnectionFactory.java
@Override public SSLSocket makeObject() throws Exception { SSLSocket socket = null;/*from w w w .j ava 2s . c o m*/ KeyStore keyStore = KeyStore.getInstance("PKCS12"); keyStore.load(certPath.getInputStream(), certPassword.toCharArray()); KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("sunx509"); keyManagerFactory.init(keyStore, certPassword.toCharArray()); TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("sunx509"); trustManagerFactory.init(keyStore); SSLContext sslCtx = SSLContext.getInstance("TLS"); sslCtx.init(keyManagerFactory.getKeyManagers(), null, null); SSLSocketFactory sslSocketFactory = sslCtx.getSocketFactory(); socket = (SSLSocket) sslSocketFactory.createSocket(host, port); socket.startHandshake(); return socket; }
From source file:com.vmware.identity.openidconnect.client.OIDCClientUtils.java
static HttpResponse sendSecureRequest(HttpRequest httpRequest, KeyStore keyStore) throws OIDCClientException, SSLConnectionException { Validate.notNull(httpRequest, "httpRequest"); Validate.notNull(keyStore, "keyStore"); TrustManagerFactory trustManagerFactory; SSLContext sslContext;//from ww w. ja v a2 s . co m try { trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); trustManagerFactory.init(keyStore); sslContext = SSLContext.getInstance("SSL"); sslContext.init(null, trustManagerFactory.getTrustManagers(), null); } catch (NoSuchAlgorithmException | KeyStoreException | KeyManagementException e) { throw new SSLConnectionException("Failed to build SSL Context: " + e.getMessage(), e); } return sendSecureRequest(httpRequest, sslContext); }
From source file:org.openhealthtools.openatna.net.ConnectionCertificateHandler.java
/** * Creates trustmanagers from a truststore. */// w ww. j a v a 2 s. c o m public static TrustManager[] createTrustManagers(final KeyStore keystore, SecureConnectionDescription scd) throws KeyStoreException, NoSuchAlgorithmException { if (keystore == null) { throw new IllegalArgumentException("Keystore may not be null"); } log.debug("Initializing trust manager"); TrustManagerFactory tmfactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); tmfactory.init(keystore); TrustManager[] trustmanagers = tmfactory.getTrustManagers(); for (int i = 0; i < trustmanagers.length; i++) { if (trustmanagers[i] instanceof X509TrustManager) { trustmanagers[i] = new LoggedX509TrustManager((X509TrustManager) trustmanagers[i], scd); } } return trustmanagers; }
From source file:org.kuali.mobility.push.factory.iOSFeedbackConnectionFactory.java
@Override public SSLSocket makeObject() throws Exception { KeyStore keyStore = KeyStore.getInstance("PKCS12"); keyStore.load(certPath.getInputStream(), certPassword.toCharArray()); KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("sunx509"); keyManagerFactory.init(keyStore, certPassword.toCharArray()); TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("sunx509"); trustManagerFactory.init(keyStore);/*from w w w . j a v a 2 s.c om*/ SSLContext sslCtx = SSLContext.getInstance("TLS"); sslCtx.init(keyManagerFactory.getKeyManagers(), null, null); SSLSocketFactory sslSocketFactory = sslCtx.getSocketFactory(); SSLSocket socket = (SSLSocket) sslSocketFactory.createSocket(host, port); socket.startHandshake(); return socket; }
From source file:org.apache.juddi.v3.client.cryptor.TransportSecurityHelper.java
public static boolean applyTransportSecurity(BindingProvider webServicePort) { try {//from www. j ava 2 s . c o m File currentdir = new File("."); String s = System.getProperty("javax.net.ssl.keyStore"); String st = System.getProperty("javax.net.ssl.trustStore"); log.info("Attempting to initialize keystore and truststore from " + s + " " + st); if (s == null) { log.warn("keystore isn't defined! " + s); return false; } else if (st == null) { log.warn("truststore isn't defined! " + s); return false; } else { File keystore = new File(s); if (keystore == null || !keystore.exists()) { log.warn("keystore doesn't exist! input was " + s + " working dir is " + currentdir.getAbsolutePath()); return false; } //File truststore =new File(System.getProperty("javax.net.ssl.trustStore")); String pwd = System.getProperty("javax.net.ssl.keyStorePassword"); if (pwd == null) { log.warn("keystore password isn't defined!"); return false; } File truststore = new File(st); if (truststore == null || !truststore.exists()) { log.warn("truststore doesn't exist! input was " + s + " working dir is " + currentdir.getAbsolutePath()); return false; } //File truststore =new File(System.getProperty("javax.net.ssl.trustStore")); String pwdt = System.getProperty("javax.net.ssl.trustStorePassword"); if (pwdt == null) { log.warn("truststore password isn't defined!"); return false; } if (keystore.exists()) { try { log.info("Using keystore from " + keystore.getAbsolutePath() + " current dir is " + currentdir.getAbsolutePath()); log.info("Using truststore from " + truststore.getAbsolutePath() + " current dir is " + currentdir.getAbsolutePath()); //log.info("Using truststure from " + truststore.getAbsolutePath() + " current dir is " + currentdir.getAbsolutePath()); SSLContext sc = SSLContext.getInstance("SSLv3"); KeyManagerFactory kmf = KeyManagerFactory .getInstance(KeyManagerFactory.getDefaultAlgorithm()); KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType()); ks.load(new FileInputStream(keystore), pwd.toCharArray()); kmf.init(ks, pwd.toCharArray()); String alg = TrustManagerFactory.getDefaultAlgorithm(); TrustManagerFactory tmFact = TrustManagerFactory.getInstance(alg); FileInputStream fis = new FileInputStream(st); KeyStore kst = KeyStore.getInstance("jks"); kst.load(fis, pwdt.toCharArray()); fis.close(); tmFact.init(kst); TrustManager[] tms = tmFact.getTrustManagers(); sc.init(kmf.getKeyManagers(), null, null); HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory()); ((BindingProvider) webServicePort).getRequestContext().put( "com.sun.xml.internal.ws.transport.https.client.SSLSocketFactory", sc.getSocketFactory()); ((BindingProvider) webServicePort).getRequestContext().put( "com.sun.xml.ws.transport.https.client.SSLSocketFactory", sc.getSocketFactory()); return true; } catch (Exception ex) { log.warn("unable to establish ssl settings", ex); } } } return false; } catch (Exception x) { log.error("unexpected error", x); } return false; }