List of usage examples for org.apache.http.conn.ssl SSLSocketFactory ALLOW_ALL_HOSTNAME_VERIFIER
X509HostnameVerifier ALLOW_ALL_HOSTNAME_VERIFIER
To view the source code for org.apache.http.conn.ssl SSLSocketFactory ALLOW_ALL_HOSTNAME_VERIFIER.
Click Source Link
From source file:com.infinities.skyport.openstack.nova.os.SkyportNovaMethod.java
@Override protected @Nonnull HttpClient getClient() throws CloudException, InternalException { ProviderContext ctx = provider.getContext(); if (ctx == null) { throw new InternalException("No context was defined for this request"); }/*from w w w .j av a 2s . c o m*/ String endpoint = ctx.getCloud().getEndpoint(); if (endpoint == null) { throw new InternalException("No cloud endpoint was defined"); } boolean ssl = endpoint.startsWith("https"); HttpParams params = new BasicHttpParams(); HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1); // noinspection deprecation HttpProtocolParams.setContentCharset(params, HTTP.UTF_8); HttpProtocolParams.setUserAgent(params, ""); Properties p = ctx.getCustomProperties(); if (p != null) { String proxyHost = p.getProperty("proxyHost"); String proxyPort = p.getProperty("proxyPort"); if (proxyHost != null) { int port = 0; if (proxyPort != null && proxyPort.length() > 0) { port = Integer.parseInt(proxyPort); } params.setParameter(ConnRoutePNames.DEFAULT_PROXY, new HttpHost(proxyHost, port, ssl ? "https" : "http")); } } DefaultHttpClient client = new DefaultHttpClient(params); if (provider.isInsecure()) { try { client.getConnectionManager().getSchemeRegistry() .register(new Scheme("https", 443, new SSLSocketFactory(new TrustStrategy() { @Override public boolean isTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException { return true; } }, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER))); } catch (Throwable t) { t.printStackTrace(); } } return client; }
From source file:org.hyperledger.fabric_ca.sdk.HFCAClient.java
private void setUpSSL() throws InvalidArgumentException { if (cryptoPrimitives == null) { try {/*from w w w . ja va 2 s . c om*/ cryptoPrimitives = new CryptoPrimitives(); cryptoPrimitives.init(); } catch (Exception e) { throw new InvalidArgumentException(e); } } if (isSSL && null == registry) { if (!properties.containsKey("pemBytes") && !properties.containsKey("pemFile")) { logger.warn("SSL with no CA certficates in either pemBytes or pemFile"); } try { if (properties.containsKey("pemBytes")) { byte[] permbytes = (byte[]) properties.get("pemBytes"); try (BufferedInputStream bis = new BufferedInputStream(new ByteArrayInputStream(permbytes))) { cryptoPrimitives.addCACertificatesToTrustStore(bis); } } if (properties.containsKey("pemFile")) { String pemFile = properties.getProperty("pemFile"); if (pemFile != null) { String[] pems = pemFile.split("[ \t]*,[ \t]*"); for (String pem : pems) { if (null != pem && !pem.isEmpty()) { try { try (BufferedInputStream bis = new BufferedInputStream( new ByteArrayInputStream(Files.readAllBytes(Paths.get(pem))))) { cryptoPrimitives.addCACertificatesToTrustStore(bis); } } catch (IOException e) { throw new InvalidArgumentException( format("Unable to add CA certificate, can't open certificate file %s", new File(pem).getAbsolutePath())); } } } } } SSLContext sslContext = SSLContexts.custom() .loadTrustMaterial(cryptoPrimitives.getTrustStore(), null).build(); ConnectionSocketFactory sf; if (null != properties && "true".equals(properties.getProperty("allowAllHostNames"))) { AllHostsSSLSocketFactory msf = new AllHostsSSLSocketFactory(cryptoPrimitives.getTrustStore()); msf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); sf = msf; } else { sf = new SSLConnectionSocketFactory(sslContext); } registry = RegistryBuilder.<ConnectionSocketFactory>create().register("https", sf) .register("http", new PlainConnectionSocketFactory()).build(); } catch (Exception e) { logger.error(e); throw new InvalidArgumentException(e); } } }
