Example usage for org.apache.http.conn.ssl SSLConnectionSocketFactory BROWSER_COMPATIBLE_HOSTNAME_VERIFIER

List of usage examples for org.apache.http.conn.ssl SSLConnectionSocketFactory BROWSER_COMPATIBLE_HOSTNAME_VERIFIER

  1. HOME
  2. Java
  3. org.apache.http
  4. org.apache.http.conn.ssl.*
  5. SSLConnectionSocketFactory
  6. BROWSER_COMPATIBLE_HOSTNAME_VERIFIER

Introduction

In this page you can find the example usage for org.apache.http.conn.ssl SSLConnectionSocketFactory BROWSER_COMPATIBLE_HOSTNAME_VERIFIER.

Prototype

X509HostnameVerifier BROWSER_COMPATIBLE_HOSTNAME_VERIFIER

To view the source code for org.apache.http.conn.ssl SSLConnectionSocketFactory BROWSER_COMPATIBLE_HOSTNAME_VERIFIER.

Click Source Link

Usage

From source file:org.apache.maven.wagon.providers.http.AbstractHttpClientWagonFixed.java

@SuppressWarnings("checkstyle:linelength")
private static PoolingHttpClientConnectionManager createConnManager() {

    String sslProtocolsStr = System.getProperty("https.protocols");
    String cipherSuitesStr = System.getProperty("https.cipherSuites");
    String[] sslProtocols = sslProtocolsStr != null ? sslProtocolsStr.split(" *, *") : null;
    String[] cipherSuites = cipherSuitesStr != null ? cipherSuitesStr.split(" *, *") : null;

    SSLConnectionSocketFactory sslConnectionSocketFactory;
    if (SSL_INSECURE) {
        try {/* w  ww  .j av  a 2 s  .  c o m*/
            SSLContext sslContext = new SSLContextBuilder().useSSL()
                    .loadTrustMaterial(null, new RelaxedTrustStrategy(IGNORE_SSL_VALIDITY_DATES)).build();
            sslConnectionSocketFactory = new SSLConnectionSocketFactory(sslContext, sslProtocols, cipherSuites,
                    SSL_ALLOW_ALL ? SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER
                            : SSLConnectionSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER);
        } catch (Exception ex) {
            throw new SSLInitializationException(ex.getMessage(), ex);
        }
    } else {
        sslConnectionSocketFactory = new SSLConnectionSocketFactory(
                HttpsURLConnection.getDefaultSSLSocketFactory(), sslProtocols, cipherSuites,
                SSLConnectionSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER);
    }

    Registry<ConnectionSocketFactory> registry = RegistryBuilder.<ConnectionSocketFactory>create()
            .register("http", PlainConnectionSocketFactory.INSTANCE)
            .register("https", sslConnectionSocketFactory).build();

    PoolingHttpClientConnectionManager connManager = new PoolingHttpClientConnectionManager(registry);
    if (persistentPool) {
        connManager.setDefaultMaxPerRoute(MAX_CONN_PER_ROUTE);
        connManager.setMaxTotal(MAX_CONN_TOTAL);
    } else {
        connManager.setMaxTotal(1);
    }
    return connManager;
}

From source file:br.com.intercomex.ws.GnreResultadoLote.java

@WebMethod(operationName = "consultarSimples")
public String consultarSimples(@WebParam(name = "nrRecibo") String nrRecibo) {
    String resultado = null;//from   www.j av  a  2  s  .c o  m
    TResultLoteGNRE retorno = null;
    loadConfig();
    try {
        //<TConsLote_GNRE xmlns="http://www.gnre.pe.gov.br"><ambiente>1</ambiente><numeroRecibo>2012314940</numeroRecibo></TConsLote_GNRE>
        String XML_DATA = "<soap:Envelope xmlns:soap=\"http://www.w3.org/2003/05/soap-envelope\" xmlns:gnr=\"http://www.gnre.pe.gov.br/webservice/GnreResultadoLote\">"
                + "<soap:Header><gnr:gnreCabecMsg><gnr:versaoDados>1.00</gnr:versaoDados></gnr:gnreCabecMsg></soap:Header>"
                + " <soap:Body><gnr:gnreDadosMsg><TConsLote_GNRE xmlns=\"http://www.gnre.pe.gov.br\"><ambiente>1</ambiente><numeroRecibo>"
                + nrRecibo + "</numeroRecibo></TConsLote_GNRE></gnr:gnreDadosMsg></soap:Body></soap:Envelope>";

