Example usage for javax.net.ssl SSLContext getSocketFactory

List of usage examples for javax.net.ssl SSLContext getSocketFactory

  1. HOME
  2. Java
  3. javax
  4. javax.net.ssl.*
  5. SSLContext
  6. getSocketFactory

Introduction

In this page you can find the example usage for javax.net.ssl SSLContext getSocketFactory.

Prototype

public final SSLSocketFactory getSocketFactory()

Source Link

Document

Returns a SocketFactory object for this context.

Usage

From source file:Main.java

private synchronized static SSLSocketFactory getDefaultSSLSocketFactory() {
    if (defaultSslSocketFactory == null) {
        try {/*from   ww  w  . ja va2 s.c o  m*/
            SSLContext sslContext = SSLContext.getInstance("TLS");
            sslContext.init(null, null, null);
            defaultSslSocketFactory = sslContext.getSocketFactory();
        } catch (GeneralSecurityException e) {
            throw new AssertionError(); // The system has no TLS. Just give
            // up.
        }
    }
    return defaultSslSocketFactory;
}

From source file:Main.java

private static HttpsURLConnection setSSLSocketFactory(HttpsURLConnection connection)
        throws KeyManagementException, NoSuchAlgorithmException {
    SSLContext sc;
    sc = SSLContext.getInstance("TLS");
    sc.init(null, null, new java.security.SecureRandom());
    connection.setSSLSocketFactory(sc.getSocketFactory());
    return connection;
}

From source file:Main.java

/**
 * Creates an SSLSocketFactory which contains {@code certChainFile} as its only root certificate.
 *//*www .j ava 2 s  .  c om*/
public static SSLSocketFactory newSslSocketFactoryForCa(InputStream certChain) throws Exception {
    KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
    ks.load(null, null);
    CertificateFactory cf = CertificateFactory.getInstance("X.509");
    X509Certificate cert = (X509Certificate) cf.generateCertificate(new BufferedInputStream(certChain));
    X500Principal principal = cert.getSubjectX500Principal();
    ks.setCertificateEntry(principal.getName("RFC2253"), cert);
    //    ks.setCertificateEntry("ca", cert);

    // Set up trust manager factory to use our key store.
    TrustManagerFactory trustManagerFactory = TrustManagerFactory
            .getInstance(TrustManagerFactory.getDefaultAlgorithm());
    trustManagerFactory.init(ks);
    SSLContext context = SSLContext.getInstance("TLS");
    context.init(null, trustManagerFactory.getTrustManagers(), null);
    return context.getSocketFactory();
}

From source file:Main.java

public static javax.net.ssl.SSLSocketFactory getSSLSocketFactoryIgnoreSSLCertificate() {
    // Create a trust manager that does not validate certificate chains
    TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
        public java.security.cert.X509Certificate[] getAcceptedIssuers() {
            return null;
        }/*from w w w. j a v  a2 s.c  o  m*/

        public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) {
        }

        public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) {
        }
    } };

    // Install the all-trusting trust manager
    try {
        SSLContext sc = SSLContext.getInstance("SSL");
        sc.init(null, trustAllCerts, new java.security.SecureRandom());
        return sc.getSocketFactory();
    } catch (Exception ignored) {
        return null;
    }
}

From source file:Main.java

public static SocketFactory getSocketFactoryWithCustomCA(InputStream stream) throws CertificateException,
        KeyStoreException, IOException, NoSuchAlgorithmException, KeyManagementException {

    // Load CAs from an InputStream
    // (could be from a resource or ByteArrayInputStream or ...)
    CertificateFactory cf = CertificateFactory.getInstance("X.509");

    InputStream caInput = new BufferedInputStream(stream);
    Certificate ca;/*from ww w.j ava  2s.c  o m*/
    try {
        ca = cf.generateCertificate(caInput);
        System.out.println("ca=" + ((X509Certificate) ca).getSubjectDN());
    } finally {
        try {
            caInput.close();
        } catch (IOException e) {
            e.printStackTrace();
        }
    }

    // Create a KeyStore containing our trusted CAs
    String keyStoreType = KeyStore.getDefaultType();
    KeyStore keyStore = KeyStore.getInstance(keyStoreType);
    keyStore.load(null, null);
    keyStore.setCertificateEntry("ca", ca);

    // Create a TrustManager that trusts the CAs in our KeyStore
    String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
    TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm);
    tmf.init(keyStore);

