List of usage examples for javax.net.ssl X509TrustManager X509TrustManager
X509TrustManager
From source file:iristk.speech.nuancecloud.NuanceCloudSynthesizer.java
private HttpClient getHttpClient() throws NoSuchAlgorithmException, KeyManagementException { // Standard HTTP parameters HttpParams params = new BasicHttpParams(); HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1); HttpProtocolParams.setContentCharset(params, "UTF-8"); HttpProtocolParams.setUseExpectContinue(params, false); // Initialize the HTTP client httpclient = new DefaultHttpClient(params); // Initialize/setup SSL TrustManager easyTrustManager = new X509TrustManager() { @Override//ww w . ja va 2 s. c om public void checkClientTrusted(java.security.cert.X509Certificate[] arg0, String arg1) throws java.security.cert.CertificateException { // TODO Auto-generated method stub } @Override public void checkServerTrusted(java.security.cert.X509Certificate[] arg0, String arg1) throws java.security.cert.CertificateException { // TODO Auto-generated method stub } @Override public java.security.cert.X509Certificate[] getAcceptedIssuers() { // TODO Auto-generated method stub return null; } }; SSLContext sslcontext = SSLContext.getInstance("TLS"); sslcontext.init(null, new TrustManager[] { easyTrustManager }, null); SSLSocketFactory sf = new SSLSocketFactory(sslcontext); sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); Scheme sch = new Scheme("https", sf, PORT); // PORT = 443 httpclient.getConnectionManager().getSchemeRegistry().register(sch); // Return the initialized instance of our httpclient return httpclient; }
From source file:com.sonatype.nexus.ssl.plugin.internal.TrustStoreImpl.java
private static TrustManager[] getTrustManagers(final KeyStoreManager keyStoreManager) throws Exception { final X509TrustManager managedTrustManager = getManagedTrustManager(checkNotNull(keyStoreManager)); final TrustManager[] systemTrustManagers = getSystemTrustManagers(); if (systemTrustManagers != null && managedTrustManager != null) { final TrustManager[] trustManagers = new TrustManager[systemTrustManagers.length]; for (int i = 0; i < systemTrustManagers.length; i++) { final TrustManager tm = trustManagers[i] = systemTrustManagers[i]; if (tm instanceof X509TrustManager) { trustManagers[i] = new X509TrustManager() { @Override/*ww w .j a v a2 s .com*/ public void checkClientTrusted(final X509Certificate[] chain, final String authType) throws CertificateException { ((X509TrustManager) tm).checkClientTrusted(chain, authType); } @Override public void checkServerTrusted(final X509Certificate[] chain, final String authType) throws CertificateException { try { ((X509TrustManager) tm).checkServerTrusted(chain, authType); } catch (CertificateException e) { try { managedTrustManager.checkServerTrusted(chain, authType); } catch (CertificateException ignore) { throw e; } } } @Override public X509Certificate[] getAcceptedIssuers() { return ((X509TrustManager) tm).getAcceptedIssuers(); } }; } } return trustManagers; } return null; }
From source file:mendhak.teamcity.stash.api.StashClient.java
private HttpURLConnection GetConnection(String targetURL) throws IOException, NoSuchAlgorithmException, KeyManagementException { URL url = new URL(targetURL); if (targetURL.startsWith("http://")) { return (HttpURLConnection) url.openConnection(); }/* ww w .j av a 2s . co m*/ //Create an all trusting SSL URL Connection //For in-house Stash servers with self-signed certs // Create a trust manager that does not validate certificate chains TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() { public X509Certificate[] getAcceptedIssuers() { return null; } public void checkClientTrusted(X509Certificate[] certs, String authType) { } public void checkServerTrusted(X509Certificate[] certs, String authType) { } } }; // Install the all-trusting trust manager SSLContext sc = SSLContext.getInstance("SSL"); sc.init(null, trustAllCerts, new java.security.SecureRandom()); HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory()); // Create all-trusting host name verifier HostnameVerifier allHostsValid = new HostnameVerifier() { public boolean verify(String hostname, SSLSession session) { return true; } }; // Install the all-trusting host verifier HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid); return (HttpsURLConnection) url.openConnection(); }
From source file:io.reappt.adapters.kafka.KafkaAdapter.java
private Session createSession(String url, String reapptUser, String reapptPassword) throws KeyManagementException, NoSuchAlgorithmException { // For the purpose of the test we accept every certificate. TrustManager trustManager = new X509TrustManager() { public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { }/*from www . j a va 2s. c o m*/ public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { } public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[0]; } }; final SSLContext context = SSLContext.getInstance("TLSv1"); context.init(null, new TrustManager[] { trustManager }, null); return Diffusion.sessions().connectionTimeout(10000).errorHandler(new Session.ErrorHandler.Default()) .principal(reapptUser).password(reapptPassword).reconnectionTimeout(5000).sslContext(context) .open(url); }
From source file:edu.washington.iam.tools.IamConnectionManager.java