        System.out.println("PARAMETRO envio ==== " + XML_DATA);
        HttpPost httpPost = new HttpPost(url);
        httpPost.setHeader(new BasicHeader("Content-Type", "application/soap+xml;charset=UTF-8"));
        httpPost.setHeader(new BasicHeader("SOAPAction", action));
        StringEntity s = new StringEntity(XML_DATA, "UTF-8");
        httpPost.setEntity(s);
        FileInputStream instream = null;
        FileInputStream instreamTrust = null;
        KeyStore keyStore = KeyStore.getInstance("PKCS12");
        instream = new FileInputStream(new File(caminhoDoCertificadoDoCliente));
        keyStore.load(instream, senhaDoCertificadoDoCliente.toCharArray());

        KeyStore trustStore = KeyStore.getInstance("JKS");
        instreamTrust = new FileInputStream(new File(arquivoCacertsGeradoParaCadaEstado));
        trustStore.load(instreamTrust, senhaDoCertificadoDoCliente.toCharArray());

        SSLContextBuilder builder = SSLContexts.custom().loadTrustMaterial(trustStore);
        builder.loadKeyMaterial(keyStore, senhaDoCertificadoDoCliente.toCharArray());
        SSLContext sslcontext = builder.build();

        SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslcontext,
                SSLConnectionSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER);
        CloseableHttpClient httpclientSLL = HttpClients.custom().setSSLSocketFactory(sslsf).build();

        System.out.println("executing request" + httpPost.getRequestLine());
        System.out.println("Conteudo envio ==== " + XML_DATA);
        HttpResponse response = httpclientSLL.execute(httpPost);
        HttpEntity entity = response.getEntity();

        System.out.println("----------------------------------------");
        System.out.println(response.getStatusLine());
        if (entity != null) {
            System.out.println("Response content length: " + entity.getContentLength());
            String str = EntityUtils.toString(entity);
            System.out.println(str);
            XmlUtil util = new XmlUtil();
            retorno = util.getTResultLoteGNRE(str);
            resultado = retorno.getResultado();

        }
        if (entity != null) {
            entity.consumeContent();
        }
        httpclient.getConnectionManager().shutdown();

    } catch (UnsupportedEncodingException ex) {
        Logger.getLogger(GnreConfigUF.class.getName()).log(Level.SEVERE, null, ex);
    } catch (KeyStoreException ex) {
        Logger.getLogger(GnreConfigUF.class.getName()).log(Level.SEVERE, null, ex);
    } catch (FileNotFoundException ex) {
        Logger.getLogger(GnreConfigUF.class.getName()).log(Level.SEVERE, null, ex);
    } catch (IOException ex) {
        Logger.getLogger(GnreConfigUF.class.getName()).log(Level.SEVERE, null, ex);
    } catch (NoSuchAlgorithmException ex) {
        Logger.getLogger(GnreConfigUF.class.getName()).log(Level.SEVERE, null, ex);
    } catch (CertificateException ex) {
        Logger.getLogger(GnreConfigUF.class.getName()).log(Level.SEVERE, null, ex);
    } catch (UnrecoverableKeyException ex) {
        Logger.getLogger(GnreConfigUF.class.getName()).log(Level.SEVERE, null, ex);
    } catch (KeyManagementException ex) {
        Logger.getLogger(GnreConfigUF.class.getName()).log(Level.SEVERE, null, ex);
    }

