List of usage examples for javax.net.ssl SSLSocketFactory createSocket
@Override
public Socket createSocket(InetAddress address, int port) throws IOException
From source file:com.sonatype.nexus.ssl.plugin.internal.CertificateRetriever.java
/** * Retrieves certificate chain of specified host:port using direct socket connection. * * @param host to get certificate chain from (cannot be null) * @param port of host to connect to//from w w w . j a va 2s . co m * @return certificate chain * @throws Exception Re-thrown from accessing the remote host */ public Certificate[] retrieveCertificates(final String host, final int port) throws Exception { checkNotNull(host); log.info("Retrieving certificate from {}:{} using direct socket connection", host, port); SSLSocket socket = null; try { SSLContext sc = SSLContext.getInstance("TLS"); sc.init(null, new TrustManager[] { ACCEPT_ALL_TRUST_MANAGER }, null); javax.net.ssl.SSLSocketFactory sslSocketFactory = sc.getSocketFactory(); socket = (SSLSocket) sslSocketFactory.createSocket(host, port); socket.startHandshake(); SSLSession session = socket.getSession(); return session.getPeerCertificates(); } finally { if (socket != null) { socket.close(); } } }
From source file:test.integ.be.fedict.trust.SSLTrustValidatorTest.java
@Test public void testTestEIDBelgiumBe() throws Exception { Security.addProvider(new BeIDProvider()); SSLContext sslContext = SSLContext.getInstance("TLS"); KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("BeID"); keyManagerFactory.init(null);/* www . j a va 2 s.co m*/ SecureRandom secureRandom = new SecureRandom(); sslContext.init(keyManagerFactory.getKeyManagers(), new TrustManager[] { new ClientTestX509TrustManager() }, secureRandom); SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory(); SSLSocket sslSocket = (SSLSocket) sslSocketFactory.createSocket("test.eid.belgium.be", 443); LOG.debug("socket created"); SSLSession sslSession = sslSocket.getSession(); Certificate[] peerCertificates = sslSession.getPeerCertificates(); for (Certificate peerCertificate : peerCertificates) { LOG.debug("peer certificate: " + ((X509Certificate) peerCertificate).getSubjectX500Principal()); } MemoryCertificateRepository repository = new MemoryCertificateRepository(); repository.addTrustPoint((X509Certificate) peerCertificates[peerCertificates.length - 1]); TrustValidator trustValidator = new TrustValidator(repository); TrustValidatorDecorator trustValidatorDecorator = new TrustValidatorDecorator(); trustValidatorDecorator.addDefaultTrustLinkerConfig(trustValidator); trustValidator.isTrusted(peerCertificates); }
From source file:org.apache.jmeter.util.HttpSSLProtocolSocketFactory.java
@Override public Socket createSocket(InetAddress host, int port) throws IOException { SSLSocketFactory sslfac = getSSLSocketFactory(); Socket sock = sslfac.createSocket(host, port); setSocket(sock);//from w w w . jav a 2 s . c o m return wrapSocket(sock); }
From source file:org.apache.jmeter.util.HttpSSLProtocolSocketFactory.java
/** * @see SecureProtocolSocketFactory#createSocket(java.lang.String,int) *//*ww w .j a va2 s. c om*/ @Override public Socket createSocket(String host, int port) throws IOException, UnknownHostException { SSLSocketFactory sslfac = getSSLSocketFactory(); Socket sock = sslfac.createSocket(host, port); setSocket(sock); return wrapSocket(sock); }
From source file:test.integ.be.fedict.trust.XKMSTrustTest.java
@Test public void testValidateUnilateralTLSTrust() throws Exception { LOG.debug("validate using unilateral TLS Trust."); // Retrieve server public key SSLTrustManager.initialize();//from www .ja v a 2 s. c o m SSLSocketFactory factory = HttpsURLConnection.getDefaultSSLSocketFactory(); SSLSocket socket = (SSLSocket) factory.createSocket(TestUtils.XKMS_WS_HOST, port); socket.startHandshake(); Certificate[] serverCerts = socket.getSession().getPeerCertificates(); PublicKey publicKey = serverCerts[0].getPublicKey(); LOG.debug("server public key: " + publicKey); socket.close(); /* * Override default verification that CN of server SSL certificate has * to be equal to the hostname. */ HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() { public boolean verify(String hostname, SSLSession session) { return hostname.equals(TestUtils.XKMS_WS_HOST); } }); // setup List<X509Certificate> signCertificateChain = TestUtils.getSignCertificateChain(); XKMS2Client client = new XKMS2Client( "https://" + TestUtils.XKMS_WS_HOST + ":" + port + TestUtils.XKMS_WS_CONTEXT_PATH); client.setServicePublicKey(publicKey); /* * Operate: validate non repudiation */ client.validate(TrustServiceDomains.BELGIAN_EID_NON_REPUDIATION_TRUST_DOMAIN, signCertificateChain); }