protected void initManagers() { // trust managers /**/*from ww w . j a v a 2 s .c om*/ try { TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); X509Certificate cert = null; if (caFilename!=null) cert = readCertificate(caFilename); log.debug("init trust mgr " + cert); trustStore = KeyStore.getInstance(KeyStore.getDefaultType()); trustStore.load(null, null); trustStore.setCertificateEntry("CACERT", cert); tmf.init(trustStore); trustManagers = tmf.getTrustManagers(); } catch (Exception e) { log.error("cacert error: " + e); } **/ trustManagers = new TrustManager[] { new X509TrustManager() { public X509Certificate[] getAcceptedIssuers() { return null; } public void checkClientTrusted(X509Certificate[] certs, String authType) { return; } public void checkServerTrusted(X509Certificate[] certs, String authType) { return; } } }; // key managers if (certFilename != null && keyFilename != null) { try { KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); keyStore.load(null, null); X509Certificate cert = readCertificate(certFilename); PKCS1 pkcs = new PKCS1(); PrivateKey key = pkcs.readKey(keyFilename); X509Certificate[] chain = new X509Certificate[1]; chain[0] = cert; keyStore.setKeyEntry("CERT", (Key) key, "pw".toCharArray(), chain); kmf.init(keyStore, "pw".toCharArray()); keyManagers = kmf.getKeyManagers(); } catch (Exception e) { log.error("cert/key error: " + e); } } }
From source file:it.serverSystem.HttpsTest.java
private void connectUntrusted() throws Exception { // Create a trust manager that does not validate certificate chains TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() { public X509Certificate[] getAcceptedIssuers() { return null; }// www.j a v a2 s . c o m public void checkClientTrusted(X509Certificate[] certs, String authType) { } public void checkServerTrusted(X509Certificate[] certs, String authType) { } } }; // Install the all-trusting trust manager // SSLv3 is disabled since SQ 4.5.2 : https://jira.codehaus.org/browse/SONAR-5860 SSLContext sc = SSLContext.getInstance("TLS"); sc.init(null, trustAllCerts, new java.security.SecureRandom()); SSLSocketFactory untrustedSocketFactory = sc.getSocketFactory(); // Create all-trusting host name verifier HostnameVerifier allHostsValid = new HostnameVerifier() { public boolean verify(String hostname, SSLSession session) { return true; } }; URL url = new URL("https://localhost:" + httpsPort + "/sessions/login"); HttpsURLConnection connection = (HttpsURLConnection) url.openConnection(); connection.setRequestMethod("POST"); connection.setAllowUserInteraction(true); connection.setSSLSocketFactory(untrustedSocketFactory); connection.setHostnameVerifier(allHostsValid); InputStream input = connection.getInputStream(); checkCookieFlags(connection); try { String html = IOUtils.toString(input); assertThat(html).contains("<body"); } finally { IOUtils.closeQuietly(input); } }
From source file:jp.primecloud.auto.sdk.Requester.java
protected HttpURLConnection createConnection(String url, PccOptions options) throws IOException, GeneralSecurityException { HttpURLConnection connection = (HttpURLConnection) new URL(url).openConnection(); connection.setRequestMethod("GET"); if (options != null) { // HTTPS? if (connection instanceof HttpsURLConnection && Boolean.TRUE.equals(options.getIgnoreCerts())) { HttpsURLConnection connection2 = (HttpsURLConnection) connection; // ?/*from w w w.j a v a2 s . c om*/ X509TrustManager trustManager = new X509TrustManager() { @Override public X509Certificate[] getAcceptedIssuers() { return null; } @Override public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { } @Override public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { } }; SSLContext sslcontext = SSLContext.getInstance("SSL"); sslcontext.init(null, new TrustManager[] { trustManager }, null); connection2.setSSLSocketFactory(sslcontext.getSocketFactory()); // ??? connection2.setHostnameVerifier(new HostnameVerifier() { @Override public boolean verify(String hostname, SSLSession session) { return true; } }); } } return connection; }
From source file:com.google.appengine.tck.endpoints.support.EndPointClient.java
/** * This ssl socket factory ignores validation. * * @return ssl socket factory//from w w w . ja v a 2 s .co m */ protected SchemeSocketFactory getSslFactory() { try { TrustManager trm = new X509TrustManager() { public void checkClientTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException { } public void checkServerTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException { } public X509Certificate[] getAcceptedIssuers() { return null; } }; SSLContext sc = SSLContext.getInstance("SSL"); sc.init(null, new TrustManager[] { trm }, null); X509HostnameVerifier hostnameVerifier = new X509HostnameVerifier() { public void verify(String host, SSLSocket ssl) throws IOException { } public void verify(String host, X509Certificate cert) throws SSLException { } public void verify(String host, String[] cns, String[] subjectAlts) throws SSLException { } public boolean verify(String s, SSLSession sslSession) { return true; } }; return new SSLSocketFactory(sc, hostnameVerifier); } catch (Exception e) { throw new RuntimeException(e); } }
From source file:edu.internet2.middleware.shibboleth.common.config.metadata.HTTPMetadataProviderBeanDefinitionParser.java
/** * Builds a {@link javax.net.ssl.X509TrustManager} which bypasses all X.509 validation steps. * /*from w ww .ja va2 s. c o m*/ * @return the trustless trust manager */ protected X509TrustManager buildNoTrustTrustManager() { X509TrustManager noTrustManager = new X509TrustManager() { /** {@inheritDoc} */ public void checkClientTrusted(X509Certificate[] certs, String auth) { } /** {@inheritDoc} */ public void checkServerTrusted(X509Certificate[] certs, String auth) { } /** {@inheritDoc} */ public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[] {}; } }; return noTrustManager; }
From source file:com.axibase.tsd.client.HttpClient.java
private static void ignoreSslCertificateErrorInit(SSLContext sslContext) { try {//from w w w . j a v a 2 s. c om sslContext.init(null, new TrustManager[] { new X509TrustManager() { @Override public void checkClientTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException { } @Override public void checkServerTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException { } @Override public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[0]; } } }, new SecureRandom()); } catch (KeyManagementException e) { log.warn("SSL context initialization error: ", e); } }