    return resultado;
}

From source file:br.com.intercomex.ws.GnreLoteRecepcao.java

@WebMethod(operationName = "processarSimples")
public String processarSimples(@WebParam(name = "gnreDadosMsg") Object TLoteGNRE) {
    br.gov.pe.gnre.TRetLoteGNRE retorno = null;
    String recibo = null;//from   w  w w.  j  av  a 2 s. c  o m
    try {
        loadConfig();
        XmlUtil util = new XmlUtil();
        //<TConsultaConfigUf xmlns=\"http://www.gnre.pe.gov.br\"><ambiente>1</ambiente><uf>MG</uf><receita>100048</receita></TConsultaConfigUf>
        //String gnreDadosMsgSTR= util.convertToXml(TLoteGNRE, br.gov.pe.gnre.TLoteGNRE.class);
        System.out.println("PARAMETRO envio ==== " + TLoteGNRE);
        String gnreDadosMsgSTR = util.nodeToString((Node) TLoteGNRE);

        String XML_DATA = "<soap:Envelope xmlns:soap=\"http://www.w3.org/2003/05/soap-envelope\" xmlns:gnr=\"http://www.gnre.pe.gov.br/webservice/GnreLoteRecepcao\">"
                + "<soap:Header><gnr:gnreCabecMsg><gnr:versaoDados>1.00</gnr:versaoDados></gnr:gnreCabecMsg></soap:Header>"
                + "<soap:Body><gnr:gnreDadosMsg>" + gnreDadosMsgSTR
                + "</gnr:gnreDadosMsg></soap:Body></soap:Envelope>";
        System.out.println("PARAMETRO envio ==== " + XML_DATA);

        HttpPost httpPost = new HttpPost(url);
        httpPost.setHeader(new BasicHeader("Content-Type", "application/soap+xml;charset=UTF-8"));
        httpPost.setHeader(new BasicHeader("SOAPAction", action));
        StringEntity s = new StringEntity(XML_DATA, "UTF-8");
        httpPost.setEntity(s);
        FileInputStream instream = null;
        FileInputStream instreamTrust = null;
        KeyStore keyStore = KeyStore.getInstance("PKCS12");
        instream = new FileInputStream(new File(caminhoDoCertificadoDoCliente));
        keyStore.load(instream, senhaDoCertificadoDoCliente.toCharArray());

        KeyStore trustStore = KeyStore.getInstance("JKS");
        instreamTrust = new FileInputStream(new File(arquivoCacertsGeradoParaCadaEstado));
        trustStore.load(instreamTrust, senhaDoCertificadoDoCliente.toCharArray());

        SSLContextBuilder builder = SSLContexts.custom().loadTrustMaterial(trustStore);
        builder.loadKeyMaterial(keyStore, senhaDoCertificadoDoCliente.toCharArray());
        SSLContext sslcontext = builder.build();

        SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslcontext,
                SSLConnectionSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER);
        CloseableHttpClient httpclientSLL = HttpClients.custom().setSSLSocketFactory(sslsf).build();

        System.out.println("executing request" + httpPost.getRequestLine());
        HttpResponse response = httpclientSLL.execute(httpPost);
        HttpEntity entity = response.getEntity();

        System.out.println("----------------------------------------");
        System.out.println(response.getStatusLine());
        if (entity != null) {
            System.out.println("Response content length: " + entity.getContentLength());
            String retornoStr = EntityUtils.toString(entity);
            System.out.println("Response  " + retornoStr);
            retorno = util.getTRetLoteGNRE(retornoStr);

            recibo = util.getRecibo(retornoStr);
            System.out.println("ResponseOBJ  " + retorno.getAmbiente());
            recibo = retorno.getRecibo().getNumero();
        }
        if (entity != null) {
            entity.consumeContent();
        }
        httpclient.getConnectionManager().shutdown();

