List of usage examples for javax.net.ssl X509TrustManager X509TrustManager
X509TrustManager
From source file:com.ibm.caas.CaaSResource.java
/** * Pass throughout CERTs [workaround]//from ww w . j a va 2 s . co m */ public void relaxHostChecking() { // Override SSL Trust manager without certificate chains validation TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() { public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; } public void checkClientTrusted(X509Certificate[] certs, String authType) { } public void checkServerTrusted(X509Certificate[] certs, String authType) { } } }; try { SSLContext sc = SSLContext.getInstance("SSL"); sc.init(null, trustAllCerts, new java.security.SecureRandom()); HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory()); // Hostname verification. HostnameVerifier allHostsValid = new HostnameVerifier() { /** * Verify that the host name is an acceptable match with the server's authentication scheme. * @hostname - the host name * @session - SSLSession used on the connection to host * @return true if the host name is acceptable */ public boolean verify(String hostname, SSLSession session) { return true; } }; // Sets the default HostnameVerifier by all-trusting host verifier. HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid); } catch (NoSuchAlgorithmException e) { // TODO Auto-generated catch block e.printStackTrace(); } catch (KeyManagementException e) { // TODO Auto-generated catch block e.printStackTrace(); } }
From source file:org.dataone.proto.trove.net.SocketFactoryManager.java
public SSLSocketFactory getSSLSocketFactory() throws NoSuchAlgorithmException, UnrecoverableKeyException, KeyStoreException, KeyManagementException, CertificateException, IOException { // our return object log.debug("Enter getSSLSocketFactory"); SSLSocketFactory socketFactory = null; KeyStore keyStore = null;/*from w w w . j av a2 s . c o m*/ // get the keystore that will provide the material // Catch the exception here so that the TLS connection scheme // will still be setup if the client certificate is not found. try { keyStore = getKeyStore(); } catch (FileNotFoundException e) { // these are somewhat expected for anonymous d1 client use log.warn( "Could not set up client side authentication - likely because the certificate could not be located: " + e.getMessage()); } // create SSL context SSLContext ctx = SSLContext.getInstance("TLS"); // use a very liberal trust manager for trusting the server // TODO: check server trust policy X509TrustManager tm = new X509TrustManager() { public void checkClientTrusted(X509Certificate[] xcs, String string) throws CertificateException { log.info("checkClientTrusted - " + string); } public void checkServerTrusted(X509Certificate[] xcs, String string) throws CertificateException { log.info("checkServerTrusted - " + string); } public X509Certificate[] getAcceptedIssuers() { log.info("getAcceptedIssuers"); return null; } }; // specify the client key manager KeyManager[] keyManagers = { new X509KeyManagerImpl(keyStore, keyStorePassword.toCharArray(), "cilogon") }; // KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); // keyManagerFactory.init(keyStore, keyStorePassword.toCharArray()); // keyManagers = keyManagerFactory.getKeyManagers(); // initialize the context ctx.init(keyManagers, new TrustManager[] { tm }, new SecureRandom()); socketFactory = new SSLSocketFactory(ctx, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); return socketFactory; }
From source file:org.kontalk.client.ClientHTTPConnection.java
public static SSLSocketFactory setupSSLSocketFactory(Context context, PrivateKey privateKey, X509Certificate certificate, boolean acceptAnyCertificate) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException, KeyManagementException, UnrecoverableKeyException, NoSuchProviderException { // in-memory keystore KeyManager[] km = null;//from w ww .j av a 2 s.c om if (privateKey != null && certificate != null) { KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType()); keystore.load(null, null); keystore.setKeyEntry("private", privateKey, null, new Certificate[] { certificate }); // key managers KeyManagerFactory kmFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); kmFactory.init(keystore, null); km = kmFactory.getKeyManagers(); } // trust managers TrustManager[] tm; if (acceptAnyCertificate) { tm = new TrustManager[] { new X509TrustManager() { @Override public X509Certificate[] getAcceptedIssuers() { return null; } @Override public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { } @Override public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { } } }; } else { // load merged truststore (system + internal) KeyStore trustStore = InternalTrustStore.getTrustStore(context); // builtin keystore TrustManagerFactory tmFactory = TrustManagerFactory .getInstance(TrustManagerFactory.getDefaultAlgorithm()); tmFactory.init(trustStore); tm = tmFactory.getTrustManagers(); } SSLContext ctx = SSLContext.getInstance("TLSv1"); ctx.init(km, tm, null); return new TlsOnlySocketFactory(ctx.getSocketFactory(), true); }
