List of usage examples for javax.net.ssl X509TrustManager X509TrustManager
X509TrustManager
From source file:org.apache.fineract.restwebservice.PlatformRestClient.java
/** * Skip SSL certificate verification/*from w w w . j av a 2s . c o m*/ */ private void skipSslCertificateVerification() { final TrustManager[] trustManager = new TrustManager[] { new X509TrustManager() { public X509Certificate[] getAcceptedIssuers() { return null; } public void checkClientTrusted(X509Certificate[] certs, String authType) { } public void checkServerTrusted(X509Certificate[] certs, String authType) { } } }; try { // get the SSL context object SSLContext sslContext = SSLContext.getInstance("SSL"); // initialize the SSL context sslContext.init(null, trustManager, new SecureRandom()); // Set the default SSLSocketFactory HttpsURLConnection.setDefaultSSLSocketFactory(sslContext.getSocketFactory()); // Create all-trusting host name verifier HostnameVerifier hostnameVerifier = new HostnameVerifier() { @Override public boolean verify(String hostname, SSLSession session) { return true; } }; // Install the all-trusting host verifier HttpsURLConnection.setDefaultHostnameVerifier(hostnameVerifier); } catch (Exception e) { } }
From source file:org.eclipse.lyo.oslc4j.bugzilla.utils.BugzillaHttpClient.java
private static SSLContext getTrustingSSLContext() { // Create a trust manager that does not validate certificate chains TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() { public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; }// w w w . jav a 2 s.c om public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) { } public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) { } } }; try { SSLContext sc = SSLContext.getInstance("SSL"); sc.init(null, trustAllCerts, new java.security.SecureRandom()); return sc; } catch (KeyManagementException e) { e.printStackTrace(); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } return null; }
From source file:com.intuit.tank.okhttpclient.TankOkHttpClient.java
/** * no-arg constructor for OkHttp client//w w w . j av a 2s .com */ public TankOkHttpClient() { try { final TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() { @Override public X509Certificate[] getAcceptedIssuers() { return null; } @Override public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { } @Override public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { } } }; // Setup SSL to accept all certs final SSLContext sslContext = SSLContext.getInstance("SSL"); sslContext.init(null, trustAllCerts, null); sslSocketFactory = sslContext.getSocketFactory(); // Setup Cookie manager cookieManager.setCookiePolicy(CookiePolicy.ACCEPT_ALL); CookieHandler.setDefault(cookieManager); okHttpClient.setCookieHandler(cookieManager); okHttpClient.setConnectTimeout(30000, TimeUnit.MILLISECONDS); okHttpClient.setReadTimeout(30000, TimeUnit.MILLISECONDS); // Socket-timeout okHttpClient.setFollowRedirects(true); okHttpClient.setFollowSslRedirects(true); okHttpClient.setSslSocketFactory(sslSocketFactory); okHttpClient.setHostnameVerifier(new HostnameVerifier() { @Override public boolean verify(String hostname, SSLSession session) { return true; } }); } catch (Exception e) { LOG.error("Error setting accept all: " + e, e); } }
From source file:com.jakarta.software.web.utils.EasySSLProtocolSocketFactory.java
public EasySSLProtocolSocketFactory(KeyStore truststore) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException { super(truststore); TrustManager tm = new X509TrustManager() { public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { }/*from w w w. ja v a 2 s . co m*/ public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { } public X509Certificate[] getAcceptedIssuers() { return null; } }; sslContext.init(null, new TrustManager[] { tm }, null); }
From source file:org.moca.net.ssl.SimpleSSLProtocolSocketFactory.java
private static SSLContext createEasySSLContext() { try {//from w w w .jav a2 s.c om SSLContext context = SSLContext.getInstance("TLS"); context.init(null, new TrustManager[] { new X509TrustManager() { public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; } public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) { } public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) { } } }, null); return context; } catch (Exception e) { //LOG.error(e.getMessage(), e); throw new HttpClientError(e.toString()); } }
From source file:io.personium.test.jersey.HttpClientFactory.java
/** * SSLSocket?./*from ww w . j a v a 2s . c o m*/ * @return ???SSLSocket */ private static SSLSocketFactory createInsecureSSLSocketFactory() { // CHECKSTYLE:OFF SSLContext sslContext = null; try { sslContext = SSLContext.getInstance("SSL"); } catch (NoSuchAlgorithmException e1) { throw new RuntimeException(e1); } try { sslContext.init(null, new TrustManager[] { new X509TrustManager() { public X509Certificate[] getAcceptedIssuers() { // System.out.println("getAcceptedIssuers ============="); X509Certificate[] ret = new X509Certificate[0]; return ret; } public void checkClientTrusted(final X509Certificate[] certs, final String authType) { // System.out.println("checkClientTrusted ============="); } public void checkServerTrusted(final X509Certificate[] certs, final String authType) { // System.out.println("checkServerTrusted ============="); } } }, new SecureRandom()); } catch (KeyManagementException e1) { throw new RuntimeException(e1); } // CHECKSTYLE:ON HostnameVerifier hostnameVerifier = org.apache.http.conn.ssl.SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER; SSLSocketFactory socketFactory = new SSLSocketFactory(sslContext, (X509HostnameVerifier) hostnameVerifier); // socketFactory.setHostnameVerifier((X509HostnameVerifier) // hostnameVerifier); return socketFactory; }
From source file:org.openhab.binding.ihc.ws.IhcConnectionPool.java