    // Create an SSLContext that uses our TrustManager
    SSLContext context = SSLContext.getInstance("TLS");
    context.init(null, tmf.getTrustManagers(), null);

    return context.getSocketFactory();
}

From source file:Main.java

/**
 * Generate a SSLSocketFactory wich checks the certificate given
 * @param context Context to use//from  w w w  . ja v  a2  s.  c o m
 * @param rResource int with url of the resource to read the certificate
 * @parma password String to use with certificate
 * @return SSLSocketFactory generated to validate this certificate
 */
public static SSLSocketFactory newSslSocketFactory(Context context, int rResource, String password)
        throws CertificateException, NoSuchProviderException, KeyStoreException, NoSuchAlgorithmException,
        IOException, UnrecoverableKeyException, KeyManagementException {

    // Get an instance of the Bouncy Castle KeyStore format
    KeyStore trusted = KeyStore.getInstance("BKS");
    // Get the raw resource, which contains the keystore with
    // your trusted certificates (root and any intermediate certs)
    InputStream is = context.getApplicationContext().getResources().openRawResource(rResource);

    CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509", "BC");
    X509Certificate cert = (X509Certificate) certificateFactory.generateCertificate(is);
    String alias = "alias";//cert.getSubjectX500Principal().getName();

    KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
    trustStore.load(null);
    trustStore.setCertificateEntry(alias, cert);
    KeyManagerFactory kmf = KeyManagerFactory.getInstance("X509");
    kmf.init(trustStore, null);
    KeyManager[] keyManagers = kmf.getKeyManagers();

    TrustManagerFactory tmf = TrustManagerFactory.getInstance("X509");
    tmf.init(trustStore);
    TrustManager[] trustManagers = tmf.getTrustManagers();

    SSLContext sslContext = SSLContext.getInstance("TLS");
    sslContext.init(keyManagers, trustManagers, null);
    return sslContext.getSocketFactory();

}

From source file:Main.java

/**
 * Trust every server - don't check for any certificate only for testing!
 *//*from w w w.j  a v a 2  s .co  m*/
private static void trustAllHosts() {
    // Create a trust manager that does not validate certificate chains
    TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[] {};
        }

        public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
        }

        public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
        }
    } };

    // Install the all-trusting trust manager
    try {
        SSLContext sc = SSLContext.getInstance("TLS");
        sc.init(null, trustAllCerts, new java.security.SecureRandom());
        HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
    } catch (Exception e) {
        e.printStackTrace();
    }
}

From source file:org.apache.cassandra.security.SSLFactory.java

/** Create a socket and connect, using any local address */
public static SSLSocket getSocket(EncryptionOptions options, InetAddress address, int port) throws IOException {
    SSLContext ctx = createSSLContext(options, true);
    SSLSocket socket = (SSLSocket) ctx.getSocketFactory().createSocket(address, port);
    String[] suits = filterCipherSuites(socket.getSupportedCipherSuites(), options.cipher_suites);
    socket.setEnabledCipherSuites(suits);
    socket.setEnabledProtocols(ACCEPTED_PROTOCOLS);
    return socket;
}

From source file:org.apache.cassandra.security.SSLFactory.java

/** Just create a socket */
public static SSLSocket getSocket(EncryptionOptions options) throws IOException {
    SSLContext ctx = createSSLContext(options, true);
    SSLSocket socket = (SSLSocket) ctx.getSocketFactory().createSocket();
    String[] suits = filterCipherSuites(socket.getSupportedCipherSuites(), options.cipher_suites);
    socket.setEnabledCipherSuites(suits);
    socket.setEnabledProtocols(ACCEPTED_PROTOCOLS);
    return socket;
}

From source file:org.apache.cassandra.security.SSLFactory.java

/** Create a socket and connect */
public static SSLSocket getSocket(EncryptionOptions options, InetAddress address, int port,
        InetAddress localAddress, int localPort) throws IOException {
    SSLContext ctx = createSSLContext(options, true);
    SSLSocket socket = (SSLSocket) ctx.getSocketFactory().createSocket(address, port, localAddress, localPort);
    String[] suits = filterCipherSuites(socket.getSupportedCipherSuites(), options.cipher_suites);
    socket.setEnabledCipherSuites(suits);
    socket.setEnabledProtocols(ACCEPTED_PROTOCOLS);
    return socket;
}