Example usage for javax.net.ssl X509TrustManager X509TrustManager

List of usage examples for javax.net.ssl X509TrustManager X509TrustManager

Introduction

In this page you can find the example usage for javax.net.ssl X509TrustManager X509TrustManager.

Prototype

X509TrustManager

Source Link

Usage

From source file:org.vsearchd.crawler.backend.BackendSessionHTTPS.java

protected TrustManager[] getTrustManager() {
    TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
        public java.security.cert.X509Certificate[] getAcceptedIssuers() {
            return null;
        }/*from w  w  w.  ja v  a  2 s .  c  om*/

        @SuppressWarnings("unused")
        public boolean isServerTrusted(java.security.cert.X509Certificate[] certs) {
            return true;
        }

        @SuppressWarnings("unused")
        public boolean isClientTrusted(java.security.cert.X509Certificate[] certs) {
            return true;
        }

        public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) {
        }

        public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) {
        }
    } };
    return trustAllCerts;
}

From source file:com.betaplay.sdk.http.HttpClient.java

/**
 * solving problems with ssl/* w  w w.j a v  a  2  s  .c  o m*/
 * 
 * @param client
 * @return
 */
private DefaultHttpClient sslClient(org.apache.http.client.HttpClient client) {
    try {
        X509TrustManager tm = new X509TrustManager() {
            public void checkClientTrusted(X509Certificate[] xcs, String string) throws CertificateException {
            }

            public void checkServerTrusted(X509Certificate[] xcs, String string) throws CertificateException {
            }

            public X509Certificate[] getAcceptedIssuers() {
                return null;
            }
        };
        SSLContext ctx = SSLContext.getInstance("TLS");
        ctx.init(null, new TrustManager[] { tm }, null);
        SSLSocketFactory ssf = new CustomSSLSocketFactory(ctx);
        ssf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
        ClientConnectionManager ccm = client.getConnectionManager();
        SchemeRegistry sr = ccm.getSchemeRegistry();
        sr.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
        sr.register(new Scheme("https", ssf, 443));
        return new DefaultHttpClient(ccm, client.getParams());
    } catch (Exception ex) {
        return null;
    }
}

From source file:se.simonsoft.cms.testing.svn.SvnTestSetup.java

/**
 * @return Mocked TrustManager that ignores cert's.
 */// w  ww.ja v a 2  s  .c  o  m

private TrustManager getIgnoringTrustManager() {
    return new X509TrustManager() {
        public X509Certificate[] getAcceptedIssuers() {
            return null;
        }

        public void checkClientTrusted(X509Certificate[] certs, String authType) {
        }

        public void checkServerTrusted(X509Certificate[] certs, String authType) {
        }
    };
}

From source file:edu.indiana.d2i.registryext.RegistryExtAgent.java

private boolean disableSSL() {
    // Create empty HostnameVerifier
    HostnameVerifier hv = new HostnameVerifier() {
        public boolean verify(String urlHostName, SSLSession session) {
            return true;
        }/* w w w.j a v  a 2s .  c  o  m*/
    };

    // Create a trust manager that does not validate certificate chains
    TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
        public java.security.cert.X509Certificate[] getAcceptedIssuers() {
            return null;
        }

        public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) {
        }

        public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) {
        }
    } };

    // install all-trust manager
    try {
        SSLContext sc = SSLContext.getInstance("SSL");
        sc.init(null, trustAllCerts, new java.security.SecureRandom());
        SSLSocketFactory sslSocketFactory = sc.getSocketFactory();
        HttpsURLConnection.setDefaultSSLSocketFactory(sslSocketFactory);
        HttpsURLConnection.setDefaultHostnameVerifier(hv);
        return true;
    } catch (NoSuchAlgorithmException e) {
        logger.error(e.getMessage(), e);
        return false;
    } catch (KeyManagementException e) {
        logger.error(e.getMessage(), e);
        return false;
    }
}

From source file:org.apache.syncope.core.provisioning.java.ConnIdBundleManagerImpl.java

private void initRemote(final URI location) {
    // 1. Extract conf params for remote connection from given URI
    String host = location.getHost();
    int port = location.getPort();
    GuardedString key = new GuardedString(location.getUserInfo().toCharArray());
    boolean useSSL = location.getScheme().equals("connids");

