List of usage examples for org.apache.http.conn.ssl SSLSocketFactory SSLSocketFactory
public SSLSocketFactory(final SSLContext sslContext)
From source file:org.datacleaner.util.SecurityUtils.java
/** * Removes the certificate checks of HTTPS traffic on a HTTP client. Use * with caution!/*from ww w .jav a 2 s . co m*/ * * @param httpClient * @throws IllegalStateException */ public static void removeSshCertificateChecks(HttpClient httpClient) throws IllegalStateException { try { // prepare a SSL context which doesn't validate certificates final SSLContext sslContext = SSLContext.getInstance("SSL"); final TrustManager trustManager = new NaiveTrustManager(); sslContext.init(null, new TrustManager[] { trustManager }, new SecureRandom()); final SSLSocketFactory schemeSocketFactory = new SSLSocketFactory(sslContext); final Scheme sslScheme = new Scheme("https", 443, schemeSocketFactory); // try again with a new registry final SchemeRegistry registry = httpClient.getConnectionManager().getSchemeRegistry(); registry.register(sslScheme); } catch (Exception e) { throw new IllegalStateException(e); } }
From source file:com.ibm.sbt.services.util.SSLUtil.java
public static DefaultHttpClient wrapHttpClient(DefaultHttpClient base) { try {// ww w . j av a 2 s . co m // Create and assign a dummy TrustManager SSLContext ctx = SSLContext.getInstance("TLS"); X509TrustManager tm = new X509TrustManager() { @Override public X509Certificate[] getAcceptedIssuers() { return null; } @Override public void checkClientTrusted(X509Certificate[] cert, String s) throws CertificateException { } @Override public void checkServerTrusted(X509Certificate[] cert, String s) throws CertificateException { } }; ctx.init(null, new TrustManager[] { tm }, null); SSLSocketFactory ssf = new SSLSocketFactory(ctx); // When Apache Client AllowAllHostnameVerifier is strict, this should be used // Stays here for reference X509HostnameVerifier verifier = new X509HostnameVerifier() { @Override public boolean verify(String s, SSLSession sslSession) { return true; } @Override public void verify(String s, SSLSocket sslSession) throws IOException { } @Override public void verify(String s, String[] ss1, String[] ss2) throws SSLException { } @Override public void verify(String s, X509Certificate cerst) throws SSLException { } }; ssf.setHostnameVerifier(verifier); ClientConnectionManager ccm = base.getConnectionManager(); SchemeRegistry sr = ccm.getSchemeRegistry(); sr.register(new Scheme("https", ssf, 443)); return new DefaultHttpClient(ccm, base.getParams()); } catch (Exception ex) { ex.printStackTrace(); return null; } }
From source file:gov.nist.appvet.tool.synchtest.util.SSLWrapper.java
@SuppressWarnings("deprecation") public static HttpClient wrapClient(HttpClient base) { SSLContext ctx = null;//from ww w.j a va 2 s. c o m X509TrustManager tm = null; SSLSocketFactory ssf = null; SchemeRegistry sr = null; try { ctx = SSLContext.getInstance("TLSv1.2"); tm = new X509TrustManager() { @Override public void checkClientTrusted(X509Certificate[] xcs, String string) throws CertificateException { } @Override public void checkServerTrusted(X509Certificate[] xcs, String string) throws CertificateException { } @Override public X509Certificate[] getAcceptedIssuers() { return null; } }; ctx.init(null, new TrustManager[] { tm }, null); ssf = new SSLSocketFactory(ctx); ssf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); final ClientConnectionManager ccm = base.getConnectionManager(); sr = ccm.getSchemeRegistry(); sr.register(new Scheme("https", 443, ssf)); return new DefaultHttpClient(ccm, base.getParams()); } catch (final Exception e) { return null; } finally { sr = null; ssf = null; tm = null; ctx = null; } }
From source file:org.anhonesteffort.flock.registration.HttpClientFactory.java
public DefaultHttpClient buildClient() throws RegistrationApiException { try {/*w w w .ja va 2 s . com*/ AssetManager assetManager = context.getAssets(); InputStream keyStoreInputStream = assetManager.open("flock.store"); KeyStore trustStore = KeyStore.getInstance("BKS"); trustStore.load(keyStoreInputStream, "owsflock".toCharArray()); SSLSocketFactory appSSLSocketFactory = new SSLSocketFactory(trustStore); DefaultHttpClient client = new DefaultHttpClient(); SchemeRegistry schemeRegistry = client.getConnectionManager().getSchemeRegistry(); Scheme httpsScheme = new Scheme("https", appSSLSocketFactory, 443); schemeRegistry.register(httpsScheme); return client; } catch (Exception e) { Log.e(getClass().getName(), "caught exception while constructing HttpClient client", e); throw new RegistrationApiException( "caught exception while constructing HttpClient client: " + e.toString()); } }
From source file:gov.nist.appvet.servlet.shared.SSLWrapper.java