From source file:com.gft.unity.android.AndroidIO.java
public void createHttpClients() throws NoSuchAlgorithmException, CertificateException, IOException, KeyStoreException, KeyManagementException, UnrecoverableKeyException { SSLSocketFactory socketFactory; SchemeRegistry registry = new SchemeRegistry(); LOG.LogDebug(Module.PLATFORM, "Certificate Validation Enabled = " + this.Validatecertificates()); if (this.Validatecertificates()) { HostnameVerifier hostnameVerifier = org.apache.http.conn.ssl.SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER; // Set verifier HttpsURLConnection.setDefaultHostnameVerifier(hostnameVerifier); /******************************** * USING DEFAULT ANDROID DEVICE SSLSocketFactory * the default factory was throwing errors verifying ssl certificates chains for some specific CA Authorities * (for example, Verisign root ceritificate G5 is not available on android devices <=2.3) * See more details on jira ticket [MOBPLAT-63] ******************************** SSLSocketFactory socketFactory = SSLSocketFactory .getSocketFactory();/*from ww w .jav a2 s . c om*/ socketFactory .setHostnameVerifier((X509HostnameVerifier) hostnameVerifier); */ /* /******************************** * USING VALIDATING SSLSocketFactory - Validating certificates per demand * See more details on jira ticket [MOBPLAT-63] ******************************** */ KeyStore trustStore; if (Build.VERSION.SDK_INT >= 14) { trustStore = KeyStore.getInstance("AndroidCAStore"); trustStore.load(null, null); } else { try { trustStore = KeyStore.getInstance(KeyStore.getDefaultType()); ; String filename = "/system/etc/security/cacerts.bks".replace('/', File.separatorChar); FileInputStream is = new FileInputStream(filename); trustStore.load(is, "changeit".toCharArray()); is.close(); } catch (Exception ex) { try { /* /******************************** * HTC 2.3.5 Access Keystore problem * See more details on jira ticket [MOBPLAT-91] ******************************** */ trustStore = KeyStore.getInstance(KeyStore.getDefaultType()); String filename = "/system/etc/security/cacerts.bks".replace('/', File.separatorChar); FileInputStream is = new FileInputStream(filename); trustStore.load(is, null); is.close(); } catch (Exception e) { trustStore = null; LOG.Log(Module.PLATFORM, "A problem has been detected while accessing the device keystore.", e); } } } socketFactory = ValidatingSSLSocketFactory.GetInstance(trustStore); socketFactory.setHostnameVerifier((X509HostnameVerifier) hostnameVerifier); LOG.LogDebug(Module.PLATFORM, "Using ValidatingSSLSocketFactory (custom socket Factory)"); } else { /* * ******************************* * USING CUSTOM SSLSocketFactory - accept all certificates * See more details on jira ticket [MOBPLAT-63] ******************************** */ KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType()); trustStore.load(null, null); socketFactory = new MySSLSocketFactory(trustStore); LOG.LogDebug(Module.PLATFORM, "Using MySSLSocketFactory (custom socket factory - accepting all certificates)"); } registry.register(new Scheme("https", socketFactory, 443)); registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80)); ThreadSafeClientConnManager mgr = new ThreadSafeClientConnManager(new DefaultHttpClient().getParams(), registry); httpSSLClient = new DefaultHttpClient(mgr, new DefaultHttpClient().getParams()); // [MOBPLAT-200] : allow gzip, deflate decompression modes httpSSLClient.addResponseInterceptor(new GzipHttpResponseInterceptor()); LOG.LogDebug(Module.PLATFORM, "httpSSLClient stored for next HTTPS access"); }
From source file:org.opendedup.sdfs.filestore.cloud.BatchAwsS3ChunkStore.java
