List of usage examples for org.apache.http.conn.ssl SSLSocketFactory SSLSocketFactory
public SSLSocketFactory(final javax.net.ssl.SSLSocketFactory socketfactory, final X509HostnameVerifier hostnameVerifier)
From source file:com.swisscom.refimpl.boundary.MIB2Client.java
@PostConstruct public void init() { try {/* ww w. j a v a 2 s .c o m*/ TrustSelfSignedStrategy trustStat = new TrustSelfSignedStrategy(); X509HostnameVerifier allHostsVerifier = new AllowAllHostnameVerifier(); // ProtocolSocketFactory socketFactory = // new EasySSLProtocolSocketFactory( ); // Protocol https = new Protocol( "https", socketFactory, 443); // Protocol.registerProtocol( "https", https ); SSLSocketFactory socketFactory; socketFactory = new SSLSocketFactory(trustStat, allHostsVerifier); Scheme sch = new Scheme("https", 443, socketFactory); httpClient.getConnectionManager().getSchemeRegistry().register(sch); } catch (Exception e) { new RuntimeException(e.getMessage()); } }
From source file:org.getcomposer.core.packagist.Downloader.java
private void registerSSLContext(HttpClient client) { try {//from www . j av a 2 s. c o m X509TrustManager tm = new ComposerTrustManager(); SSLContext ctx = SSLContext.getInstance("TLS"); ctx.init(null, new TrustManager[] { tm }, null); SSLSocketFactory ssf = new SSLSocketFactory(ctx, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); ClientConnectionManager ccm = client.getConnectionManager(); SchemeRegistry sr = ccm.getSchemeRegistry(); sr.register(new Scheme("https", 443, ssf)); } catch (Exception e) { // TODO: handle exception } }
From source file:org.eclipse.lyo.testsuite.server.trsutils.EasySSLClient.java
private SSLSocketFactory getEasySSLSocketFactory() throws KeyManagementException, UnrecoverableKeyException, NoSuchAlgorithmException, KeyStoreException { TrustStrategy trustStrategy = new TrustStrategy() { @Override/* ww w .ja va 2 s . c o m*/ public boolean isTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException { return true; // Accept Self-Signed Certs } }; SSLSocketFactory sslSocketFactory = null; //Bypass check for hostname verification sslSocketFactory = new SSLSocketFactory(trustStrategy, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); return sslSocketFactory; }
From source file:org.opencastproject.kernel.http.impl.HttpClientImpl.java
/** * Creates a new client that can deal with all kinds of oddities with regards to http/https connections. * /*w w w . j av a2 s. co m*/ * @return the client */ private DefaultHttpClient makeHttpClient() { DefaultHttpClient defaultHttpClient = new DefaultHttpClient(); try { logger.debug("Installing forgiving hostname verifier and trust managers"); X509TrustManager trustManager = createTrustManager(); X509HostnameVerifier hostNameVerifier = createHostNameVerifier(); SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(null, new TrustManager[] { trustManager }, new SecureRandom()); SSLSocketFactory ssf = new SSLSocketFactory(sslContext, hostNameVerifier); ClientConnectionManager ccm = defaultHttpClient.getConnectionManager(); SchemeRegistry sr = ccm.getSchemeRegistry(); sr.register(new Scheme("https", 443, ssf)); } catch (NoSuchAlgorithmException e) { logger.error("Error creating context to handle TLS connections: {}", e.getMessage()); } catch (KeyManagementException e) { logger.error("Error creating context to handle TLS connections: {}", e.getMessage()); } return defaultHttpClient; }
From source file:org.xdi.oxd.license.client.LicenseClientTest.java
public static HttpClient createHttpClientTrustAll() throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException { // System.setProperty("javax.net.debug", "SSL,handshake,trustmanager"); // SSLSocketFactory sf = new SSLSocketFactory(new TrustStrategy() { // @Override // public boolean isTrusted(X509Certificate[] chain, String authType) throws CertificateException { // return true; // } // }, new AllowAllHostnameVerifier()); SSLSocketFactory sf = new SSLSocketFactory(new TrustStrategy() { @Override//w w w. ja va 2 s . c o m public boolean isTrusted(X509Certificate[] chain, String authType) throws CertificateException { return true; } }, new X509HostnameVerifier() { @Override public void verify(String host, SSLSocket ssl) throws IOException { } @Override public void verify(String host, X509Certificate cert) throws SSLException { } @Override public void verify(String host, String[] cns, String[] subjectAlts) throws SSLException { } @Override public boolean verify(String s, SSLSession sslSession) { return true; } }); SchemeRegistry registry = new SchemeRegistry(); registry.register(new Scheme("http", 80, PlainSocketFactory.getSocketFactory())); registry.register(new Scheme("https", 443, sf)); ClientConnectionManager ccm = new PoolingClientConnectionManager(registry); return new DefaultHttpClient(ccm); }
