List of usage examples for javax.net.ssl SSLContext init
public final void init(KeyManager[] km, TrustManager[] tm, SecureRandom random) throws KeyManagementException
From source file:org.apache.geode.rest.internal.web.GeodeRestClient.java
public HttpResponse doRequest(HttpRequestBase request, String username, String password) throws Exception { HttpHost targetHost = new HttpHost(bindAddress, restPort, protocol); HttpClientBuilder clientBuilder = HttpClients.custom(); HttpClientContext clientContext = HttpClientContext.create(); // configures the clientBuilder and clientContext if (username != null) { CredentialsProvider credsProvider = new BasicCredentialsProvider(); credsProvider.setCredentials(new AuthScope(targetHost.getHostName(), targetHost.getPort()), new UsernamePasswordCredentials(username, password)); clientBuilder.setDefaultCredentialsProvider(credsProvider); }/*ww w. j av a2 s .co m*/ if (useHttps) { SSLContext ctx = SSLContext.getInstance("TLS"); ctx.init(new KeyManager[0], new TrustManager[] { new DefaultTrustManager() }, new SecureRandom()); clientBuilder.setSSLContext(ctx); clientBuilder.setSSLHostnameVerifier(new NoopHostnameVerifier()); } return clientBuilder.build().execute(targetHost, request, clientContext); }
From source file:org.appenders.log4j2.elasticsearch.jest.JKSCertInfo.java
@Override public void applyTo(HttpClientConfig.Builder clientConfigBuilder) { try (FileInputStream keystoreFile = new FileInputStream(new File(keystorePath)); FileInputStream truststoreFile = new FileInputStream(new File(truststorePath))) { KeyStore keyStore = KeyStore.getInstance("jks"); keyStore.load(keystoreFile, keystorePassword.toCharArray()); KeyManagerFactory keyManagerFactory = KeyManagerFactory .getInstance(KeyManagerFactory.getDefaultAlgorithm()); keyManagerFactory.init(keyStore, keystorePassword.toCharArray()); KeyStore trustStore = KeyStore.getInstance("jks"); trustStore.load(truststoreFile, truststorePassword.toCharArray()); TrustManagerFactory trustManagerFactory = TrustManagerFactory .getInstance(TrustManagerFactory.getDefaultAlgorithm()); trustManagerFactory.init(trustStore); SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null); // TODO: add support for hostname verification modes clientConfigBuilder.sslSocketFactory(new SSLConnectionSocketFactory(sslContext)); clientConfigBuilder/*from w w w . ja v a 2 s . co m*/ .httpsIOSessionStrategy(new SSLIOSessionStrategy(sslContext, new NoopHostnameVerifier())); } catch (IOException | GeneralSecurityException e) { throw new ConfigurationException(configExceptionMessage, e); } }
From source file:com.ericsson.gerrit.plugins.syncindex.HttpClientProvider.java
private SSLContext buildSslContext() { try {//from w ww . ja v a 2 s . c o m TrustManager[] trustAllCerts = new TrustManager[] { new DummyX509TrustManager() }; SSLContext context = SSLContext.getInstance("TLS"); context.init(null, trustAllCerts, null); return context; } catch (KeyManagementException | NoSuchAlgorithmException e) { log.warn("Error building SSLContext object", e); return null; } }
From source file:io.reappt.adapters.kafka.KafkaAdapter.java
private Session createSession(String url, String reapptUser, String reapptPassword) throws KeyManagementException, NoSuchAlgorithmException { // For the purpose of the test we accept every certificate. TrustManager trustManager = new X509TrustManager() { public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { }/*from w w w . ja v a 2s . co m*/ public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { } public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[0]; } }; final SSLContext context = SSLContext.getInstance("TLSv1"); context.init(null, new TrustManager[] { trustManager }, null); return Diffusion.sessions().connectionTimeout(10000).errorHandler(new Session.ErrorHandler.Default()) .principal(reapptUser).password(reapptPassword).reconnectionTimeout(5000).sslContext(context) .open(url); }
From source file:ti.modules.titanium.network.NonValidatingSSLSocketFactory.java