@Override public boolean checkAccess(String username, String password, Properties props) throws Exception { BasicAWSCredentials _cred = new BasicAWSCredentials(username, password); if (props.containsKey("default-bucket-location")) { bucketLocation = RegionUtils.getRegion(props.getProperty("default-bucket-location")); }/*w w w. j av a 2 s . co m*/ ClientConfiguration clientConfig = new ClientConfiguration(); clientConfig.setMaxConnections(Main.dseIOThreads * 2); clientConfig.setConnectionTimeout(10000); clientConfig.setSocketTimeout(10000); String s3Target = null; if (props.containsKey("s3-target")) { s3Target = props.getProperty("s3-target"); } if (props.containsKey("proxy-host")) { clientConfig.setProxyHost(props.getProperty("proxy-host")); } if (props.containsKey("proxy-domain")) { clientConfig.setProxyDomain(props.getProperty("proxy-domain")); } if (props.containsKey("proxy-password")) { clientConfig.setProxyPassword(props.getProperty("proxy-password")); } if (props.containsKey("proxy-port")) { clientConfig.setProxyPort(Integer.parseInt(props.getProperty("proxy-port"))); } if (props.containsKey("proxy-username")) { clientConfig.setProxyUsername(props.getProperty("proxy-username")); } s3Service = new AmazonS3Client(_cred, clientConfig); if (s3Target != null) { TrustStrategy acceptingTrustStrategy = new TrustStrategy() { @Override public boolean isTrusted(X509Certificate[] certificate, String authType) { return true; } }; SSLSocketFactory sf = new SSLSocketFactory(acceptingTrustStrategy, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); clientConfig.getApacheHttpClientConfig().withSslSocketFactory(sf); s3Service.setEndpoint(s3Target); } s3Service.listBuckets(); return true; }
From source file:org.wso2.carbon.appmgt.impl.utils.AppManagerUtil.java
/** * Return a http client instance/*ww w .jav a 2 s . co m*/ * * @param port - server port * @param protocol - service endpoint protocol http/https * @return */ public static HttpClient getHttpClient(int port, String protocol) { SchemeRegistry registry = new SchemeRegistry(); SSLSocketFactory socketFactory = SSLSocketFactory.getSocketFactory(); String ignoreHostnameVerification = System.getProperty("org.wso2.ignoreHostnameVerification"); if (ignoreHostnameVerification != null && "true".equalsIgnoreCase(ignoreHostnameVerification)) { X509HostnameVerifier hostnameVerifier = SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER; socketFactory.setHostnameVerifier(hostnameVerifier); } if (AppMConstants.HTTPS_PROTOCOL.equalsIgnoreCase(protocol)) { if (port >= 0) { registry.register(new Scheme(AppMConstants.HTTPS_PROTOCOL, port, socketFactory)); } else { registry.register(new Scheme(AppMConstants.HTTPS_PROTOCOL, 443, socketFactory)); } } else if (AppMConstants.HTTP_PROTOCOL.equalsIgnoreCase(protocol)) { if (port >= 0) { registry.register( new Scheme(AppMConstants.HTTP_PROTOCOL, port, PlainSocketFactory.getSocketFactory())); } else { registry.register( new Scheme(AppMConstants.HTTP_PROTOCOL, 80, PlainSocketFactory.getSocketFactory())); } } HttpParams params = new BasicHttpParams(); ThreadSafeClientConnManager tcm = new ThreadSafeClientConnManager(registry); return new DefaultHttpClient(tcm, params); }
From source file:org.wso2.carbon.apimgt.impl.utils.APIUtil.java
