List of usage examples for javax.net.ssl X509TrustManager X509TrustManager
X509TrustManager
From source file:edu.mayo.cts2.framework.core.client.Cts2RestClient.java
/** * Enable trust for a self signed ssl./*from w ww.ja va 2 s . c o m*/ */ protected void trustSelfSignedSSL() { try { SSLContext ctx = SSLContext.getInstance("TLS"); X509TrustManager tm = new X509TrustManager() { public void checkClientTrusted(X509Certificate[] xcs, String string) throws CertificateException { } public void checkServerTrusted(X509Certificate[] xcs, String string) throws CertificateException { } public X509Certificate[] getAcceptedIssuers() { return null; } }; ctx.init(null, new TrustManager[] { tm }, null); SSLContext.setDefault(ctx); } catch (Exception e) { throw new RuntimeException(e); } }
From source file:org.bedework.util.http.BasicHttpClient.java
/** Allow testing of features when we don't have any valid certs. * * @return socket factory.//from w w w . j a va2 s. c o m */ public static SSLSocketFactory getSslSocketFactory() { if (!sslDisabled) { return SSLSocketFactory.getSocketFactory(); } try { final X509Certificate[] _AcceptedIssuers = new X509Certificate[] {}; final SSLContext ctx = SSLContext.getInstance("TLS"); final X509TrustManager tm = new X509TrustManager() { @Override public X509Certificate[] getAcceptedIssuers() { return _AcceptedIssuers; } @Override public void checkServerTrusted(final X509Certificate[] chain, final String authType) throws CertificateException { } @Override public void checkClientTrusted(final X509Certificate[] chain, final String authType) throws CertificateException { } }; ctx.init(null, new TrustManager[] { tm }, new SecureRandom()); return new SSLSocketFactory(ctx, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); } catch (final Throwable t) { throw new RuntimeException(t); } }
From source file:org.jboss.pnc.auth.keycloakutil.util.HttpUtil.java
public static HttpClient getHttpClient() { if (httpClient == null) { HttpClientBuilder clientBuilder = HttpClientBuilder.create().useSystemProperties(); if (sslRequired) { if (sslsf != null) { clientBuilder.setSSLSocketFactory(sslsf); }// www . j av a 2 s . c o m } else { SSLContext sslContext; try { sslContext = SSLContext.getInstance("SSL"); // set up a TrustManager that trusts everything sslContext.init(null, new TrustManager[] { new X509TrustManager() { @Override public X509Certificate[] getAcceptedIssuers() { return null; } @Override public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { } @Override public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { } } }, new SecureRandom()); } catch (NoSuchAlgorithmException ex) { throw new AuthenticationException("Cannot get SSLContext instance for \"SSL\" protocol.", ex); } catch (KeyManagementException ex) { throw new AuthenticationException("SSLContext initialization failed.", ex); } clientBuilder.setSSLHostnameVerifier(NoopHostnameVerifier.INSTANCE).setSSLContext(sslContext); } httpClient = clientBuilder.build(); } return httpClient; }
From source file:com.marklogic.client.functionaltest.TestSSLConnection.java
@Test public void testSSLConnectionInvalidPort() throws IOException, NoSuchAlgorithmException, KeyManagementException { System.out.println("Running testSSLConnectionInvalidPort"); String filename = "facebook-10443244874876159931"; // create a trust manager // (note: a real application should verify certificates) TrustManager naiveTrustMgr = new X509TrustManager() { @Override//from ww w.ja v a 2 s.c o m public void checkClientTrusted(X509Certificate[] chain, String authType) { } @Override public void checkServerTrusted(X509Certificate[] chain, String authType) { } @Override public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[0]; } }; // create an SSL context SSLContext sslContext = SSLContext.getInstance("SSLv3"); sslContext.init(null, new TrustManager[] { naiveTrustMgr }, null); // create the client // (note: a real application should use a COMMON, STRICT, or implemented hostname verifier) DatabaseClient client = DatabaseClientFactory.newClient("localhost", 8033, "rest-admin", "x", Authentication.DIGEST, sslContext, SSLHostnameVerifier.ANY); String expectedException = "com.sun.jersey.api.client.ClientHandlerException: org.apache.http.conn.HttpHostConnectException: Connection to https://localhost:8033 refused"; String exception = ""; // write doc try { writeDocumentUsingStringHandle(client, filename, "/write-text-doc/", "Text"); } catch (Exception e) { exception = e.toString(); } assertEquals("Exception is not thrown", expectedException, exception); // release client client.release(); }
From source file:org.moe.cli.utils.GrabUtils.java
/** * Download file from remote/*from w w w . ja v a 2 s . co m*/ * @param link address of remote file * @param output symbolic link to the local file system where the downloaded file will be stored * @throws FileAlreadyExistsException if output file has already exists * @throws FileNotFoundException if link isn't present * @throws UnsupportedTypeException if URI links to file with unsupported type * @throws IOException if operation couldn't be successfully completed because of other reasons */ public static void downloadFileFromRemote(@NonNull URI link, @NonNull File output) throws FileAlreadyExistsException, FileNotFoundException, UnsupportedTypeException, IOException { if (output.exists()) { throw new FileAlreadyExistsException(output.toString() + " already exists!"); } String scheme = link.getScheme(); if (scheme == null) { throw new UnsupportedTypeException("Scheme should not be null!"); } else if (scheme.equals("https")) { // Create a new trust manager that trust all certificates TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() { public X509Certificate[] getAcceptedIssuers() { return null; } public void checkClientTrusted(X509Certificate[] certs, String authType) { } public void checkServerTrusted(X509Certificate[] certs, String authType) { } } }; // Activate the new trust manager try { SSLContext sc = SSLContext.getInstance("SSL"); sc.init(null, trustAllCerts, new java.security.SecureRandom()); HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory()); } catch (Exception e) { throw new IOException(e); } } URL url = link.normalize().toURL(); FileUtils.copyURLToFile(url, output); //TODO: Timeout?... }