    } catch (UnsupportedEncodingException ex) {
        Logger.getLogger(GnreConfigUF.class.getName()).log(Level.SEVERE, null, ex);
    } catch (KeyStoreException ex) {
        Logger.getLogger(GnreConfigUF.class.getName()).log(Level.SEVERE, null, ex);
    } catch (FileNotFoundException ex) {
        Logger.getLogger(GnreConfigUF.class.getName()).log(Level.SEVERE, null, ex);
    } catch (IOException ex) {
        Logger.getLogger(GnreConfigUF.class.getName()).log(Level.SEVERE, null, ex);
    } catch (NoSuchAlgorithmException ex) {
        Logger.getLogger(GnreConfigUF.class.getName()).log(Level.SEVERE, null, ex);
    } catch (CertificateException ex) {
        Logger.getLogger(GnreConfigUF.class.getName()).log(Level.SEVERE, null, ex);
    } catch (UnrecoverableKeyException ex) {
        Logger.getLogger(GnreConfigUF.class.getName()).log(Level.SEVERE, null, ex);
    } catch (KeyManagementException ex) {
        Logger.getLogger(GnreConfigUF.class.getName()).log(Level.SEVERE, null, ex);
    }

    return recibo;
}

From source file:com.liferay.jsonwebserviceclient.JSONWebServiceClientImpl.java

protected SSLConnectionSocketFactory getSSLConnectionSocketFactory() {
    SSLContextBuilder sslContextBuilder = SSLContexts.custom();

    SSLContext sslContext = null;

    try {//from  w w w.  j av  a2 s . c o m
        sslContextBuilder.loadTrustMaterial(_keyStore);

        sslContext = sslContextBuilder.build();

        sslContext.init(null, new TrustManager[] { new X509TrustManagerImpl() }, null);
    } catch (Exception e) {
        throw new RuntimeException(e);
    }

    return new SSLConnectionSocketFactory(sslContext, new String[] { "TLSv1" }, null,
            SSLConnectionSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER);
}

From source file:br.com.intercomex.ws.GnreResultadoLote.java

@WebMethod(operationName = "consultarSimplesHomoloacao")
public String consultarSimplesHomoloacao(@WebParam(name = "nrRecibo") String nrRecibo) {
    String url_HML = "https://www.gnre-h.pe.gov.br/gnreWS/services/GnreResultadoLote?wsdl";
    String action_HML = "http://www.gnre-h.pe.gov.br/gnreWS/services/GnreResultadoLote/consultar";
    String resultado = null;/* ww w.ja v a  2s. com*/
    TResultLoteGNRE retorno = null;
    loadConfig();
    try {
        //<TConsLote_GNRE xmlns="http://www.gnre.pe.gov.br"><ambiente>1</ambiente><numeroRecibo>2012314940</numeroRecibo></TConsLote_GNRE>
        String XML_DATA = "<soap:Envelope xmlns:soap=\"http://www.w3.org/2003/05/soap-envelope\" xmlns:gnr=\"http://www.gnre.pe.gov.br/webservice/GnreResultadoLote\">"
                + "<soap:Header><gnr:gnreCabecMsg><gnr:versaoDados>1.00</gnr:versaoDados></gnr:gnreCabecMsg></soap:Header>"
                + " <soap:Body><gnr:gnreDadosMsg><TConsLote_GNRE xmlns=\"http://www.gnre.pe.gov.br\"><ambiente>2</ambiente><numeroRecibo>"
                + nrRecibo + "</numeroRecibo></TConsLote_GNRE></gnr:gnreDadosMsg></soap:Body></soap:Envelope>";

