List of usage examples for javax.net.ssl X509TrustManager X509TrustManager
X509TrustManager
From source file:com.dh.perfectoffer.event.framework.net.network.NetworkConnectionImpl.java
private static SSLSocketFactory getAllHostsValidSocketFactory() throws NoSuchAlgorithmException, KeyManagementException { if (sAllHostsValidSocketFactory == null) { TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() { public X509Certificate[] getAcceptedIssuers() { return null; }/* w ww . jav a 2s. c o m*/ public void checkClientTrusted(X509Certificate[] certs, String authType) { } public void checkServerTrusted(X509Certificate[] certs, String authType) { } } }; SSLContext sc = SSLContext.getInstance("SSL"); sc.init(null, trustAllCerts, new java.security.SecureRandom()); sAllHostsValidSocketFactory = sc.getSocketFactory(); } return sAllHostsValidSocketFactory; }
From source file:com.dh.superxz_bottom.framework.net.network.NetworkConnectionImpl.java
private static SSLSocketFactory getAllHostsValidSocketFactory() throws NoSuchAlgorithmException, KeyManagementException { if (sAllHostsValidSocketFactory == null) { TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() { public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; }/* w w w.j av a2 s.c o m*/ public void checkClientTrusted(X509Certificate[] certs, String authType) { } public void checkServerTrusted(X509Certificate[] certs, String authType) { } } }; SSLContext sc = SSLContext.getInstance("SSL"); sc.init(null, trustAllCerts, new java.security.SecureRandom()); sAllHostsValidSocketFactory = sc.getSocketFactory(); } return sAllHostsValidSocketFactory; }
From source file:org.fedoraproject.eclipse.packager.api.UploadSourceCommand.java
/** * Wrap a basic HttpClient object in an all trusting SSL enabled * HttpClient object.// w w w .ja v a2 s.com * * @param base The HttpClient to wrap. * @return The SSL wrapped HttpClient. * @throws GeneralSecurityException * @throws IOException */ private HttpClient trustAllSslEnable(HttpClient base) throws GeneralSecurityException { // Get an initialized SSL context // Create a trust manager that does not validate certificate chains TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() { @Override public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; } @Override public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) { } @Override public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) { } } }; // set up the all-trusting trust manager SSLContext sc = SSLContext.getInstance("SSL"); //$NON-NLS-1$ sc.init(null, trustAllCerts, new java.security.SecureRandom()); SSLSocketFactory sf = new SSLSocketFactory(sc, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); ClientConnectionManager ccm = base.getConnectionManager(); SchemeRegistry sr = ccm.getSchemeRegistry(); Scheme https = new Scheme("https", 443, sf); //$NON-NLS-1$ sr.register(https); return new DefaultHttpClient(ccm, base.getParams()); }
From source file:org.opensaml.util.http.HttpClientBuilder.java
/** * Creates the default scheme registry for connection. The constructed registry supports http with a default port of * 80 and https with a default port of 443. If {@link #connectionDisregardSslCertificate} is true, than the https * port will accept any certificate presented by the responder. * /*from w ww . j a v a2 s. c om*/ * @return the default scheme registry. */ private SchemeRegistry buildSchemeRegistry() { final SchemeRegistry registry = new SchemeRegistry(); registry.register(new Scheme("http", 80, PlainSocketFactory.getSocketFactory())); final SSLSocketFactory sslSF; if (!connectionDisregardSslCertificate) { sslSF = SSLSocketFactory.getSocketFactory(); } else { X509TrustManager noTrustManager = new X509TrustManager() { public X509Certificate[] getAcceptedIssuers() { return null; } public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { // accept everything } public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { // accept everything } }; try { SSLContext sslcontext = SSLContext.getInstance("TLS"); sslcontext.init(null, new TrustManager[] { noTrustManager }, null); sslSF = new SSLSocketFactory(sslcontext); } catch (NoSuchAlgorithmException e) { throw new RuntimeException("TLS SSLContext type is required to be supported by the JVM but is not", e); } catch (KeyManagementException e) { throw new RuntimeException("Some how the trust everything trust manager didn't trust everything", e); } } registry.register(new Scheme("https", 443, sslSF)); return registry; }