    List<TrustManager> trustManagers = new ArrayList<>();
    String[] params = StringUtils.isBlank(location.getQuery()) ? null : location.getQuery().split("&");
    if (params != null && params.length > 0) {
        final String[] trustAllCerts = params[0].split("=");
        if (trustAllCerts != null && trustAllCerts.length > 1
                && "trustAllCerts".equalsIgnoreCase(trustAllCerts[0])
                && "true".equalsIgnoreCase(trustAllCerts[1])) {

            trustManagers.add(new X509TrustManager() {

                @Override//from  w  w  w .ja  v a  2  s.  co  m
                public void checkClientTrusted(final X509Certificate[] chain, final String authType)
                        throws CertificateException {
                    // no checks, trust all
                }

                @Override
                public void checkServerTrusted(final X509Certificate[] chain, final String authType)
                        throws CertificateException {
                    // no checks, trust all
                }

                @Override
                public X509Certificate[] getAcceptedIssuers() {
                    return null;
                }
            });
        }
    }

    LOG.debug(
            "Configuring remote connector server:" + "\n\tHost: {}" + "\n\tPort: {}" + "\n\tKey: {}"
                    + "\n\tUseSSL: {}" + "\n\tTrustAllCerts: {}",
            host, port, key, useSSL, !trustManagers.isEmpty());

    RemoteFrameworkConnectionInfo info = new RemoteFrameworkConnectionInfo(host, port, key, useSSL,
            trustManagers, 60 * 1000);
    LOG.debug("Remote connection info: {}", info);

    // 2. Get connector info manager
    ConnectorInfoManager manager = ConnectorInfoManagerFactory.getInstance().getRemoteManager(info);
    if (manager == null) {
        throw new NotFoundException("Remote ConnectorInfoManager");
    }

    connInfoManagers.put(location, manager);
}

From source file:test.TestFinal.java

public static JerseyClient getJerseyClient(boolean isSSL) {
    ClientBuilder clientBuilder = JerseyClientBuilder.newBuilder().register(MultiPartFeature.class);

    // Create a secure JerseyClient
    if (isSSL) {/*  www  .  j av a  2  s  .  c  om*/
        try {
            HostnameVerifier verifier = new HostnameVerifier() {
                public boolean verify(String hostname, SSLSession session) {
                    return true;
                }
            };

            TrustManager[] tm = new TrustManager[] { new X509TrustManager() {

                public X509Certificate[] getAcceptedIssuers() {
                    return null;
                }

                public void checkServerTrusted(X509Certificate[] chain, String authType)
                        throws CertificateException {
                }

                public void checkClientTrusted(X509Certificate[] chain, String authType)
                        throws CertificateException {
                }
            } };

            SSLContext sslContext = sslContext = SSLContext.getInstance("SSL");

            sslContext.init(null, tm, new SecureRandom());

            clientBuilder.sslContext(sslContext).hostnameVerifier(verifier);
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
        } catch (KeyManagementException e) {
            e.printStackTrace();
        }
    }

    return (JerseyClient) clientBuilder.build().register(JacksonJsonProvider.class);
}

From source file:com.diversityarrays.dalclient.DalUtil.java

/**
 * Create an SSLContext which will trust all certificates (i.e. it does not validate
 * any certificate chains)./* w  ww . j a v a2 s .com*/
 * @return an SSLContext
 */
static public SSLContext createTrustingSSLContext() {
    // Create a trust manager that does not validate certificate chains
    final TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
        @Override
        public void checkClientTrusted(final X509Certificate[] chain, final String authType) {
        }

        @Override
        public void checkServerTrusted(final X509Certificate[] chain, final String authType) {
        }

        @Override
        public X509Certificate[] getAcceptedIssuers() {
            return null;
        }
    } };

    try {
        final SSLContext sslContext = SSLContext.getInstance("SSL"); //$NON-NLS-1$

        // Install the all-trusting trust manager
        sslContext.init(null, trustAllCerts, new java.security.SecureRandom());

        return sslContext;
    } catch (NoSuchAlgorithmException e) {
        throw new RuntimeException(e);
    } catch (KeyManagementException e) {
        throw new RuntimeException(e);
    }
}

From source file:org.wso2.carbon.identity.application.authentication.endpoint.util.TenantMgtAdminServiceClient.java

/**
 * Create basic SSL connection factory//  ww w . j a  v  a2 s  . com
 *
 * @throws AuthenticationException
 */
public static void initMutualSSLConnection(boolean hostNameVerificationEnabled) throws AuthenticationException {

    try {
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(keyManagerType);
        keyManagerFactory.init(keyStore, keyStorePassword);
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(trustManagerType);
        trustManagerFactory.init(trustStore);

        // Create and initialize SSLContext for HTTPS communication
        SSLContext sslContext = SSLContext.getInstance(protocol);

        if (hostNameVerificationEnabled) {
            sslContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);
            sslSocketFactory = sslContext.getSocketFactory();

            if (log.isDebugEnabled()) {
                log.debug("Mutual SSL Client initialized with Hostname Verification enabled");
            }
        } else {
            // All the code below is to overcome host name verification failure we get in certificate
            // validation due to self signed certificate.