        System.out.println("PARAMETRO envio ==== " + XML_DATA);
        HttpPost httpPost = new HttpPost(url_HML);
        httpPost.setHeader(new BasicHeader("Content-Type", "application/soap+xml;charset=UTF-8"));
        httpPost.setHeader(new BasicHeader("SOAPAction", action_HML));
        StringEntity s = new StringEntity(XML_DATA, "UTF-8");
        httpPost.setEntity(s);
        FileInputStream instream = null;
        FileInputStream instreamTrust = null;
        KeyStore keyStore = KeyStore.getInstance("PKCS12");
        instream = new FileInputStream(new File(caminhoDoCertificadoDoCliente));
        keyStore.load(instream, senhaDoCertificadoDoCliente.toCharArray());

        KeyStore trustStore = KeyStore.getInstance("JKS");
        instreamTrust = new FileInputStream(new File(arquivoCacertsGeradoParaCadaEstado));
        trustStore.load(instreamTrust, senhaDoCertificadoDoCliente.toCharArray());

        SSLContextBuilder builder = SSLContexts.custom().loadTrustMaterial(trustStore);
        builder.loadKeyMaterial(keyStore, senhaDoCertificadoDoCliente.toCharArray());
        SSLContext sslcontext = builder.build();

        SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslcontext,
                SSLConnectionSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER);
        CloseableHttpClient httpclientSLL = HttpClients.custom().setSSLSocketFactory(sslsf).build();

        System.out.println("executing request" + httpPost.getRequestLine());
        System.out.println("Conteudo envio ==== " + XML_DATA);
        HttpResponse response = httpclientSLL.execute(httpPost);
        HttpEntity entity = response.getEntity();

        System.out.println("----------------------------------------");
        System.out.println(response.getStatusLine());
        if (entity != null) {
            System.out.println("Response content length: " + entity.getContentLength());
            String str = EntityUtils.toString(entity);
            System.out.println(str);
            XmlUtil util = new XmlUtil();
            retorno = util.getTResultLoteGNRE(str);
            resultado = retorno.getResultado();

        }
        if (entity != null) {
            entity.consumeContent();
        }
        httpclient.getConnectionManager().shutdown();

    } catch (UnsupportedEncodingException ex) {
        Logger.getLogger(GnreConfigUF.class.getName()).log(Level.SEVERE, null, ex);
    } catch (KeyStoreException ex) {
        Logger.getLogger(GnreConfigUF.class.getName()).log(Level.SEVERE, null, ex);
    } catch (FileNotFoundException ex) {
        Logger.getLogger(GnreConfigUF.class.getName()).log(Level.SEVERE, null, ex);
    } catch (IOException ex) {
        Logger.getLogger(GnreConfigUF.class.getName()).log(Level.SEVERE, null, ex);
    } catch (NoSuchAlgorithmException ex) {
        Logger.getLogger(GnreConfigUF.class.getName()).log(Level.SEVERE, null, ex);
    } catch (CertificateException ex) {
        Logger.getLogger(GnreConfigUF.class.getName()).log(Level.SEVERE, null, ex);
    } catch (UnrecoverableKeyException ex) {
        Logger.getLogger(GnreConfigUF.class.getName()).log(Level.SEVERE, null, ex);
    } catch (KeyManagementException ex) {
        Logger.getLogger(GnreConfigUF.class.getName()).log(Level.SEVERE, null, ex);
    }

    return resultado;
}

From source file:org.apache.metron.dataloads.taxii.TaxiiHandler.java

private static HttpClient buildClient(URL proxy, String username, String password) throws Exception {
    HttpClient client = new HttpClient(); // Start with a default TAXII HTTP client.

