List of usage examples for javax.net.ssl SSLParameters SSLParameters
public SSLParameters()
From source file:com.vmware.bdd.security.tls.SimpleSeverTrustTlsSocketFactory.java
/** * factory method for custom usage./*from w ww . j av a 2 s.c om*/ * * @return a factory */ public static SSLSocketFactory makeSSLSocketFactory(TrustStoreConfig trustStoreCfg) { check(trustStoreCfg); SimpleServerTrustManager simpleServerTrustManager = new SimpleServerTrustManager(); simpleServerTrustManager.setTrustStoreConfig(trustStoreCfg); /** * Initialize our own trust manager */ TrustManager[] trustManagers = new TrustManager[] { simpleServerTrustManager }; SSLContext customSSLContext = null; try { /** * Instantiate a context that implements the family of TLS protocols */ customSSLContext = SSLContext.getInstance("TLS"); /** * Initialize SSL context. Default instances of KeyManager and * SecureRandom are used. */ customSSLContext.init(null, trustManagers, null); } catch (NoSuchAlgorithmException e) { throw new TlsInitException("SSLContext_INIT_ERR", e); } catch (KeyManagementException e) { throw new TlsInitException("SSLContext_INIT_ERR", e); } TlsClientConfiguration tlsClientConfiguration = new TlsClientConfiguration(); /** * Build connection configuration and pass to socket */ SSLParameters params = new SSLParameters(); params.setCipherSuites(tlsClientConfiguration.getCipherSuites()); params.setProtocols(tlsClientConfiguration.getSslProtocols()); // params.setEndpointIdentificationAlgorithm( // config.getEndpointIdentificationAlgorithm()); /** * Use the SSLSocketFactory generated by the SSLContext and wrap it to * enable custom cipher suites and protocols */ return new SimpleSeverTrustTlsSocketFactory(customSSLContext.getSocketFactory(), params); }
From source file:mitm.BouncyCastleSslEngineSource.java
private boolean tryHostNameVerificationJava7(SSLEngine sslEngine) { for (Method method : SSLParameters.class.getMethods()) { // method is available since Java 7 if ("setEndpointIdentificationAlgorithm".equals(method.getName())) { SSLParameters sslParams = new SSLParameters(); try { method.invoke(sslParams, "HTTPS"); } catch (IllegalAccessException e) { LOG.debug("SSLParameters#setEndpointIdentificationAlgorithm", e); return false; } catch (InvocationTargetException e) { LOG.debug("SSLParameters#setEndpointIdentificationAlgorithm", e); return false; }// ww w.j av a 2s . co m sslEngine.setSSLParameters(sslParams); return true; } } return false; }
From source file:org.alfresco.repo.security.authentication.ldap.AlfrescoLdapSSLSocketFactory.java
private void addHostNameVerification(SSLSocket sslSocket) { if (useJava6CodeBase == null || useJava6CodeBase) { //Try to use SSLSocketImpl.trySetHostnameVerification method that is supported by java6 and lower try {/*from w w w.j a va2 s . c om*/ Method m = sslSocket.getClass().getMethod("trySetHostnameVerification", String.class); m.invoke(sslSocket, "LDAP"); useJava6CodeBase = true; useJava7CodeBase = false; } catch (Throwable e) { useJava6CodeBase = false; } } if (useJava7CodeBase == null || useJava7CodeBase) { //Try to use sslParams.setEndpointIdentificationAlgorithm method that is supported by java 7 and higher try { SSLParameters sslParams = new SSLParameters(); Method m = sslParams.getClass().getMethod("setEndpointIdentificationAlgorithm", String.class); m.invoke(sslParams, "LDAPS"); sslSocket.setSSLParameters(sslParams); useJava6CodeBase = false; useJava7CodeBase = true; } catch (Throwable ee) { useJava7CodeBase = false; if (useJava6CodeBase == false && logger.isWarnEnabled()) { logger.warn("AlfrescoLdapSSLSocketFactory: Unable to turn on Hostname Verification"); } } } }