From source file:cn.geowind.takeout.verify.CcopHttpClient.java
/** * SSL/*from ww w . j a va2s .c o m*/ * * @param hostname * ??IP?? * @param protocol * ????TLS-?? * @param port * ?? * @param scheme * ???? * @return HttpClient * @throws NoSuchAlgorithmException * @throws KeyManagementException */ public DefaultHttpClient registerSSL(String hostname, String protocol, int port, String scheme) throws NoSuchAlgorithmException, KeyManagementException { // HttpClient DefaultHttpClient httpclient = new DefaultHttpClient(); // SSL SSLContext ctx = SSLContext.getInstance(protocol); // ??? X509TrustManager tm = new X509TrustManager() { /** * CA?? */ public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[0]; } /** * ??? * * @param chain * ? * @param authType * ???authTypeRSA */ public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { if (chain == null || chain.length == 0) throw new IllegalArgumentException("null or zero-length certificate chain"); if (authType == null || authType.length() == 0) throw new IllegalArgumentException("null or zero-length authentication type"); boolean br = false; Principal principal = null; for (X509Certificate x509Certificate : chain) { principal = x509Certificate.getSubjectX500Principal(); if (principal != null) { br = true; return; } } if (!br) { throw new CertificateException("????"); } } /** * ?? */ public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { } }; // ?SSL ctx.init(null, new TrustManager[] { tm }, new java.security.SecureRandom()); // SSL SSLSocketFactory socketFactory = new SSLSocketFactory(ctx, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); Scheme sch = new Scheme(scheme, port, socketFactory); // SSL httpclient.getConnectionManager().getSchemeRegistry().register(sch); return httpclient; }
From source file:com.seajas.search.contender.http.ExclusiveConnectionManager.java
/** * Create a scheme registry which either trusts all certificates, or uses the HttpClient default. * * @param trustAllCertificates/*w ww.j av a 2 s . com*/ * @return SchemeRegistry * @throws NoSuchAlgorithmException * @throws KeyManagementException * @throws KeyStoreException * @throws UnrecoverableKeyException */ private static SchemeRegistry createSchemeRegistry(final Boolean trustAllCertificates) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException { if (trustAllCertificates) { SchemeRegistry registry = new SchemeRegistry(); if (logger.isInfoEnabled()) logger.info("Trusting all certificates"); X509HostnameVerifier hostnameVerifier = new X509HostnameVerifier() { @Override public void verify(String host, SSLSocket ssl) throws IOException { // Do nothing } @Override public void verify(String host, X509Certificate cert) throws SSLException { //Do nothing } @Override public void verify(String host, String[] cns, String[] subjectAlts) throws SSLException { //Do nothing } @Override public boolean verify(String s, SSLSession sslSession) { return true; } }; registry.register(new Scheme("http", 80, PlainSocketFactory.getSocketFactory())); registry.register(new Scheme("https", 443, new SSLSocketFactory(new TrustStrategy() { @Override public boolean isTrusted(final X509Certificate[] chain, final String authType) throws CertificateException { return true; } }, hostnameVerifier)/* { @Override public Socket connectSocket(final Socket socket, final InetSocketAddress remoteAddress, final InetSocketAddress localAddress, final HttpParams param) throws IOException, UnknownHostException, ConnectTimeoutException { if (socket instanceof SSLSocket) { try { if (logger.isDebugEnabled()) { String currentHost = null; logger.debug("This JVM seems to potentially not support SNI - trying to fix"); try { currentHost = (String) FieldUtils.getFieldValue(socket, "host"); } catch (IllegalAccessException e) { logger.debug("Unable to access field 'host' from the underlaying SSLSocket"); } logger.debug("Overriding default socket hostname of " + (currentHost != null ? currentHost : "(null)") + " with " + remoteAddress.getHostName()); } PropertyUtils.setProperty(socket, "host", remoteAddress.getHostName()); } catch (NoSuchMethodException e) { if (logger.isDebugEnabled()) logger.debug(e); } catch (IllegalAccessException e) { if (logger.isDebugEnabled()) logger.debug(e); } catch (InvocationTargetException e) { if (logger.isDebugEnabled()) logger.debug(e); } } else { if (logger.isDebugEnabled()) logger.debug("This is not the JVM we're looking for - should support SNI"); } return super.connectSocket(socket, remoteAddress, localAddress, param); } } */)); return registry; } else return SchemeRegistryFactory.createDefault(); }
From source file:org.xdi.net.SslDefaultHttpClient.java
private SSLSocketFactory newSslSocketFactory() { try {/*from www .j a v a2 s. c o m*/ TrustManager[] trustManagers = this.trustManagers; if (useTrustManager) { trustManagers = getTrustManagers(); } KeyManager[] keyManagers = null; if (useKeyManager) { keyManagers = getKeyManagers(); } SSLContext ctx = SSLContext.getInstance("TLS"); ctx.init(keyManagers, trustManagers, new SecureRandom()); // Pass the keystore to the SSLSocketFactory SSLSocketFactory sf = new SSLSocketFactory(ctx, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); return sf; } catch (Exception ex) { throw new IllegalArgumentException("Failed to load keystore", ex); } }
From source file:es.tsb.ltba.nomhad.httpclient.NomhadHttpClient.java
/** * Authentication//from ww w . j a v a2 s. c om * * @param base * the client to be configured * @return the authentication-enabled client */ private static DefaultHttpClient wrapClient(HttpClient base) { try { SSLContext ctx = SSLContext.getInstance("TLS"); X509TrustManager tm = new X509TrustManager() { public void checkClientTrusted(X509Certificate[] xcs, String string) throws CertificateException { } public void checkServerTrusted(X509Certificate[] xcs, String string) throws CertificateException { } public X509Certificate[] getAcceptedIssuers() { return null; } }; ctx.init(null, new TrustManager[] { tm }, null); SSLSocketFactory ssf = new SSLSocketFactory(ctx, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); ClientConnectionManager ccm = base.getConnectionManager(); SchemeRegistry sr = ccm.getSchemeRegistry(); sr.register(new Scheme("https", 443, ssf)); return new DefaultHttpClient(ccm, base.getParams()); } catch (Exception ex) { ex.printStackTrace(); return null; } }
From source file:com.tmount.business.cloopen.util.CcopHttpClient.java
/** * SSL//from ww w . j ava 2s.c o m * @param hostname ??IP?? * @param protocol ????TLS-?? * @param port ?? * @param scheme ???? * @return HttpClient * @throws NoSuchAlgorithmException * @throws KeyManagementException */ public DefaultHttpClient registerSSL(String hostname, String protocol, int port, String scheme) throws NoSuchAlgorithmException, KeyManagementException { //HttpClient DefaultHttpClient httpclient = new DefaultHttpClient(); //SSL SSLContext ctx = SSLContext.getInstance(protocol); //??? X509TrustManager tm = new X509TrustManager() { /** * ?? */ @Override public void checkClientTrusted(X509Certificate[] chain, String authType) throws java.security.cert.CertificateException { //? ? } /** * ??? * @param chain ? * @param authType ???authTypeRSA */ @Override public void checkServerTrusted(X509Certificate[] chain, String authType) throws java.security.cert.CertificateException { if (chain == null || chain.length == 0) throw new IllegalArgumentException("null or zero-length certificate chain"); if (authType == null || authType.length() == 0) throw new IllegalArgumentException("null or zero-length authentication type"); boolean br = false; Principal principal = null; for (X509Certificate x509Certificate : chain) { principal = x509Certificate.getSubjectX500Principal(); if (principal != null) { br = true; return; } } if (!br) { throw new CertificateException("????"); } } /** * CA?? */ @Override public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[0]; } }; //?SSL ctx.init(null, new TrustManager[] { tm }, new java.security.SecureRandom()); //SSL SSLSocketFactory socketFactory = new SSLSocketFactory(ctx, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); Scheme sch = new Scheme(scheme, port, socketFactory); //SSL httpclient.getConnectionManager().getSchemeRegistry().register(sch); return httpclient; }