From source file:org.apache.hadoop.io.crypto.bee.RestClient.java
private InputStream httpsIgnoreCertificate(final URL url) throws IOException { // Create a trust manager that does not validate certificate chains TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() { public X509Certificate[] getAcceptedIssuers() { return null; }// w w w . j a va2 s . co m public void checkClientTrusted(X509Certificate[] certs, String authType) { } public void checkServerTrusted(X509Certificate[] certs, String authType) { } } }; // Create all-trusting host name verifier HostnameVerifier allHostsValid = new HostnameVerifier() { @Override public boolean verify(String hostname, SSLSession session) { return true; } }; // Install the all-trusting host verifier HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid); try { SSLContext sc = SSLContext.getInstance("TLS"); sc.init(null, trustAllCerts, new SecureRandom()); HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory()); } catch (Exception e) { ; } HttpsURLConnection urlConnection = (HttpsURLConnection) url.openConnection(); return urlConnection.getInputStream(); }
From source file:org.bigmouth.nvwa.network.http.HttpClientHelper.java
private static SSLContext getInstance() throws NoSuchAlgorithmException, KeyManagementException { SSLContext ctx = SSLContext.getInstance("SSL"); ctx.init(null, new TrustManager[] { new X509TrustManager() { @Override//from ww w .j a v a 2 s.co m public void checkClientTrusted(java.security.cert.X509Certificate[] arg0, String arg1) throws java.security.cert.CertificateException { } @Override public void checkServerTrusted(java.security.cert.X509Certificate[] arg0, String arg1) throws java.security.cert.CertificateException { } @Override public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; } } }, null); return ctx; }
From source file:org.cgiar.ccafs.ap.util.ClientRepository.java
public DefaultHttpClient verifiedClient(HttpClient base) { try {/* w ww . ja v a 2 s . c o m*/ SSLContext ctx = SSLContext.getInstance("SSL"); X509TrustManager tm = new X509TrustManager() { @Override public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { } @Override public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { } @Override public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; } }; ctx.init(null, new TrustManager[] { tm }, null); SSLSocketFactory ssf = new SSLSocketFactory(ctx, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); ClientConnectionManager mgr = base.getConnectionManager(); SchemeRegistry registry = mgr.getSchemeRegistry(); registry.register(new Scheme("https", 443, ssf)); return new DefaultHttpClient(mgr, base.getParams()); } catch (Exception ex) { ex.printStackTrace(); return null; } }
From source file:org.wso2.carbon.dashboard.migratetool.DSPortalAppMigrationTool.java
private TrustManager[] get_trust_mgr() { TrustManager[] certs = new TrustManager[] { new X509TrustManager() { public X509Certificate[] getAcceptedIssuers() { return null; }/*from w w w. j av a 2 s .c om*/ public void checkClientTrusted(X509Certificate[] certs, String t) { } public void checkServerTrusted(X509Certificate[] certs, String t) { } } }; return certs; }
From source file:ee.ria.xroad.common.request.ManagementRequestClient.java
private void createCentralHttpClient() throws Exception { log.trace("createCentralHttpClient()"); TrustManager tm = new X509TrustManager() { @Override/* w w w. j av a 2s . c om*/ public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { } @Override public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { if (chain.length == 0) { throw new CertificateException("Central server did not send TLS certificate"); } X509Certificate centralServerSslCert = null; try { centralServerSslCert = GlobalConf.getCentralServerSslCertificate(); } catch (Exception e) { throw new CertificateException("Could not get central server TLS certificate from global conf", e); } if (centralServerSslCert == null) { throw new CertificateException("Central server TLS certificate is not in global conf"); } if (!centralServerSslCert.equals(chain[0])) { throw new CertificateException("Central server TLS certificate does not match in global conf"); } } @Override public X509Certificate[] getAcceptedIssuers() { return null; } }; centralHttpClient = createHttpClient(null, tm); }
