List of usage examples for javax.net.ssl SSLContext init
public final void init(KeyManager[] km, TrustManager[] tm, SecureRandom random) throws KeyManagementException
From source file:it.serverSystem.HttpsTest.java
private void connectUntrusted() throws Exception { // Create a trust manager that does not validate certificate chains TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() { public X509Certificate[] getAcceptedIssuers() { return null; }//from w ww . ja v a 2s. c om public void checkClientTrusted(X509Certificate[] certs, String authType) { } public void checkServerTrusted(X509Certificate[] certs, String authType) { } } }; // Install the all-trusting trust manager // SSLv3 is disabled since SQ 4.5.2 : https://jira.codehaus.org/browse/SONAR-5860 SSLContext sc = SSLContext.getInstance("TLS"); sc.init(null, trustAllCerts, new java.security.SecureRandom()); SSLSocketFactory untrustedSocketFactory = sc.getSocketFactory(); // Create all-trusting host name verifier HostnameVerifier allHostsValid = new HostnameVerifier() { public boolean verify(String hostname, SSLSession session) { return true; } }; URL url = new URL("https://localhost:" + httpsPort + "/sessions/login"); HttpsURLConnection connection = (HttpsURLConnection) url.openConnection(); connection.setRequestMethod("POST"); connection.setAllowUserInteraction(true); connection.setSSLSocketFactory(untrustedSocketFactory); connection.setHostnameVerifier(allHostsValid); InputStream input = connection.getInputStream(); checkCookieFlags(connection); try { String html = IOUtils.toString(input); assertThat(html).contains("<body"); } finally { IOUtils.closeQuietly(input); } }
From source file:edu.washington.iam.tools.IamConnectionManager.java
public IamConnectionManager(String caFile, String certFile, String keyFile) { log.debug("create connection manager"); caFilename = caFile;//from w w w.j a v a 2 s . c o m certFilename = certFile; keyFilename = keyFile; String protocol = "https"; int port = 443; initManagers(); try { SSLContext ctx = SSLContext.getInstance("TLS"); ctx.init(keyManagers, trustManagers, null); socketFactory = new SSLSocketFactory(ctx); Scheme scheme = new Scheme(protocol, socketFactory, port); schemeRegistry = new SchemeRegistry(); schemeRegistry.register(scheme); log.debug("create conn mgr"); connectionManager = new ThreadSafeClientConnManager(new BasicHttpParams(), schemeRegistry); } catch (Exception e) { log.error("sf error: " + e); } }
From source file:com.devoteam.srit.xmlloader.http.bio.BIOChannelHttp.java
/** Open a connexion to each Stack */ public boolean open() throws Exception { if (this.secure) { StatPool.beginStatisticProtocol(StatPool.CHANNEL_KEY, StatPool.BIO_KEY, StackFactory.PROTOCOL_TLS, StackFactory.PROTOCOL_HTTP); } else {/* w w w . j av a2 s.c o m*/ StatPool.beginStatisticProtocol(StatPool.CHANNEL_KEY, StatPool.BIO_KEY, StackFactory.PROTOCOL_TCP, StackFactory.PROTOCOL_HTTP); } this.startTimestamp = System.currentTimeMillis(); if (null != this.socketServerHttp) { ThreadPool.reserve().start((BIOSocketServerHttp) socketServerHttp); } else { String host = this.getRemoteHost(); int port = this.getRemotePort(); DefaultHttpClientConnection defaultHttpClientConnection = new DefaultHttpClientConnection(); Socket socket; if (this.secure) { // Create a trust manager that does not validate certificate chains like the default TrustManager TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() { public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; } public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) { //No need to implement. } public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) { //No need to implement. } } }; SSLContext sslContext = SSLContext.getInstance("SSL"); sslContext.init(null, trustAllCerts, null); socket = sslContext.getSocketFactory().createSocket(); // read all properties for the TCP socket Config.getConfigForTCPSocket(socket, true); } else { // // Create a TCP non secure socket // socket = new Socket(); // read all properties for the TCP socket Config.getConfigForTCPSocket(socket, false); } // // Bind the socket to the local address // String localHost = this.getLocalHost(); int localPort = initialLocalport; if (null != localHost) { socket.bind(new InetSocketAddress(localHost, localPort)); } else { socket.bind(new InetSocketAddress(localPort)); } socket.setReceiveBufferSize(65536); socket.connect(new InetSocketAddress(host, port)); this.setLocalPort(socket.getLocalPort()); HttpParams params = new BasicHttpParams(); defaultHttpClientConnection.bind(socket, params); this.socketClientHttp = new BIOSocketClientHttp(defaultHttpClientConnection, this); ThreadPool.reserve().start((BIOSocketClientHttp) socketClientHttp); } return true; }
From source file:no.kantega.kwashc.server.test.SSLProtocolTest.java
private HttpResponse checkClient(Site site, int httpsPort, HttpClient httpclient, String[] protocols, String[] ciphers) throws NoSuchAlgorithmException, KeyManagementException, IOException { SSLContext sslcontext = SSLContext.getInstance("TLS"); sslcontext.init(null, new TrustManager[] { allowAllTrustManager }, null); SSLSocketFactory sf = new SSLSocketFactory(sslcontext, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); HttpParams params = new BasicHttpParams(); params.setParameter(CoreConnectionPNames.CONNECTION_TIMEOUT, 1000); params.setParameter(CoreConnectionPNames.SO_TIMEOUT, 1000); SSLSocket socket = (SSLSocket) sf.createSocket(params); if (protocols != null) { socket.setEnabledProtocols(protocols); }/* ww w .ja va 2s . c o m*/ if (ciphers != null) { socket.setEnabledCipherSuites(ciphers); } URL url = new URL(site.getAddress()); InetSocketAddress address = new InetSocketAddress(url.getHost(), httpsPort); sf.connectSocket(socket, address, null, params); Scheme sch = new Scheme("https", httpsPort, sf); httpclient.getConnectionManager().getSchemeRegistry().register(sch); HttpGet request = new HttpGet( "https://" + url.getHost() + ":" + site.getSecureport() + url.getPath() + "blog"); return httpclient.execute(request); }
