List of usage examples for org.apache.http.conn.ssl NoopHostnameVerifier NoopHostnameVerifier
NoopHostnameVerifier
From source file:org.openbaton.sdk.api.util.RestRequest.java
private CloseableHttpClient getHttpClientForSsl() { SSLContext sslContext = null; try {/* ww w .jav a 2s . c o m*/ sslContext = SSLContexts.custom().loadTrustMaterial(null, new TrustSelfSignedStrategy()).build(); } catch (NoSuchAlgorithmException e) { log.error("Could not initialize the HttpClient for SSL connections"); log.error(e.getMessage(), e); } catch (KeyManagementException e) { log.error("Could not initialize the HttpClient for SSL connections"); log.error(e.getMessage(), e); } catch (KeyStoreException e) { log.error("Could not initialize the HttpClient for SSL connections"); log.error(e.getMessage(), e); } // necessary to trust self signed certificates SSLConnectionSocketFactory sslConnectionSocketFactory = new SSLConnectionSocketFactory(sslContext, new String[] { "TLSv1" }, null, new NoopHostnameVerifier()); Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create() .register("https", sslConnectionSocketFactory).build(); return HttpClientBuilder.create().setDefaultRequestConfig(config) .setConnectionManager(new PoolingHttpClientConnectionManager(socketFactoryRegistry)) .setSSLSocketFactory(sslConnectionSocketFactory).build(); }
From source file:org.openbaton.marketplace.core.VNFPackageManagement.java
private CloseableHttpClient getHttpClientForSsl(RequestConfig config) { SSLContext sslContext = null; try {/* w w w. ja v a 2 s. c o m*/ sslContext = SSLContexts.custom().loadTrustMaterial(null, new TrustSelfSignedStrategy()).build(); } catch (NoSuchAlgorithmException e) { log.error("Could not initialize the HttpClient for SSL connections"); log.error(e.getMessage(), e); } catch (KeyManagementException e) { log.error("Could not initialize the HttpClient for SSL connections"); log.error(e.getMessage(), e); } catch (KeyStoreException e) { log.error("Could not initialize the HttpClient for SSL connections"); log.error(e.getMessage(), e); } // necessary to trust self signed certificates SSLConnectionSocketFactory sslConnectionSocketFactory = new SSLConnectionSocketFactory(sslContext, new String[] { "TLSv1" }, null, new NoopHostnameVerifier()); Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create() .register("https", sslConnectionSocketFactory).build(); return HttpClientBuilder.create().setDefaultRequestConfig(config) .setConnectionManager(new PoolingHttpClientConnectionManager(socketFactoryRegistry)) .setSSLSocketFactory(sslConnectionSocketFactory).build(); }
From source file:net.yacy.cora.protocol.http.HTTPClient.java
private static SSLConnectionSocketFactory getSSLSocketFactory() { final TrustManager trustManager = new X509TrustManager() { @Override// w w w . j a v a 2 s. co m public void checkClientTrusted(final X509Certificate[] chain, final String authType) throws CertificateException { } @Override public void checkServerTrusted(final X509Certificate[] chain, final String authType) throws CertificateException { } @Override public X509Certificate[] getAcceptedIssuers() { return null; } }; SSLContext sslContext = null; try { sslContext = SSLContext.getInstance("TLS"); sslContext.init(null, new TrustManager[] { trustManager }, null); } catch (final NoSuchAlgorithmException e) { // should not happen // e.printStackTrace(); } catch (final KeyManagementException e) { // should not happen // e.printStackTrace(); } final SSLConnectionSocketFactory sslSF = new SSLConnectionSocketFactory(sslContext, new NoopHostnameVerifier()); return sslSF; }
From source file:org.apache.gobblin.elasticsearch.writer.ElasticsearchRestWriter.java
private static RestClient buildRestClient(List<InetSocketTransportAddress> hosts, int threadCount, boolean sslEnabled, String keyStoreType, String keyStoreFilePassword, String identityFilepath, String trustStoreType, String trustStoreFilePassword, String cacertsFilepath) throws Exception { HttpHost[] httpHosts = new HttpHost[hosts.size()]; String scheme = sslEnabled ? "https" : "http"; for (int h = 0; h < httpHosts.length; h++) { InetSocketTransportAddress host = hosts.get(h); httpHosts[h] = new HttpHost(host.getAddress(), host.getPort(), scheme); }// ww w .j a v a 2s.c om RestClientBuilder builder = RestClient.builder(httpHosts); if (sslEnabled) { log.info("ssl configuration: trustStoreType = {}, cacertsFilePath = {}", trustStoreType, cacertsFilepath); KeyStore