/** * Return a http client instance// w w w . j ava 2 s . c om * * @param port - server port * @param protocol- service endpoint protocol http/https * @return */ public static HttpClient getHttpClient(int port, String protocol) { SchemeRegistry registry = new SchemeRegistry(); SSLSocketFactory socketFactory = SSLSocketFactory.getSocketFactory(); String ignoreHostnameVerification = System.getProperty("org.wso2.ignoreHostnameVerification"); if (ignoreHostnameVerification != null && "true".equalsIgnoreCase(ignoreHostnameVerification)) { X509HostnameVerifier hostnameVerifier = SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER; socketFactory.setHostnameVerifier(hostnameVerifier); } if (APIConstants.HTTPS_PROTOCOL.equals(protocol)) { if (port >= 0) { registry.register(new Scheme(APIConstants.HTTPS_PROTOCOL, port, socketFactory)); } else { registry.register(new Scheme(APIConstants.HTTPS_PROTOCOL, 443, socketFactory)); } } else if (APIConstants.HTTP_PROTOCOL.equals(protocol)) { if (port >= 0) { registry.register( new Scheme(APIConstants.HTTP_PROTOCOL, port, PlainSocketFactory.getSocketFactory())); } else { registry.register( new Scheme(APIConstants.HTTP_PROTOCOL, 80, PlainSocketFactory.getSocketFactory())); } } HttpParams params = new BasicHttpParams(); ThreadSafeClientConnManager tcm = new ThreadSafeClientConnManager(registry); return new DefaultHttpClient(tcm, params); }
From source file:org.bigmouth.nvwa.network.http.HttpClientHelper.java
@SuppressWarnings("deprecation") private static HttpClient getHttpClient(File keystore, char[] pwd, ClientConnectionManager ccm, int port, int timeout) throws Exception { SchemeRegistry sr = ccm.getSchemeRegistry(); KeyStore truststore = KeyStore.getInstance(KeyStore.getDefaultType()); truststore.load(new FileInputStream(keystore), pwd); SSLSocketFactory socketFactory = new SSLSocketFactory(truststore); socketFactory.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); sr.register(new Scheme("https", port, socketFactory)); HttpClient httpClient = new DefaultHttpClient(ccm); httpClient.getParams().setParameter(CoreConnectionPNames.SO_KEEPALIVE, true); httpClient.getParams().setParameter(CoreConnectionPNames.SO_TIMEOUT, timeout); httpClient.getParams().setParameter(CoreConnectionPNames.CONNECTION_TIMEOUT, timeout); return httpClient; }
From source file:org.bigmouth.nvwa.network.http.HttpClientHelper.java
private static HttpClient getHttpClient(SSLContext ctx, ClientConnectionManager ccm, int port, int timeout) { SchemeRegistry sr = ccm.getSchemeRegistry(); sr.register(//from w w w . j av a 2 s . c o m new Scheme("https", port, new SSLSocketFactory(ctx, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER))); HttpClient httpClient = new DefaultHttpClient(ccm); httpClient.getParams().setParameter(CoreConnectionPNames.SO_KEEPALIVE, true); httpClient.getParams().setParameter(CoreConnectionPNames.SO_TIMEOUT, timeout); httpClient.getParams().setParameter(CoreConnectionPNames.CONNECTION_TIMEOUT, timeout); return httpClient; }
From source file:org.cloudifysource.restclient.RestClient.java
/** * Returns a HTTP client configured to use SSL. * /*from w w w . j a v a 2s . c o m*/ * @param url * * @return HTTP client configured to use SSL * @throws org.cloudifysource.restclient.exceptions.RestClientException * Reporting different failures while creating the HTTP client */ private DefaultHttpClient getSSLHttpClient(final URL url) throws RestClientException { try { final KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType()); // TODO : support self-signed certs if configured by user upon "connect" trustStore.load(null, null); final SSLSocketFactory sf = new RestSSLSocketFactory(trustStore); sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); final HttpParams params = new BasicHttpParams(); HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1); HttpProtocolParams.setContentCharset(params, HTTP.UTF_8); final SchemeRegistry registry = new SchemeRegistry(); registry.register(new Scheme(HTTPS, sf, url.getPort())); final ClientConnectionManager ccm = new ThreadSafeClientConnManager(params, registry); return new DefaultHttpClient(ccm, params); } catch (final Exception e) { throw new RestClientException(FAILED_CREATING_CLIENT, "Failed creating http client", ExceptionUtils.getFullStackTrace(e)); } }