            // Create empty HostnameVerifier
            HostnameVerifier hv = new HostnameVerifier() {
                @Override
                public boolean verify(String urlHostName, SSLSession session) {
                    return true;
                }
            };

            // Create a trust manager that does not validate certificate chains
            TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
                @Override
                public java.security.cert.X509Certificate[] getAcceptedIssuers() {
                    return new java.security.cert.X509Certificate[0];
                }

                @Override
                public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) {
                    /*
                         skipped implementation
                    */
                }

                @Override
                public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) {
                    /*
                         skipped implementation
                     */
                }
            } };

            sslContext.init(keyManagerFactory.getKeyManagers(), trustAllCerts,
                    new java.security.SecureRandom());

            if (log.isDebugEnabled()) {
                log.debug("SSL Context is initialized with trust manager for excluding certificate validation");
            }
            SSLContext.setDefault(sslContext);
            sslSocketFactory = sslContext.getSocketFactory();
            HttpsURLConnection.setDefaultHostnameVerifier(hv);

            if (log.isDebugEnabled()) {
                log.debug("Mutual SSL Client initialized with Hostname Verification disabled");
            }
        }
    } catch (UnrecoverableKeyException | NoSuchAlgorithmException | KeyStoreException
            | KeyManagementException e) {
        throw new AuthenticationException("Error while trying to load Trust Store.", e);
    }
}

From source file:com.athena.peacock.controller.common.component.RHEVMRestTemplate.java

/**
 * <pre>/*w w  w.ja v a 2s .com*/
 *  ? ??   HTTPS   HandShake Exception ? ??  Exception? ? ?
 * RHEV Manager(host) ? SSL ??  ?   ? ?? ?.
 * </pre>
 * @throws Exception
 */
public void init() throws Exception {
    // http://javaresolutions.blogspot.kr/2014/07/javaxnetsslsslprotocolexception.html
    // -Djsse.enableSNIExtension=false
    // System.setProperty("jsse.enableSNIExtension", "false");

    System.setProperty("jsse.enableSNIExtension", "false");

    // Create a hostname verifier that does not validate hostname
    HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
        @Override
        public boolean verify(String hostname, SSLSession session) {
            /*
            if (hostname.equals(host)) {
            return true;
            }
                    
            return false;
            */
            return true;
        }
    });

    // Create a trust manager that does not validate certificate chains
    // Refer to https://code.google.com/p/misc-utils/wiki/JavaHttpsUrl
    TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
        @Override
        public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
            // nothing to do.
        }

        @Override
        public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
            // nothing to do.
        }

        @Override
        public X509Certificate[] getAcceptedIssuers() {
            return null;
        }
    } };

    try {
        // Install the all-trusting trust manager
        SSLContext sslContext = SSLContext.getInstance("SSL");
        sslContext.init(null, trustAllCerts, new java.security.SecureRandom());

        HttpsURLConnection.setDefaultSSLSocketFactory(sslContext.getSocketFactory());
    } catch (KeyManagementException e) {
        logger.error("KeyManagementException has occurred.", e);
    } catch (NoSuchAlgorithmException e) {
        logger.error("NoSuchAlgorithmException has occurred.", e);
    }
}

From source file:com.googlesource.gerrit.plugins.its.rtc.network.RTCClient.java

private void setSSLTrustStrategy(boolean sslVerify) throws IOException {
    try {//from w  w w  .j  a va  2 s.c  o  m
        TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
            @Override
            public X509Certificate[] getAcceptedIssuers() {
                return new X509Certificate[0];
            }

            @Override
            public void checkClientTrusted(X509Certificate[] certs, String authType) {
            }

            @Override
            public void checkServerTrusted(X509Certificate[] certs, String authType) {
            }
        } };
        SSLContext sc;

        if (sslVerify) {
            sc = SSLContext.getDefault();
        } else {
            sc = SSLContext.getInstance("SSL");
            sc.init(null, trustAllCerts, new SecureRandom());
        }

        SSLSocketFactory sf = new SSLSocketFactory(sc);
        sf.setHostnameVerifier(new AllowAllHostnameVerifier());
        SchemeRegistry schemeRegistry = httpclient.getConnectionManager().getSchemeRegistry();
        schemeRegistry.register(new Scheme("https", sf, 443));
    } catch (Exception any) {
        throw new IOException(any);
    }
}