List of usage examples for javax.net.ssl X509TrustManager X509TrustManager
X509TrustManager
From source file:com.rastating.droidbeard.net.TlsSocketFactory.java
@Override public Socket createSocket(Socket plainSocket, String host, int port, boolean autoClose) throws IOException, UnknownHostException { // Create and connect SSL socket, but don't do hostname/certificate verification yet SSLCertificateSocketFactory sslSocketFactory = (SSLCertificateSocketFactory) SSLCertificateSocketFactory .getDefault(0);// w ww . ja v a2 s. c o m // Setup custom trust manager if we are trusting all certificates if (mTrustAllCertificates) { TrustManager tm = new X509TrustManager() { public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { } public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { } public X509Certificate[] getAcceptedIssuers() { return null; } }; sslSocketFactory.setTrustManagers(new TrustManager[] { tm }); } SSLSocket ssl = (SSLSocket) sslSocketFactory.createSocket(InetAddress.getByName(host), port); // Enable TLSv1.1/1.2 if available // (see https://github.com/rfc2822/davdroid/issues/229) ssl.setEnabledProtocols(ssl.getSupportedProtocols()); SSLSession session = ssl.getSession(); // Verify hostname and certificate if we aren't trusting all certificates if (!mTrustAllCertificates) { if (!hostnameVerifier.verify(host, session)) throw new SSLPeerUnverifiedException("Cannot verify hostname: " + host); } Log.i("droidbeard", "Established " + session.getProtocol() + " connection with " + session.getPeerHost() + " using " + session.getCipherSuite()); return ssl; }
From source file:org.wso2.carbon.apimgt.gateway.handlers.security.thrift.ThriftAuthClient.java
public ThriftAuthClient(String serverIP, String remoteServerPort, String webContextRoot) throws AuthenticationException { try {// ww w . j a v a 2 s. c o m TrustManager easyTrustManager = new X509TrustManager() { public void checkClientTrusted(java.security.cert.X509Certificate[] x509Certificates, String s) { } public void checkServerTrusted(java.security.cert.X509Certificate[] x509Certificates, String s) { } public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; } }; //skip host name verification SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(null, new TrustManager[] { easyTrustManager }, null); SSLSocketFactory sf = new SSLSocketFactory(sslContext); sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); //REGISTERS SCHEMES FOR BOTH HTTP AND HTTPS SchemeRegistry registry = new SchemeRegistry(); registry.register(new Scheme("https", sf, Integer.parseInt(remoteServerPort))); PoolingClientConnectionManager manager = new PoolingClientConnectionManager(registry); HttpClient httpClient = new DefaultHttpClient(manager); //If the webContextRoot is null or / if (webContextRoot == null || "/".equals(webContextRoot)) { //Assign it an empty value since it is part of the thriftServiceURL. webContextRoot = ""; } String thriftServiceURL = "https://" + serverIP + ':' + remoteServerPort + webContextRoot + '/' + "thriftAuthenticator"; client = new THttpClient(thriftServiceURL, httpClient); } catch (TTransportException e) { throw new AuthenticationException("Error in creating thrift authentication client..", e); } catch (Exception e) { throw new AuthenticationException("Error in creating thrift authentication client..", e); } }
From source file:com.alvexcore.share.ShareExtensionRegistry.java
@Override public void afterPropertiesSet() throws Exception { // disable SSL certs validation // Create a trust manager that does not validate certificate chains TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() { @Override/*from ww w . jav a 2s . c o m*/ public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; } @Override public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) { } @Override public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) { } } }; SSLContext sc = SSLContext.getInstance("SSL"); sc.init(null, trustAllCerts, new java.security.SecureRandom()); HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory()); }
From source file:srl.distributed.client.InsecureSSLSocketFactory.java
public InsecureSSLSocketFactory(KeyStore truststore) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException { super(truststore); TrustManager tm = new X509TrustManager() { public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { }//from www. jav a2 s . c o m public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { } public X509Certificate[] getAcceptedIssuers() { return null; } }; sslContext.init(null, new TrustManager[] { tm }, null); }
From source file:com.produban.cloudfoundry.bosh.bosh_javaclient.BoshClientImpl.java