From source file:com.grendelscan.proxy.ssl.TunneledSSLConnection.java
private SSLSocketFactory initializeSSLFactory() throws GeneralSecurityException, IOException { LOGGER.trace("Initializing SSL for tunnel"); if (ca == null) { LOGGER.trace("Getting the static CA"); ca = CertificateAuthority.getCertificateAuthority(); }/* ww w. j a v a 2 s . co m*/ KeyManagerFactory kmfactory; KeyStore keystore = ca.getKeyStore(destinationHostname); kmfactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); kmfactory.init(keystore, ca.getKeyPassword()); SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(kmfactory.getKeyManagers(), null, null); return sslContext.getSocketFactory(); }
From source file:io.github.thefishlive.updater.HttpServer.java
public void run() { try {//from w ww .j a v a 2 s. c o m int port = GitUpdater.port; // Set up the HTTP protocol processor HttpProcessor httpproc = HttpProcessorBuilder.create().add(new ResponseDate()) .add(new ResponseServer("GitUpdater/1.0-SNAPSHOT")).add(new ResponseContent()) .add(new ResponseConnControl()).build(); // Set up request handlers UriHttpRequestHandlerMapper reqistry = new UriHttpRequestHandlerMapper(); reqistry.register("*", new ResponceHandler()); // Set up the HTTP service HttpService httpService = new HttpService(httpproc, reqistry); SSLServerSocketFactory sf = null; if (port == 8443) { // Initialize SSL context ClassLoader cl = getClass().getClassLoader(); URL url = cl.getResource("my.keystore"); if (url == null) { System.out.println("Keystore not found"); System.exit(1); } KeyStore keystore = KeyStore.getInstance("jks"); keystore.load(url.openStream(), "secret".toCharArray()); KeyManagerFactory kmfactory = KeyManagerFactory .getInstance(KeyManagerFactory.getDefaultAlgorithm()); kmfactory.init(keystore, "secret".toCharArray()); KeyManager[] keymanagers = kmfactory.getKeyManagers(); SSLContext sslcontext = SSLContext.getInstance("TLS"); sslcontext.init(keymanagers, null, null); sf = sslcontext.getServerSocketFactory(); } try { Thread t = new RequestListenerThread(port, httpService, sf); t.setDaemon(false); t.start(); } catch (BindException ex) { System.out.println("Error binding to port " + port); System.out.println("Perhaps another server is running on that port"); return; } catch (IOException ex) { ex.printStackTrace(); } } catch (Exception ex) { ex.printStackTrace(); } }
From source file:edu.mayo.xsltserver.controller.XsltServerController.java
public XsltServerController() { super();/* www .ja v a 2s .co m*/ try { final SSLContext sslContext = SSLContext.getInstance("SSL"); sslContext.init(null, TRUST_ALL_CERTS, new java.security.SecureRandom()); // Create an ssl socket factory with our all-trusting manager this.sslSocketFactory = sslContext.getSocketFactory(); } catch (Exception e) { throw new RuntimeException(e); } }
From source file:org.jahia.tools.maven.plugins.LegalArtifactAggregator.java
private static Client getRestClient(String targetUrl) { if (clients.containsKey(targetUrl)) { return clients.get(targetUrl); }/*from w w w . j a v a 2s . c o m*/ Client client = null; if (targetUrl != null) { if (targetUrl.startsWith("https://")) { try { // Create a trust manager that does not validate certificate chains TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() { public X509Certificate[] getAcceptedIssuers() { return null; } public void checkClientTrusted(X509Certificate[] certs, String authType) { } public void checkServerTrusted(X509Certificate[] certs, String authType) { } } }; // Create all-trusting host name verifier HostnameVerifier allHostsValid = new HostnameVerifier() { public boolean verify(String hostname, SSLSession session) { return true; } }; SSLContext sslContext = SSLContext.getInstance("SSL"); sslContext.init(null, trustAllCerts, new java.security.SecureRandom()); client = ClientBuilder.newBuilder().sslContext(sslContext).hostnameVerifier(allHostsValid) .build(); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } catch (KeyManagementException e) { e.printStackTrace(); } } else { client = ClientBuilder.newClient(); } } if (client == null) { return null; } client.property(ClientProperties.CONNECT_TIMEOUT, 1000); client.property(ClientProperties.READ_TIMEOUT, 3000); /* HttpAuthenticationFeature feature = HttpAuthenticationFeature.basic(contextServerSettings.getContextServerUsername(), contextServerSettings.getContextServerPassword()); client.register(feature); */ clients.put(targetUrl, client); return client; }
From source file:com.sitewhere.groovy.device.communication.rest.RestHelper.java
/** * Create SSL context that allows bad certificates. * /*from www .j av a 2s . c o m*/ * @return */ protected SSLContext createContext() { TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() { public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; } public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) { } public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) { } } }; try { SSLContext sc = SSLContext.getInstance("SSL"); sc.init(null, trustAllCerts, null); SSLContext.setDefault(sc); HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory()); HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() { public boolean verify(String hostname, SSLSession session) { return true; } }); return sc; } catch (Exception e) { } return null; }