From source file:org.apache.ftpserver.ssl.Ssl.java
/** * Create a secure socket./*from ww w .ja va2 s.c o m*/ */ public Socket createSocket(String protocol, InetAddress addr, int port, boolean clientMode) throws Exception { // get socket factory SSLContext ctx = getSSLContext(protocol); SSLSocketFactory socFactory = ctx.getSocketFactory(); // create socket SSLSocket ssoc = (SSLSocket) socFactory.createSocket(addr, port); ssoc.setUseClientMode(clientMode); // initialize socket String cipherSuites[] = ssoc.getSupportedCipherSuites(); ssoc.setEnabledCipherSuites(cipherSuites); return ssoc; }
From source file:com.mendhak.gpslogger.common.network.CertificateValidationWorkflow.java
private void connectToSSLSocket(Socket plainSocket) throws IOException { SSLSocketFactory factory = Networks.getSocketFactory(context); SSLSocket socket = (SSLSocket) factory.createSocket(host, port); if (plainSocket != null) { socket = (SSLSocket) factory.createSocket(plainSocket, host, port, true); }/*from ww w . ja v a 2s. c om*/ if (serverType == ServerType.SMTP) { socket.setUseClientMode(true); socket.setNeedClientAuth(true); } socket.setSoTimeout(5000); LOG.debug("Starting handshake..."); socket.startHandshake(); SSLSession session = socket.getSession(); Certificate[] servercerts = session.getPeerCertificates(); }
From source file:au.edu.monash.merc.capture.util.httpclient.ssl.StrictSSLProtocolSocketFactory.java
/** * @see SecureProtocolSocketFactory#createSocket(java.lang.String,int) *///from ww w . j ava 2s .c o m public Socket createSocket(String host, int port) throws IOException, UnknownHostException { SSLSocketFactory sf = (SSLSocketFactory) SSLSocketFactory.getDefault(); SSLSocket sslSocket = (SSLSocket) sf.createSocket(host, port); verifyHostname(sslSocket); return sslSocket; }
From source file:davmail.util.ClientCertificateTest.java
public void testClientSocket() throws NoSuchAlgorithmException, KeyStoreException, IOException, CertificateException, KeyManagementException, UnrecoverableKeyException { //System.setProperty("javax.net.ssl.trustStoreProvider", "SunMSCAPI"); //System.setProperty("javax.net.ssl.trustStoreType", "Windows-ROOT"); System.setProperty("javax.net.ssl.trustStore", "cacerts"); System.setProperty("javax.net.ssl.trustStorePassword", "changeit"); System.setProperty("javax.net.ssl.trustStoreType", "JKS"); String algorithm = KeyManagerFactory.getDefaultAlgorithm(); if ("SunX509".equals(algorithm)) { algorithm = "NewSunX509"; } else if ("IbmX509".equals(algorithm)) { algorithm = "NewIbmX509"; }/* w w w . j a v a2 s. c om*/ Provider sunMSCAPI = new sun.security.mscapi.SunMSCAPI(); //Security.insertProviderAt(sunMSCAPI, 1); KeyStore keyStore = KeyStore.getInstance("Windows-MY", sunMSCAPI); keyStore.load(null, null); KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(algorithm); keyManagerFactory.init(keyStore, null); // Get a list of key managers KeyManager[] keyManagers = keyManagerFactory.getKeyManagers(); // Walk through the key managers and replace all X509 Key Managers with // a specialized wrapped DavMail X509 Key Manager for (int i = 0; i < keyManagers.length; i++) { KeyManager keyManager = keyManagers[i]; if (keyManager instanceof X509KeyManager) { keyManagers[i] = new DavMailX509KeyManager((X509KeyManager) keyManager); } } SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(keyManagers, null, null); SSLSocketFactory sockFactory = sslContext.getSocketFactory(); SSLSocket sslSock = (SSLSocket) sockFactory.createSocket("localhost", 443); sslSock.startHandshake(); }
From source file:cc.abstra.trantor.security.ssl.OwnSSLProtocolSocketFactory.java
/** * @see SecureProtocolSocketFactory#createSocket(java.lang.String,int) */// w w w.j a v a2 s .c o m public Socket createSocket(String host, int port) throws IOException, UnknownHostException { SSLSocketFactory sf = getSSLContext().getSocketFactory(); SSLSocket sslSocket = (SSLSocket) sf.createSocket(host, port); verifyHostname(sslSocket); return sslSocket; }