public NonValidatingSSLSocketFactory() { try {/*from w w w. j a v a2s.c o m*/ SSLContext context = SSLContext.getInstance("TLS"); TrustManager managers[] = new TrustManager[] { new NonValidatingTrustManager() }; context.init(null, managers, new SecureRandom()); sslFactory = context.getSocketFactory(); } catch (Exception e) { Log.e(TAG, e.getMessage(), e); } }
From source file:com.amazon.alexa.avs.companion.ProvisioningClient.java
private SSLSocketFactory getPinnedSSLSocketFactory(Context context) throws Exception { InputStream caCertInputStream = null; try {/* ww w .jav a 2s .c om*/ caCertInputStream = context.getResources().openRawResource(R.raw.ca); CertificateFactory cf = CertificateFactory.getInstance("X.509"); Certificate caCert = cf.generateCertificate(caCertInputStream); KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType()); trustStore.load(null, null); trustStore.setCertificateEntry("myca", caCert); TrustManagerFactory trustManagerFactory = TrustManagerFactory .getInstance(TrustManagerFactory.getDefaultAlgorithm()); trustManagerFactory.init(trustStore); SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(null, trustManagerFactory.getTrustManagers(), null); return sslContext.getSocketFactory(); } finally { IOUtils.closeQuietly(caCertInputStream); } }
From source file:org.appenders.log4j2.elasticsearch.jest.PEMCertInfo.java
@Override public void applyTo(HttpClientConfig.Builder builder) { if (java.security.Security.getProvider(BouncyCastleProvider.PROVIDER_NAME) == null) { java.security.Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider()); }/* w w w.j ava 2s. c om*/ try (FileInputStream clientCert = new FileInputStream(new File(clientCertPath)); FileInputStream key = new FileInputStream(new File(keyPath)); FileInputStream certificateAuthoritiies = new FileInputStream(new File(caPath))) { KeyStore keyStore = PemReader.loadKeyStore(clientCert, key, Optional.ofNullable(keyPassphrase)); KeyManagerFactory keyManagerFactory = KeyManagerFactory .getInstance(KeyManagerFactory.getDefaultAlgorithm()); keyManagerFactory.init(keyStore, keyPassphrase.toCharArray()); KeyStore trustStore = PemReader.loadTrustStore(certificateAuthoritiies); TrustManagerFactory trustManagerFactory = TrustManagerFactory .getInstance(TrustManagerFactory.getDefaultAlgorithm()); trustManagerFactory.init(trustStore); SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null); // TODO: add support for hostname verification modes builder.sslSocketFactory(new SSLConnectionSocketFactory(sslContext)); builder.httpsIOSessionStrategy(new SSLIOSessionStrategy(sslContext, new NoopHostnameVerifier())); } catch (IOException | GeneralSecurityException e) { throw new ConfigurationException(configExceptionMessage, e); } }
From source file:co.cask.cdap.gateway.router.NettyRouterHttpsTest.java
@Override protected SocketFactory getSocketFactory() throws Exception { SSLContext sc = SSLContext.getInstance("TLS"); sc.init(null, new TrustManager[] { new X509TrustManager() { @Override/* w w w.j av a 2s . c om*/ public void checkClientTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException { } @Override public void checkServerTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException { } @Override public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[0]; } } }, new java.security.SecureRandom()); return sc.getSocketFactory(); }
From source file:jp.pigumer.mqtt.Client.java
void createMqttConnectOptions() { Optional<SSLContext> context = initTrustManagers().map(trustManagers -> { try {// ww w . j ava2 s . co m SSLContext sslContext = SSLContext.getInstance("TLSv1.2"); sslContext.init(null, trustManagers, new SecureRandom()); return sslContext; } catch (Exception e) { LOGGER.log(Level.SEVERE, "failed load", e); return null; } }); options = new MqttConnectOptions(); options.setUserName(userName); options.setPassword(password); context.ifPresent(sslContext -> options.setSocketFactory(sslContext.getSocketFactory())); }