From source file:com.adguard.compiler.Main.java
/** * Disable SSL validation (it may work wrong sometimes) * * @throws NoSuchAlgorithmException//from w w w . j a v a2s . c o m * @throws KeyManagementException */ private static void disableSslValidation() throws NoSuchAlgorithmException, KeyManagementException { // Create a trust manager that does not validate certificate chains TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() { public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; } public void checkClientTrusted(X509Certificate[] certs, String authType) { } public void checkServerTrusted(X509Certificate[] certs, String authType) { } } }; // Install the all-trusting trust manager SSLContext sc = SSLContext.getInstance("SSL"); sc.init(null, trustAllCerts, new java.security.SecureRandom()); HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory()); // Create all-trusting host name verifier HostnameVerifier allHostsValid = new HostnameVerifier() { public boolean verify(String hostname, SSLSession session) { return true; } }; // Install the all-trusting host verifier HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid); }
From source file:co.cask.cdap.security.tools.AccessTokenClient.java
protected DefaultHttpClient getHTTPClient() throws Exception { SSLContext sslContext = SSLContext.getInstance("SSL"); // set up a TrustManager that trusts everything sslContext.init(null, new TrustManager[] { new X509TrustManager() { @Override//from ww w . j a v a 2 s .c o m public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; } @Override public void checkClientTrusted(java.security.cert.X509Certificate[] x509Certificates, String s) throws CertificateException { // } @Override public void checkServerTrusted(java.security.cert.X509Certificate[] x509Certificates, String s) throws CertificateException { // } } }, new SecureRandom()); SSLSocketFactory sf = new SSLSocketFactory(sslContext); Scheme httpsScheme = new Scheme("https", 10101, sf); SchemeRegistry schemeRegistry = new SchemeRegistry(); schemeRegistry.register(httpsScheme); // apache HttpClient version >4.2 should use BasicClientConnectionManager ClientConnectionManager cm = new BasicClientConnectionManager(schemeRegistry); return new DefaultHttpClient(cm); }
From source file:org.wso2.carbon.identity.sts.passive.ui.PassiveSTS.java
private void openURLWithNoTrust(String realm) throws IOException { // Create a trust manager that does not validate certificate chains TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() { @Override/*from w ww . j av a 2 s .c o m*/ public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[0]; } @Override public void checkClientTrusted(X509Certificate[] certs, String authType) { // Nothing to implement } @Override public void checkServerTrusted(X509Certificate[] certs, String authType) { // Nothing to implement } } }; // Ignore differences between given hostname and certificate hostname HostnameVerifier hv = new HostnameVerifier() { @Override public boolean verify(String hostname, SSLSession session) { return true; } }; // Install the all-trusting trust manager try { SSLContext sc = SSLContext.getInstance("SSL"); sc.init(null, trustAllCerts, new SecureRandom()); SSLSocketFactory defaultSSLSocketFactory = HttpsURLConnection.getDefaultSSLSocketFactory(); HostnameVerifier defaultHostnameVerifier = HttpsURLConnection.getDefaultHostnameVerifier(); String renegotiation = System.getProperty("sun.security.ssl.allowUnsafeRenegotiation"); try { HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory()); HttpsURLConnection.setDefaultHostnameVerifier(hv); System.setProperty("sun.security.ssl.allowUnsafeRenegotiation", "true"); new URL(realm).getContent(); } finally { HttpsURLConnection.setDefaultSSLSocketFactory(defaultSSLSocketFactory); HttpsURLConnection.setDefaultHostnameVerifier(defaultHostnameVerifier); System.getProperty("sun.security.ssl.allowUnsafeRenegotiation", renegotiation); } } catch (Exception ignore) { if (log.isDebugEnabled()) { log.debug("Error while installing trust manager", ignore); } } }
From source file:com.itude.mobile.mobbl.core.services.datamanager.handlers.MBRESTServiceDataHandler.java
private void allowAnyCertificate(HttpClient httpClient) throws KeyManagementException, NoSuchAlgorithmException { SSLContext ctx = SSLContext.getInstance("TLS"); X509TrustManager tm = new X509TrustManager() { @Override//from w ww. j a v a 2 s. co m public void checkClientTrusted(X509Certificate[] xcs, String string) throws CertificateException { } @Override public void checkServerTrusted(X509Certificate[] xcs, String string) throws CertificateException { } @Override public X509Certificate[] getAcceptedIssuers() { return null; } }; ctx.init(null, new TrustManager[] { tm }, null); SSLSocketFactory ssf = new SSLSocketFactory(ctx, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); ClientConnectionManager ccm = httpClient.getConnectionManager(); SchemeRegistry sr = ccm.getSchemeRegistry(); sr.register(new Scheme("https", 443, ssf)); }