    // Create an Apache HttpClientBuilder to be customized by the command line arguments.
    HttpClientBuilder builder = HttpClientBuilder.create().useSystemProperties();

    // Proxy//  w  w  w .j  a v  a  2s  . co  m
    if (proxy != null) {
        HttpHost proxyHost = new HttpHost(proxy.getHost(), proxy.getPort(), proxy.getProtocol());
        builder.setProxy(proxyHost);
    }

    // Basic authentication. User & Password
    if (username != null ^ password != null) {
        throw new Exception("'username' and 'password' arguments are required to appear together.");
    }

    // from:  http://stackoverflow.com/questions/19517538/ignoring-ssl-certificate-in-apache-httpclient-4-3
    SSLContextBuilder ssbldr = new SSLContextBuilder();
    ssbldr.loadTrustMaterial(null, new TrustSelfSignedStrategy());
    SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(ssbldr.build(),
            SSLConnectionSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER);

    Registry<ConnectionSocketFactory> registry = RegistryBuilder.<ConnectionSocketFactory>create()
            .register("http", new PlainConnectionSocketFactory()).register("https", sslsf).build();

    PoolingHttpClientConnectionManager cm = new PoolingHttpClientConnectionManager(registry);
    cm.setMaxTotal(20);//max connection

    System.setProperty("jsse.enableSNIExtension", "false"); //""
    CloseableHttpClient httpClient = builder.setSSLSocketFactory(sslsf).setConnectionManager(cm).build();

    client.setHttpclient(httpClient);
    return client;
}

From source file:com.github.dockerjava.jaxrs.connector.ApacheConnector.java

private HttpClientConnectionManager createConnectionManager(final Configuration config,
        final SSLContext sslContext, X509HostnameVerifier hostnameVerifier, final boolean useSystemProperties) {

    final String[] supportedProtocols = useSystemProperties ? split(System.getProperty("https.protocols"))
            : null;//w  w w.  j  a v a  2s .c o m
    final String[] supportedCipherSuites = useSystemProperties ? split(System.getProperty("https.cipherSuites"))
            : null;

    if (hostnameVerifier == null) {
        hostnameVerifier = SSLConnectionSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER;
    }

    final LayeredConnectionSocketFactory sslSocketFactory;
    if (sslContext != null) {
        sslSocketFactory = new SSLConnectionSocketFactory(sslContext, supportedProtocols, supportedCipherSuites,
                hostnameVerifier);
    } else {
        if (useSystemProperties) {
            sslSocketFactory = new SSLConnectionSocketFactory((SSLSocketFactory) SSLSocketFactory.getDefault(),
                    supportedProtocols, supportedCipherSuites, hostnameVerifier);
        } else {
            sslSocketFactory = new SSLConnectionSocketFactory(SSLContexts.createDefault(), hostnameVerifier);
        }
    }

    final Registry<ConnectionSocketFactory> registry = RegistryBuilder.<ConnectionSocketFactory>create()
            .register("http", PlainConnectionSocketFactory.getSocketFactory())
            .register("https", sslSocketFactory).build();

    final Integer chunkSize = ClientProperties.getValue(config.getProperties(),
            ClientProperties.CHUNKED_ENCODING_SIZE, 4096, Integer.class);

    final PoolingHttpClientConnectionManager connectionManager = new PoolingHttpClientConnectionManager(
            registry, new ConnectionFactory(chunkSize));

    if (useSystemProperties) {
        String s = System.getProperty("http.keepAlive", "true");
        if ("true".equalsIgnoreCase(s)) {
            s = System.getProperty("http.maxConnections", "5");
            final int max = Integer.parseInt(s);
            connectionManager.setDefaultMaxPerRoute(max);
            connectionManager.setMaxTotal(2 * max);
        }
    }

    return connectionManager;
}

From source file:com.cognitivemedicine.nifi.http.PostAdvancedHTTP.java

private Config getConfig(final String url, final ProcessContext context) {
    final String baseUrl = getBaseUrl(url);
    Config config = configMap.get(baseUrl);
    if (config != null) {
        return config;
    }/*w w w. j  a va 2  s .  co m*/

