List of usage examples for javax.net.ssl SSLContext getInstance
public static SSLContext getInstance(String protocol) throws NoSuchAlgorithmException
From source file:com.esri.geoevent.test.performance.bds.BdsEventConsumer.java
private void trustAll() { TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() { @Override/* ww w .j a v a 2 s .c o m*/ public java.security.cert.X509Certificate[] getAcceptedIssuers() { return new X509Certificate[0]; } @Override public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) { } @Override public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) { } } }; try { SSLContext sc = SSLContext.getInstance("SSL"); sc.init(null, trustAllCerts, new java.security.SecureRandom()); HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory()); } catch (GeneralSecurityException e) { System.out.println("Oops"); } }
From source file:co.cask.cdap.gateway.router.NettyRouterHttpsTest.java
@Override protected SocketFactory getSocketFactory() throws Exception { SSLContext sc = SSLContext.getInstance("TLS"); sc.init(null, new TrustManager[] { new X509TrustManager() { @Override/*from w w w . ja v a 2 s . c om*/ public void checkClientTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException { } @Override public void checkServerTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException { } @Override public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[0]; } } }, new java.security.SecureRandom()); return sc.getSocketFactory(); }
From source file:dk.netarkivet.common.distribute.HTTPSRemoteFileRegistry.java
private HTTPSRemoteFileRegistry() { FileInputStream keyStoreInputStream = null; try {/* w w w .j av a 2 s . c o m*/ keyStoreInputStream = new FileInputStream(KEYSTORE_PATH); KeyStore store = KeyStore.getInstance(SUN_JCEKS_KEYSTORE_TYPE); store.load(keyStoreInputStream, KEYSTORE_PASSWORD.toCharArray()); KeyManagerFactory kmf = KeyManagerFactory.getInstance(SUN_X509_CERTIFICATE_ALGORITHM); kmf.init(store, KEY_PASSWORD.toCharArray()); TrustManagerFactory tmf = TrustManagerFactory.getInstance(SUN_X509_CERTIFICATE_ALGORITHM); tmf.init(store); sslContext = SSLContext.getInstance(SSL_PROTOCOL); sslContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), SecureRandom.getInstance(SHA1_PRNG_RANDOM_ALGORITHM)); } catch (GeneralSecurityException | IOException e) { throw new IOFailure("Unable to create secure environment for keystore '" + KEYSTORE_PATH + "'", e); } finally { IOUtils.closeQuietly(keyStoreInputStream); } }
From source file:io.apiman.manager.api.es.DefaultEsClientFactory.java
/** * @param httpConfig/*www . ja v a 2s . co m*/ */ @SuppressWarnings("nls") private void updateSslConfig(Builder httpConfig) { try { String clientKeystorePath = getConfig().get("client-keystore"); String clientKeystorePassword = getConfig().get("client-keystore.password"); String trustStorePath = getConfig().get("trust-store"); String trustStorePassword = getConfig().get("trust-store.password"); SSLContext sslContext = SSLContext.getInstance("TLS"); Info kPathInfo = new Info(clientKeystorePath, clientKeystorePassword); Info tPathInfo = new Info(trustStorePath, trustStorePassword); sslContext.init(KeyStoreUtil.getKeyManagers(kPathInfo), KeyStoreUtil.getTrustManagers(tPathInfo), null); HostnameVerifier hostnameVerifier = new DefaultHostnameVerifier(); SSLConnectionSocketFactory sslSocketFactory = new SSLConnectionSocketFactory(sslContext, hostnameVerifier); SchemeIOSessionStrategy httpsIOSessionStrategy = new SSLIOSessionStrategy(sslContext, hostnameVerifier); httpConfig.defaultSchemeForDiscoveredNodes("https"); httpConfig.sslSocketFactory(sslSocketFactory); // for sync calls httpConfig.httpsIOSessionStrategy(httpsIOSessionStrategy); // for async calls } catch (Exception e) { throw new RuntimeException(e); } }
From source file:com.saylor.harrison.opustestround2.audio.WebSocketUploader.java
/** * Trust server// ww w.ja va 2s .co m * * @throws KeyManagementException * @throws NoSuchAlgorithmException */ private void trustServer() throws KeyManagementException, NoSuchAlgorithmException, IOException { // Create a trust manager that does not validate certificate chains TrustManager[] certs = new TrustManager[] { new X509TrustManager() { public java.security.cert.X509Certificate[] getAcceptedIssuers() { return new java.security.cert.X509Certificate[] {}; } public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { } public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { } } }; SSLContext sslContext = null; sslContext = SSLContext.getInstance("TLS"); sslContext.init(null, certs, new java.security.SecureRandom()); SSLSocketFactory factory = sslContext.getSocketFactory(); this.setSocket(factory.createSocket()); }
From source file:org.dataconservancy.archive.impl.fcrepo.ri.MultiThreadedHttpClient.java
private static SSLSocketFactory createSSLSocketFactory(boolean skipSSLTrustCheck, boolean skipSSLHostnameVerification) { SSLContext sslContext = null; try {//ww w . jav a 2 s . c om if (skipSSLTrustCheck) { sslContext = SSLContext.getInstance("TLS"); TrustManager easyTrustManager = new X509TrustManager() { @Override public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { // Oh, I am easy! } @Override public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { // Oh, I am easy! } @Override public X509Certificate[] getAcceptedIssuers() { return null; } }; sslContext.init(null, new TrustManager[] { easyTrustManager }, null); } else { sslContext = SSLContext.getDefault(); } } catch (KeyManagementException wontHappen) { throw new RuntimeException(wontHappen); } catch (NoSuchAlgorithmException wontHappen) { throw new RuntimeException(wontHappen); } SSLSocketFactory factory = new SSLSocketFactory(sslContext); if (skipSSLHostnameVerification) { factory.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); } return factory; }
From source file:com.bt.pi.api.http.SimpleHttpsServerFactoryBean.java
protected HttpServer getInitializedServer(InetSocketAddress address) throws IOException { HttpsServer server = HttpsServer.create(address, getBacklog()); try {//from w ww. j av a2s. c o m SSLContext sslContext = SSLContext.getInstance(sslContextProtocol); KeyStore ks = KeyStore.getInstance(keyStoreType); InputStream is = keyStoreLocation.getInputStream(); try { ks.load(is, password); } catch (EOFException e) { LOG.warn(String.format( "Unable to load certificate store %s. This may be possible because https isn't enabled with a valid certificate", keyStoreLocation)); return null; } KeyManagerFactory kmf = KeyManagerFactory.getInstance(keyManagerAlgorithm); kmf.init(ks, password); TrustManagerFactory tmf = TrustManagerFactory.getInstance(trustManagerAlgorithm); tmf.init(ks); sslContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null); final SSLEngine m_engine = sslContext.createSSLEngine(); server.setHttpsConfigurator(new HttpsConfigurator(sslContext) { public void configure(HttpsParameters params) { params.setSSLParameters(getSSLContext().getDefaultSSLParameters()); params.setNeedClientAuth(false); params.setWantClientAuth(false); params.setCipherSuites(m_engine.getEnabledCipherSuites()); params.setProtocols(m_engine.getEnabledProtocols()); } }); } catch (Throwable e) { throw new IOException("initializing HttpsServer failed due to exception", e); } return server; }