From source file:iristk.speech.nuancecloud.JSpeexNuanceCloudRecognizerListener.java
@SuppressWarnings("deprecation") private HttpClient getHttpClient() throws NoSuchAlgorithmException, KeyManagementException { // Standard HTTP parameters HttpParams params = new BasicHttpParams(); HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1); HttpProtocolParams.setContentCharset(params, "UTF-8"); HttpProtocolParams.setUseExpectContinue(params, false); // Initialize the HTTP client httpclient = new DefaultHttpClient(params); // Initialize/setup SSL TrustManager easyTrustManager = new X509TrustManager() { @Override//from w ww . j av a 2s . c om public void checkClientTrusted(java.security.cert.X509Certificate[] arg0, String arg1) throws java.security.cert.CertificateException { // TODO Auto-generated method stub } @Override public void checkServerTrusted(java.security.cert.X509Certificate[] arg0, String arg1) throws java.security.cert.CertificateException { // TODO Auto-generated method stub } @Override public java.security.cert.X509Certificate[] getAcceptedIssuers() { // TODO Auto-generated method stub return null; } }; SSLContext sslcontext = SSLContext.getInstance("TLS"); sslcontext.init(null, new TrustManager[] { easyTrustManager }, null); SSLSocketFactory sf = new SSLSocketFactory(sslcontext); sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); Scheme sch = new Scheme("https", sf, 443); httpclient.getConnectionManager().getSchemeRegistry().register(sch); // Return the initialized instance of our httpclient return httpclient; }
From source file:org.wso2.bam.integration.tests.reciever.RESTAPITestCase.java
@BeforeClass(groups = { "wso2.bam" })
private static void init() {
DATA_RECEIVER = "/datareceiver/1.0.0";
// host = FrameworkSettings.HOST_NAME;
// httpsPort = Integer.parseInt(FrameworkSettings.HTTPS_PORT);
restAppParentURL = "https://" + host + ":" + httpsPort + DATA_RECEIVER;
streamsURL = restAppParentURL + "/streams";
streamURL = restAppParentURL + "/stream";
stockQuoteVersion1URL = streamURL + "/stockquote.stream/1.0.2/";
stockQuoteVersion2URL = streamURL + "/stockquote.stream.2/2.0.0";
stockQuoteVersion3URL = streamURL + "/labit.stream/0.0.3";
stockQuoteVersion4URL = streamURL + "/eu.ima.event.stream/1.2.0";
stockQuoteVersion5URL = streamURL + "/eu.ima.event.stream.2/1.3.0";
try {/*from w ww .j av a 2s.c o m*/
events1 = IOUtils
.toString(RESTAPITestCase.class.getClassLoader().getResourceAsStream("rest/events1.json"));
events2 = IOUtils
.toString(RESTAPITestCase.class.getClassLoader().getResourceAsStream("rest/events2.json"));
events3 = IOUtils
.toString(RESTAPITestCase.class.getClassLoader().getResourceAsStream("rest/events3.json"));
events4 = IOUtils
.toString(RESTAPITestCase.class.getClassLoader().getResourceAsStream("rest/events4.json"));
events5 = IOUtils
.toString(RESTAPITestCase.class.getClassLoader().getResourceAsStream("rest/events5.json"));
streamdefn1 = IOUtils
.toString(RESTAPITestCase.class.getClassLoader().getResourceAsStream("rest/streamdefn1.json"));
streamdefn2 = IOUtils
.toString(RESTAPITestCase.class.getClassLoader().getResourceAsStream("rest/streamdefn2.json"));
streamdefn3 = IOUtils
.toString(RESTAPITestCase.class.getClassLoader().getResourceAsStream("rest/streamdefn3.json"));
streamdefn4 = IOUtils
.toString(RESTAPITestCase.class.getClassLoader().getResourceAsStream("rest/streamdefn4.json"));
streamdefn5 = IOUtils
.toString(RESTAPITestCase.class.getClassLoader().getResourceAsStream("rest/streamdefn5.json"));
TrustManager easyTrustManager = new X509TrustManager() {
public void checkClientTrusted(java.security.cert.X509Certificate[] x509Certificates, String s)
throws java.security.cert.CertificateException {
}
public void checkServerTrusted(java.security.cert.X509Certificate[] x509Certificates, String s)
throws java.security.cert.CertificateException {
}
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
};
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, new TrustManager[] { easyTrustManager }, null);
SSLSocketFactory sf = new SSLSocketFactory(sslContext);
sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
Scheme httpsScheme = new Scheme("https", sf, httpsPort);
HttpParams params = new BasicHttpParams();
HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);
HttpProtocolParams.setContentCharset(params, "utf-8");
params.setBooleanParameter("http.protocol.expect-continue", false);
client = new DefaultHttpClient(params);
client.getConnectionManager().getSchemeRegistry().register(httpsScheme);
} catch (Exception e) {
e.printStackTrace();
fail();
}
}