/** * This method sets up {@link HttpsURLConnection} so that no certificate or * hostname check is performed./* w w w .j a va 2 s .c o m*/ */ private void disableSSLChecks() { try { TrustManager trustAllCertificates = new X509TrustManager() { @Override public X509Certificate[] getAcceptedIssuers() { return null; } @Override public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { // I do nothing because the way to say "OK" is not to throw // a CertificateException } @Override public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { // I do nothing because the way to say "OK" is not to throw // a CertificateException } }; TrustManager[] trustAllCertificatesArray = { trustAllCertificates }; SSLContext sslContext = SSLContext.getInstance("SSL"); sslContext.init(null, trustAllCertificatesArray, new java.security.SecureRandom()); HostnameVerifier allHostsValid = new HostnameVerifier() { @Override public boolean verify(String hostname, SSLSession session) { return true; // I always say 'OK' } }; HttpsURLConnection.setDefaultSSLSocketFactory(sslContext.getSocketFactory()); HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid); } catch (NoSuchAlgorithmException | KeyManagementException e) { throw new IllegalStateException("Something strange happened here", e); } }
From source file:com.lugia.timetable.SSLHttpClient.java
private static X509TrustManager createX509TrustManager() { return new X509TrustManager() { public void checkClientTrusted(X509Certificate[] xcs, String string) throws CertificateException { }//from ww w . j a va 2 s .c om public void checkServerTrusted(X509Certificate[] xcs, String string) throws CertificateException { } public X509Certificate[] getAcceptedIssuers() { return null; } }; }
From source file:org.rhq.plugins.www.util.WWWUtils.java
private static void disableCertificateVerification(HttpsURLConnection connection) { TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() { public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[] {}; }//w ww .ja v a 2s .c om public void checkClientTrusted(X509Certificate[] certs, String authType) { return; } public void checkServerTrusted(X509Certificate[] certs, String authType) { return; } } }; try { SSLContext sslContext = SSLContext.getInstance("SSL"); sslContext.init(null, trustAllCerts, new java.security.SecureRandom()); connection.setSSLSocketFactory(sslContext.getSocketFactory()); connection.setHostnameVerifier(new HostnameVerifier() { @Override public boolean verify(String hostname, SSLSession sslSession) { return true; } }); } catch (Exception e) { Log log = LogFactory.getLog(WWWUtils.class); log.warn("Failed to disable certificate validation.", e); } }
From source file:com.vmware.photon.controller.model.adapters.vsphere.ovf.OvfRetriever.java
private static SSLContext newNaiveSslContext() { try {//from ww w .j av a 2 s. c o m SSLContext ctx = SSLContext.getInstance("TLS"); ctx.init(new KeyManager[] {}, new TrustManager[] { new X509TrustManager() { @Override public void checkClientTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException { } @Override public void checkServerTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException { } @Override public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[0]; } } }, new SecureRandom()); return ctx; } catch (NoSuchAlgorithmException | KeyManagementException e) { throw new RuntimeException(e); } }
From source file:co.cask.cdap.gateway.router.NettyRouterHttpsTest.java
@Override protected DefaultHttpClient getHTTPClient() throws Exception { SSLContext sslContext = SSLContext.getInstance("SSL"); // set up a TrustManager that trusts everything sslContext.init(null, new TrustManager[] { new X509TrustManager() { @Override/*from w w w . ja v a2 s. c om*/ public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; } @Override public void checkClientTrusted(java.security.cert.X509Certificate[] x509Certificates, String s) throws CertificateException { // } @Override public void checkServerTrusted(java.security.cert.X509Certificate[] x509Certificates, String s) throws CertificateException { // } } }, new SecureRandom()); SSLSocketFactory sf = new SSLSocketFactory(sslContext); Scheme httpsScheme = new Scheme("https", 10101, sf); SchemeRegistry schemeRegistry = new SchemeRegistry(); schemeRegistry.register(httpsScheme); // apache HttpClient version >4.2 should use BasicClientConnectionManager ClientConnectionManager cm = new BasicClientConnectionManager(schemeRegistry); return new DefaultHttpClient(cm); }
From source file:io.personium.core.utils.HttpClientFactory.java
/** * SSLSocket?.// w ww. ja va 2s . c o m * @return ???SSLSocket */ private static SSLSocketFactory createInsecureSSLSocketFactory() { // CHECKSTYLE:OFF SSLContext sslContext = null; try { sslContext = SSLContext.getInstance("SSL"); } catch (NoSuchAlgorithmException e1) { throw new RuntimeException(e1); } try { sslContext.init(null, new TrustManager[] { new X509TrustManager() { public X509Certificate[] getAcceptedIssuers() { // System.out.println("getAcceptedIssuers ============="); X509Certificate[] ret = new X509Certificate[0]; return ret; } public void checkClientTrusted(final X509Certificate[] certs, final String authType) { // System.out.println("checkClientTrusted ============="); } public void checkServerTrusted(final X509Certificate[] certs, final String authType) { // System.out.println("checkServerTrusted ============="); } } }, new SecureRandom()); } catch (KeyManagementException e1) { throw new RuntimeException(e1); } // CHECKSTYLE:ON HostnameVerifier hostnameVerifier = SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER; SSLSocketFactory socketFactory = new SSLSocketFactory(sslContext, (X509HostnameVerifier) hostnameVerifier); // socketFactory.setHostnameVerifier((X509HostnameVerifier) // hostnameVerifier); return socketFactory; }