    final PoolingHttpClientConnectionManager conMan;
    final SSLContextService sslContextService = context.getProperty(SSL_CONTEXT_SERVICE)
            .asControllerService(SSLContextService.class);
    if (sslContextService == null) {
        conMan = new PoolingHttpClientConnectionManager();
    } else {
        final SSLContext sslContext;
        try {
            sslContext = createSSLContext(sslContextService);
        } catch (final Exception e) {
            throw new ProcessException(e);
        }

        final SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslContext,
                new String[] { "TLSv1" }, null,
                SSLConnectionSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER);

        final Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder
                .<ConnectionSocketFactory>create().register("https", sslsf).build();

        conMan = new PoolingHttpClientConnectionManager(socketFactoryRegistry);
    }

    conMan.setDefaultMaxPerRoute(context.getMaxConcurrentTasks());
    conMan.setMaxTotal(context.getMaxConcurrentTasks());
    config = new Config(conMan);
    final Config existingConfig = configMap.putIfAbsent(baseUrl, config);

    return (existingConfig == null) ? config : existingConfig;
}

From source file:org.bonitasoft.connectors.rest.RESTConnector.java

/**
 * Set the request builder based on the request
 * //from  w  w w.jav a 2 s  .  c o  m
 * @param ssl The request SSL options
 * @param httpClientBuilder The request builder
 * @throws Exception
 */
private void setSSL(final SSL ssl, final HttpClientBuilder httpClientBuilder) throws Exception {
    if (ssl != null) {
        final SSLContextBuilder sslContextBuilder = new SSLContextBuilder();

        if (ssl.getTrustStore() != null) {
            final KeyStore trustStore = ssl.getTrustStore().generateKeyStore();
            if (ssl.isUseSelfSignedCertificate()) {
                sslContextBuilder.loadTrustMaterial(trustStore, new TrustSelfSignedStrategy());
            } else {
                sslContextBuilder.loadTrustMaterial(trustStore);
            }
        }

        if (ssl.getKeyStore() != null) {
            final KeyStore keyStore = ssl.getKeyStore().generateKeyStore();
            final String keyStorePassword = ssl.getKeyStore().getPassword();
            sslContextBuilder.loadKeyMaterial(keyStore, keyStorePassword.toCharArray());
        }

        sslContextBuilder.setSecureRandom(null);

        if (ssl.isUseTLS()) {
            sslContextBuilder.useTLS();
        } else {
            sslContextBuilder.useSSL();
        }

        final SSLVerifier verifier = ssl.getSslVerifier();
        X509HostnameVerifier hostnameVerifier = SSLConnectionSocketFactory.STRICT_HOSTNAME_VERIFIER;
        switch (verifier) {
        case BROWSER:
            hostnameVerifier = SSLConnectionSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER;
            break;
        case ALLOW:
            hostnameVerifier = SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER;
            break;
        case STRICT:
            hostnameVerifier = SSLConnectionSocketFactory.STRICT_HOSTNAME_VERIFIER;
            break;
        default:
            hostnameVerifier = SSLConnectionSocketFactory.STRICT_HOSTNAME_VERIFIER;
            break;
        }

        final SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(
                sslContextBuilder.build(), hostnameVerifier);
        httpClientBuilder.setSSLSocketFactory(socketFactory);
    }
}

From source file:com.liferay.petra.json.web.service.client.BaseJSONWebServiceClientImpl.java

protected SSLIOSessionStrategy getSSLIOSessionStrategy() {
    SSLContextBuilder sslContextBuilder = SSLContexts.custom();

    SSLContext sslContext = null;

    try {//from www  .  ja v a 2s  .  c  o m
        sslContextBuilder.loadTrustMaterial(_keyStore, new TrustSelfSignedStrategy());

        sslContext = sslContextBuilder.build();

        sslContext.init(null, new TrustManager[] { new X509TrustManagerImpl() }, null);
    } catch (Exception e) {
        throw new RuntimeException(e);
    }

    return new SSLIOSessionStrategy(sslContext, new String[] { "TLSv1" }, null,
            SSLConnectionSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER);
}