From source file:org.hyperic.hq.hqapi1.HQConnection.java
private void configureSSL(HttpClient client) throws IOException { final String keyStorePath = System.getProperty("javax.net.ssl.keyStore"); final String keyStorePassword = System.getProperty("javax.net.ssl.keyStorePassword"); final boolean validateSSLCertificates = StringUtils.hasText(keyStorePath) && StringUtils.hasText(keyStorePassword); X509TrustManager customTrustManager = null; KeyManager[] keyManagers = null; try {//from www . j a v a2 s . co m if (validateSSLCertificates) { // Use specified key store and perform SSL validation... KeyStore keystore = getKeyStore(keyStorePath, keyStorePassword); KeyManagerFactory keyManagerFactory = getKeyManagerFactory(keystore, keyStorePassword); TrustManagerFactory trustManagerFactory = getTrustManagerFactory(keystore); keyManagers = keyManagerFactory.getKeyManagers(); customTrustManager = (X509TrustManager) trustManagerFactory.getTrustManagers()[0]; } else { // Revert to previous functionality and ignore SSL certs... customTrustManager = new X509TrustManager() { public void checkClientTrusted(X509Certificate[] chain, String authType) { } public void checkServerTrusted(X509Certificate[] chain, String authType) { } //required for jdk 1.3/jsse 1.0.3_01 public boolean isClientTrusted(X509Certificate[] chain) { return true; } //required for jdk 1.3/jsse 1.0.3_01 public boolean isServerTrusted(X509Certificate[] chain) { return true; } public X509Certificate[] getAcceptedIssuers() { return null; } }; } SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(keyManagers, new TrustManager[] { customTrustManager }, new SecureRandom()); // XXX Should we use ALLOW_ALL_HOSTNAME_VERIFIER (least restrictive) or // BROWSER_COMPATIBLE_HOSTNAME_VERIFIER (moderate restrictive) or // STRICT_HOSTNAME_VERIFIER (most restrictive)??? // For now allow all, and make it configurable later... X509HostnameVerifier hostnameVerifier = null; if (validateSSLCertificates) { hostnameVerifier = new AllowAllHostnameVerifier(); } else { hostnameVerifier = new X509HostnameVerifier() { private AllowAllHostnameVerifier internalVerifier = new AllowAllHostnameVerifier(); public boolean verify(String host, SSLSession session) { return internalVerifier.verify(host, session); } public void verify(String host, String[] cns, String[] subjectAlts) throws SSLException { internalVerifier.verify(host, cns, subjectAlts); } public void verify(String host, X509Certificate cert) throws SSLException { internalVerifier.verify(host, cert); } public void verify(String host, SSLSocket ssl) throws IOException { try { internalVerifier.verify(host, ssl); } catch (SSLPeerUnverifiedException e) { // ignore } } }; } client.getConnectionManager().getSchemeRegistry() .register(new Scheme("https", 443, new SSLSocketFactory(sslContext, hostnameVerifier))); } catch (Exception e) { throw new IOException(e); } }
From source file:org.broad.igv.util.HttpUtils.java
/** * Code for disabling SSL certification// w w w. j a v a 2 s . com */ private void disableCertificateValidation() { // Create a trust manager that does not validate certificate chains TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() { public java.security.cert.X509Certificate[] getAcceptedIssuers() { return new java.security.cert.X509Certificate[0]; } public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) { } public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) { } } }; // Install the all-trusting trust manager try { SSLContext sc = SSLContext.getInstance("SSL"); sc.init(null, trustAllCerts, null); HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory()); } catch (NoSuchAlgorithmException e) { } catch (KeyManagementException e) { } }
From source file:org.sipfoundry.openfire.vcard.provider.RestInterface.java