truststore = KeyStore.getInstance(trustStoreType); FileInputStream trustInputStream = new FileInputStream(cacertsFilepath); try { truststore.load(trustInputStream, trustStoreFilePassword.toCharArray()); } finally { trustInputStream.close(); } SSLContextBuilder sslBuilder = SSLContexts.custom().loadTrustMaterial(truststore, null); log.info("ssl key configuration: keyStoreType = {}, keyFilePath = {}", keyStoreType, identityFilepath); KeyStore keystore = KeyStore.getInstance(keyStoreType); FileInputStream keyInputStream = new FileInputStream(identityFilepath); try { keystore.load(keyInputStream, keyStoreFilePassword.toCharArray()); } finally { keyInputStream.close(); } sslBuilder.loadKeyMaterial(keystore, keyStoreFilePassword.toCharArray()); final SSLContext sslContext = sslBuilder.build(); builder = builder.setHttpClientConfigCallback(httpAsyncClientBuilder -> httpAsyncClientBuilder // Set ssl context .setSSLContext(sslContext).setSSLHostnameVerifier(new NoopHostnameVerifier()) // Configure number of threads for clients .setDefaultIOReactorConfig(IOReactorConfig.custom().setIoThreadCount(threadCount).build())); } else { builder = builder.setHttpClientConfigCallback(httpAsyncClientBuilder -> httpAsyncClientBuilder // Configure number of threads for clients .setDefaultIOReactorConfig(IOReactorConfig.custom().setIoThreadCount(threadCount).build())); } // Configure timeouts builder.setRequestConfigCallback( requestConfigBuilder -> requestConfigBuilder.setConnectionRequestTimeout(0)); // Important, otherwise the client has spurious timeouts return builder.build(); }
From source file:org.openhab.binding.fritzboxtr064.internal.Tr064Comm.java
/** * Creates an Apache HTTP Client object, ignoring SSL Exceptions like self signed * certificates, and sets Auth. Scheme to Digest Auth. * * @param fboxUrl// w w w . j a v a2s .co m * the URL from config file of fbox to connect to * @return the ready-to-use httpclient for tr064 requests */ private synchronized CloseableHttpClient createTr064HttpClient(String fboxUrl) { CloseableHttpClient hc = null; // Convert URL String from config in easy explotable URI object URIBuilder uriFbox = null; try { uriFbox = new URIBuilder(fboxUrl); } catch (URISyntaxException e) { logger.error("Invalid FritzBox URL! {}", e.getMessage()); return null; } // Create context of the http client _httpClientContext = HttpClientContext.create(); CookieStore cookieStore = new BasicCookieStore(); _httpClientContext.setCookieStore(cookieStore); // SETUP AUTH // Auth is specific for this target HttpHost target = new HttpHost(uriFbox.getHost(), uriFbox.getPort(), uriFbox.getScheme()); // Add digest authentication with username/pw from global config CredentialsProvider credp = new BasicCredentialsProvider(); credp.setCredentials(new AuthScope(target.getHostName(), target.getPort()), new UsernamePasswordCredentials(_user, _pw)); // Create AuthCache instance. Manages authentication based on server response AuthCache authCache = new BasicAuthCache(); // Generate DIGEST scheme object, initialize it and add it to the local auth // cache. Digeste is standard for fbox auth SOAP DigestScheme digestAuth = new DigestScheme(); digestAuth.overrideParamter("realm", "HTTPS Access"); // known from fbox specification digestAuth.overrideParamter("nonce", ""); // never known at first request authCache.put(target, digestAuth); // Add AuthCache to the execution context _httpClientContext.setAuthCache(authCache); // SETUP SSL TRUST SSLContextBuilder sslContextBuilder = new SSLContextBuilder(); SSLConnectionSocketFactory sslsf = null; try { sslContextBuilder.loadTrustMaterial(null, new TrustSelfSignedStrategy()); // accept self signed certs // dont verify hostname against cert CN sslsf = new SSLConnectionSocketFactory(sslContextBuilder.build(), null, null, new NoopHostnameVerifier()); } catch (Exception ex) { logger.error(ex.getMessage()); } // Set timeout values RequestConfig rc = RequestConfig.copy(RequestConfig.DEFAULT).setSocketTimeout(4000).setConnectTimeout(4000) .setConnectionRequestTimeout(4000).build(); // BUILDER // setup builder with parameters defined before hc = HttpClientBuilder.create().setSSLSocketFactory(sslsf) // set the SSL options which trust every self signed // cert .setDefaultCredentialsProvider(credp) // set auth options using digest .setDefaultRequestConfig(rc) // set the request config specifying timeout .build(); return hc; }