@SuppressWarnings("deprecation") public synchronized static HttpClient wrapClient(HttpClient base) { SSLContext ctx = null;/*from ww w . jav a 2s .c om*/ X509TrustManager tm = null; SSLSocketFactory ssf = null; SchemeRegistry sr = null; try { ctx = SSLContext.getInstance("TLSv1.2"); tm = new X509TrustManager() { @Override public void checkClientTrusted(X509Certificate[] xcs, String string) throws CertificateException { } @Override public void checkServerTrusted(X509Certificate[] xcs, String string) throws CertificateException { } @Override public X509Certificate[] getAcceptedIssuers() { return null; } }; ctx.init(null, new TrustManager[] { tm }, null); ssf = new SSLSocketFactory(ctx); ssf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); final ClientConnectionManager ccm = base.getConnectionManager(); sr = ccm.getSchemeRegistry(); sr.register(new Scheme("https", 443, ssf)); return new DefaultHttpClient(ccm, base.getParams()); } catch (final Exception e) { log.error(e.getMessage().toString()); return null; } finally { sr = null; ssf = null; tm = null; ctx = null; } }
From source file:org.globus.crux.security.ClientTest.java
/** * Test client with invalid credentials. * //ww w . ja v a2s .c om * @throws Exception * This should happen. */ @Test public void testInvalid() throws Exception { SSLConfigurator config = getConfig("classpath:/invalidkeystore.properties"); SSLSocketFactory fac = new SSLSocketFactory(config.getSSLContext()); fac.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); DefaultHttpClient httpclient = new DefaultHttpClient(); Scheme scheme = new Scheme("https", fac, getPort()); httpclient.getConnectionManager().getSchemeRegistry().register(scheme); HttpGet httpget = new HttpGet("https://localhost/"); System.out.println("executing request" + httpget.getRequestLine()); try { httpclient.execute(httpget); fail(); } catch (SSLPeerUnverifiedException ex) { // this better happen } }
From source file:okhttp3.benchmarks.ApacheHttpClient.java
@Override public void prepare(Benchmark benchmark) { super.prepare(benchmark); ClientConnectionManager connectionManager = new PoolingClientConnectionManager(); if (benchmark.tls) { SslClient sslClient = SslClient.localhost(); connectionManager.getSchemeRegistry() .register(new Scheme("https", 443, new SSLSocketFactory(sslClient.sslContext))); }// w w w .j ava2 s . c o m client = new DefaultHttpClient(connectionManager); }
From source file:com.squareup.okhttp.benchmarks.ApacheHttpClient.java
@Override public void prepare(Benchmark benchmark) { super.prepare(benchmark); ClientConnectionManager connectionManager = new PoolingClientConnectionManager(); if (benchmark.tls) { SSLContext sslContext = SslContextBuilder.localhost(); connectionManager.getSchemeRegistry() .register(new Scheme("https", 443, new SSLSocketFactory(sslContext))); }/*from w w w . j a v a2 s .c om*/ client = new DefaultHttpClient(connectionManager); }
From source file:com.lonepulse.travisjr.net.ZombieConfig.java
@Override public HttpClient httpClient() { HttpClient client = super.httpClient(); try {/*ww w .ja va2s .com*/ KeyStore keyStore = KeyStore.getInstance("BKS"); InputStream is = TravisJr.Application.getContext().getResources().openRawResource(R.raw.travisjr); try { keyStore.load(is, null); } finally { is.close(); } SSLSocketFactory sslSocketFactory = new SSLSocketFactory(keyStore); sslSocketFactory.setHostnameVerifier(SSLSocketFactory.STRICT_HOSTNAME_VERIFIER); SchemeRegistry schemeRegistry = ((ThreadSafeClientConnManager) client.getConnectionManager()) .getSchemeRegistry(); schemeRegistry.register(new Scheme("https", sslSocketFactory, 443)); } catch (Exception e) { Log.e(getClass().getSimpleName(), "HttpClient configuration with a custom SSLSocketFactory failed.", e); } return client; }
From source file:com.wrmsr.neurosis.aws.client.WebClientDevWrapper.java
public static HttpClient wrapClient(HttpClient base) { try {// www .jav a 2 s . c om SSLContext ctx = SSLContext.getInstance("TLS"); X509TrustManager tm = new X509TrustManager() { public void checkClientTrusted(X509Certificate[] xcs, String string) throws CertificateException { } public void checkServerTrusted(X509Certificate[] xcs, String string) throws CertificateException { } public X509Certificate[] getAcceptedIssuers() { return null; } }; X509HostnameVerifier verifier = new X509HostnameVerifier() { @Override public void verify(String string, SSLSocket ssls) throws IOException { } @Override public void verify(String string, X509Certificate xc) throws SSLException { } @Override public void verify(String string, String[] strings, String[] strings1) throws SSLException { } @Override public boolean verify(String string, SSLSession ssls) { return true; } }; ctx.init(null, new TrustManager[] { tm }, null); SSLSocketFactory ssf = new SSLSocketFactory(ctx); ssf.setHostnameVerifier(verifier); ClientConnectionManager ccm = base.getConnectionManager(); SchemeRegistry sr = ccm.getSchemeRegistry(); sr.register(new Scheme("https", ssf, 443)); return new DefaultHttpClient(ccm, base.getParams()); } catch (Exception ex) { ex.printStackTrace(); return null; } }