public static String getPngStringTimeout(String urlStr) { try {//w w w. j a v a 2 s .c o m URL url = new URL(urlStr); HttpURLConnection conn = (HttpURLConnection) url.openConnection(); if (url.getProtocol().equalsIgnoreCase("https")) { TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() { public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; } public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) { } public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) { } } }; SSLContext sc = SSLContext.getInstance("TLS"); sc.init(null, trustAllCerts, new java.security.SecureRandom()); ((HttpsURLConnection) conn).setSSLSocketFactory(sc.getSocketFactory()); } conn.setConnectTimeout(CONNECTION_TIMEOUT); conn.setReadTimeout(READ_TIMEOUT); conn.setRequestMethod("GET"); conn.connect(); ByteArrayOutputStream os = new ByteArrayOutputStream(); BufferedImage image = ImageIO.read(conn.getInputStream()); ImageIO.write(image, "png", os); return new String(new Base64().encode(os.toByteArray())); } catch (MalformedURLException e) { logger.error("In getPngStringTimeout, MalformedURLException:" + e.getMessage()); return null; } catch (IOException e) { logger.error("In getPngStringTimeout, IOException:" + e.getMessage()); return null; } catch (Exception e) { logger.error("In getPngStringTimeout, Exception:" + e.getMessage()); return null; } }
From source file:jetbrains.buildServer.vmgr.agent.Utils.java
private static SSLSocketFactory getSocketFactory() throws NoSuchAlgorithmException, KeyManagementException { SSLContext sslContext = SSLContext.getInstance("TLS"); TrustManager tm = new X509TrustManager() { public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { }//from ww w.jav a 2 s .co m public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { } public X509Certificate[] getAcceptedIssuers() { return null; } }; sslContext.init(null, new TrustManager[] { tm }, null); return sslContext.getSocketFactory(); }
From source file:org.sharegov.cirm.StartUp.java
public static void disableCertificateValidation() { // Create a trust manager that does not validate certificate chains TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() { public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[0]; }//from ww w . j av a 2s . c om public void checkClientTrusted(X509Certificate[] certs, String authType) { // System.out.println("Check client trusted"); } public void checkServerTrusted(X509Certificate[] certs, String authType) { // System.out.println("Check server trusted"); } } }; // Ignore differences between given hostname and certificate hostname HostnameVerifier hv = new HostnameVerifier() { @Override public boolean verify(String hostname, SSLSession session) { // TODO Auto-generated method stub return true; } }; // Install the all-trusting trust manager try { // SSLContext sc = SSLContext.getInstance("SSL"); // sc.init(null, trustAllCerts, new SecureRandom()); SSLContext ctx = SSLContext.getInstance("TLS"); ctx.init(new KeyManager[0], trustAllCerts, new SecureRandom()); HttpsURLConnection.setDefaultSSLSocketFactory(ctx.getSocketFactory()); HttpsURLConnection.setDefaultHostnameVerifier(hv); // see:http://stackoverflow.com/questions/1828775/how-to-handle-invalid-ssl-certificates-with-apache-httpclient // see:https://code.google.com/p/jsslutils/wiki/ApacheHttpClientUsage org.apache.commons.httpclient.protocol.Protocol.registerProtocol("https", new org.apache.commons.httpclient.protocol.Protocol("https", (ProtocolSocketFactory) new SslContextedSecureProtocolSocketFactory(ctx, false), 443)); SSLContext.setDefault(ctx); } catch (Exception e) { } }
From source file:com.gs.tools.doc.extractor.core.util.HttpUtility.java
public DefaultSecureSocketFactory(KeyStore trustStore) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException { super(trustStore); TrustManager tm = new X509TrustManager() { public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { }/* w w w . ja v a 2s .c o m*/ public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { } public X509Certificate[] getAcceptedIssuers() { return null; } }; sslContext.init(null, new TrustManager[] { tm }, null); }