private void init() { // Create a local instance of cookie store cookieStore = new BasicCookieStore(); // Create local HTTP context localContext = HttpClientContext.create(); // Bind custom cookie store to the local context localContext.setCookieStore(cookieStore); httpClientBuilder = HttpClientBuilder.create(); // Setup a Trust Strategy that allows all certificates. logger.debug("Initialize SSL context"); // Create a trust manager that does not validate certificate chains, // but accept all. TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() { @Override/*from www .java2 s .co m*/ public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; } @Override public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) { } @Override public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) { logger.trace("Trusting server cert: " + certs[0].getIssuerDN()); } } }; // Install the all-trusting trust manager try { // Controller supports only SSLv3 and TLSv1 sslContext = SSLContext.getInstance("TLSv1"); sslContext.init(null, trustAllCerts, new java.security.SecureRandom()); } catch (NoSuchAlgorithmException e) { logger.warn("Exception", e); } catch (KeyManagementException e) { logger.warn("Exception", e); } httpClientBuilder.setSslcontext(sslContext); // Controller accepts only HTTPS connections and because normally IP // address are used on home network rather than DNS names, create custom // host name verifier. HostnameVerifier hostnameVerifier = new HostnameVerifier() { @Override public boolean verify(String arg0, SSLSession arg1) { logger.trace("HostnameVerifier: arg0 = " + arg0); logger.trace("HostnameVerifier: arg1 = " + arg1); return true; } }; // Create an SSL Socket Factory, to use our weakened "trust strategy" SSLConnectionSocketFactory sslSocketFactory = new SSLConnectionSocketFactory(sslContext, new String[] { "TLSv1" }, null, hostnameVerifier); Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create() .register("https", sslSocketFactory).build(); // Create connection-manager using our Registry. Allows multi-threaded // use PoolingHttpClientConnectionManager connMngr = new PoolingHttpClientConnectionManager(socketFactoryRegistry); // Increase max connection counts connMngr.setMaxTotal(20); connMngr.setDefaultMaxPerRoute(6); httpClientBuilder.setConnectionManager(connMngr); }
From source file:com.fujitsu.dc.test.jersey.HttpClientFactory.java
/** * SSLSocket?./*from ww w .j a v a2s. c om*/ * @return ???SSLSocket */ private static SSLSocketFactory createInsecureSSLSocketFactory() { // CHECKSTYLE:OFF SSLContext sslContext = null; try { sslContext = SSLContext.getInstance("SSL"); } catch (NoSuchAlgorithmException e1) { throw new RuntimeException(e1); } try { sslContext.init(null, new TrustManager[] { new X509TrustManager() { public X509Certificate[] getAcceptedIssuers() { // System.out.println("getAcceptedIssuers ============="); X509Certificate[] ret = new X509Certificate[0]; return ret; } public final void checkClientTrusted(final X509Certificate[] certs, final String authType) { // System.out.println("checkClientTrusted ============="); } public final void checkServerTrusted(final X509Certificate[] certs, final String authType) { // System.out.println("checkServerTrusted ============="); } } }, new SecureRandom()); } catch (KeyManagementException e1) { throw new RuntimeException(e1); } // CHECKSTYLE:ON HostnameVerifier hostnameVerifier = org.apache.http.conn.ssl.SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER; SSLSocketFactory socketFactory = new SSLSocketFactory(sslContext, (X509HostnameVerifier) hostnameVerifier); // socketFactory.setHostnameVerifier((X509HostnameVerifier) // hostnameVerifier); return socketFactory; }
From source file:org.ojbc.web.portal.services.SamlServiceImpl.java
Element retrieveAssertionFromShibboleth(HttpServletRequest request) throws Exception { // Note: pulled this straight from Andrew's demo JSP that displays the assertion and http request... /*// w w w . ja va 2s .c o m * fix for Exception in thread "main" javax.net.ssl.SSLHandshakeException: * sun.security.validator.ValidatorException: * PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: * unable to find valid certification path to requested target */ TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() { public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; } public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) { } public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) { } } }; SSLContext sc = SSLContext.getInstance("SSL"); sc.init(null, trustAllCerts, new java.security.SecureRandom()); HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory()); // Create all-trusting host name verifier HostnameVerifier allHostsValid = new HostnameVerifier() { @Override public boolean verify(String arg0, SSLSession arg1) { return true; // andrew had this as false...dont know how that would work... } }; // Install the all-trusting host verifier HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid); /* * end of the fix */ //Hard coded to pick up a single assertion...could loop through assertion headers if there will be more than one String assertionHttpHeaderName = request.getHeader("Shib-Assertion-01"); LOG.info("Loading assertion from: " + assertionHttpHeaderName); if (assertionHttpHeaderName == null) { LOG.warn("Shib-Assertion-01 header was null, Returning null asssertion document element"); return null; } URL url = new URL(assertionHttpHeaderName); URLConnection con = url.openConnection(); InputStream is = con.getInputStream(); DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); dbf.setNamespaceAware(true); DocumentBuilder db = dbf.newDocumentBuilder(); Document assertionDoc = db.parse(is); return assertionDoc.getDocumentElement(); }
From source file:com.app.mvc.http.ext.EasySSLProtocolSocketFactory.java
private static SSLContext createEasySSLContext() { try {/*www. ja v a2 s .c om*/ SSLContext context = SSLContext.getInstance("SSL"); context.init(null, new TrustManager[] { new X509TrustManager() { @Override public void checkClientTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException { } @Override public void checkServerTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException { } @Override public X509Certificate[] getAcceptedIssuers() { return null; } } }, null); return context; } catch (Exception e) { log.error(e.getMessage(), e); throw new HttpClientError(e.toString()); } }