List of usage examples for org.apache.http.conn.ssl SSLConnectionSocketFactory SSLConnectionSocketFactory
public SSLConnectionSocketFactory(final javax.net.ssl.SSLSocketFactory socketfactory, final X509HostnameVerifier hostnameVerifier)
From source file:com.hybris.datahub.outbound.utils.RestTemplateUtil.java
private LayeredConnectionSocketFactory setUpSSL() { LayeredConnectionSocketFactory sslSF = null; try {/*from w w w. j a v a 2 s . co m*/ final KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType()); final SSLContext sslContext = SSLContexts.custom().useTLS() .loadTrustMaterial(trustStore, new AnyTrustStrategy()).build(); sslSF = new SSLConnectionSocketFactory(sslContext, SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); } catch (final Exception e) { LOGGER.error(e.getMessage()); } return sslSF; }
From source file:com.liferay.sync.engine.session.Session.java
public static void setTrustManagers(TrustManager[] trustManagers) throws Exception { SSLContextBuilder sslContextBuilder = SSLContexts.custom(); SSLContext sslContext = sslContextBuilder.build(); sslContext.init(null, trustManagers, new SecureRandom()); _defaultSSLSocketFactory = new SSLConnectionSocketFactory(sslContext, SSLConnectionSocketFactory.getDefaultHostnameVerifier()); }
From source file:leap.webunit.client.THttpClientImpl.java
private static Registry<ConnectionSocketFactory> getDefaultRegistry() { RegistryBuilder<ConnectionSocketFactory> reg = RegistryBuilder.<ConnectionSocketFactory>create(); reg.register("http", PlainConnectionSocketFactory.getSocketFactory()); SSLConnectionSocketFactory sslSocketFactory = new SSLConnectionSocketFactory(sslContext, SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); reg.register("https", sslSocketFactory); return reg.build(); }
From source file:com.dnanexus.DXHTTPRequest.java
/** * Construct the DXHTTPRequest using the given DXEnvironment. *//*from w w w . j a v a 2s . c o m*/ public DXHTTPRequest(DXEnvironment env) { this.securityContext = env.getSecurityContextJson(); this.apiserver = env.getApiserverPath(); this.disableRetry = env.isRetryDisabled(); SSLContextBuilder builder = new SSLContextBuilder(); try { builder.loadTrustMaterial(null, new TrustStrategy() { @Override public boolean isTrusted(X509Certificate[] chain, String authType) throws CertificateException { return true; } }); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } catch (KeyStoreException e) { e.printStackTrace(); } SSLConnectionSocketFactory sslSF = null; try { sslSF = new SSLConnectionSocketFactory(builder.build(), SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } catch (KeyManagementException e) { e.printStackTrace(); } HttpClientBuilder httpClientBuilder = HttpClients.custom().useSystemProperties(); String proxyHost = System.getProperty("http.proxyHost"); String proxyPort = System.getProperty("http.proxyPort"); String proxyHostS = System.getProperty("https.proxyHost"); String proxyPortS = System.getProperty("https.proxyPort"); if ((proxyHost == null || proxyPort == null) && (proxyHostS == null || proxyPortS == null)) { this.httpclient = HttpClientBuilder.create().setUserAgent(USER_AGENT).build(); } else { HttpHost proxy = null; if (proxyHostS != null && proxyPortS != null) { proxy = new HttpHost(proxyHostS, Integer.parseInt(proxyPortS)); } else { proxy = new HttpHost(proxyHost, Integer.parseInt(proxyPort)); } httpClientBuilder.setProxy(proxy); HttpRoutePlanner routePlanner = new DefaultProxyRoutePlanner(proxy); httpClientBuilder.setRoutePlanner(routePlanner).setSSLSocketFactory(sslSF); httpclient = httpClientBuilder.setUserAgent(USER_AGENT).build(); } }
From source file:common.rest.client.transport.HttpClientSSLKeyStore.java
/** * Constructs the {@link org.apache.http.conn.socket.ConnectionSocketFactory} according to the options specified during the * construction time. The returned instance can be used to register an <b><tt>https</tt></b> * sheme in the {@link org.apache.http.conn.socket.ConnectionSocketFactory} while costructing an Apache HTTP client. * * @return <tt>SSLSocketFactory</tt> instance *//*from w w w .j a v a 2 s. c o m*/ public LayeredConnectionSocketFactory getSocketFactory() { // @formatter:off final X509HostnameVerifier hostnameVerifier = m_disableHostnameVerifier ? SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER : SSLConnectionSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER; // @formatter:on try { SSLContextBuilder sslContextBuilder = SSLContexts.custom(); if (m_keyStore != null) { // this key store must contain the key/cert of the client sslContextBuilder.loadKeyMaterial(m_keyStore, m_keyStorePassword.toCharArray()); } if (m_trustStore != null) { // this key store must contain the certs needed and trusted to verify the servers cert sslContextBuilder.loadTrustMaterial(m_trustStore); } return new SSLConnectionSocketFactory(sslContextBuilder.build(), hostnameVerifier); } catch (Exception e) { throw new IllegalStateException("Failed to create SSL Socket Factory", e); } }
From source file:io.apiman.gateway.engine.es.DefaultESClientFactory.java
/** * @param httpConfig/*from ww w . j a v a 2s . c o m*/ * @param config */ @SuppressWarnings("nls") private void updateSslConfig(Builder httpConfig, Map<String, String> config) { try { String clientKeystorePath = config.get("client-keystore"); String clientKeystorePassword = config.get("client-keystore.password"); String trustStorePath = config.get("trust-store"); String trustStorePassword = config.get("trust-store.password"); SSLContext sslContext = SSLContext.getInstance("TLS"); Info kPathInfo = new Info(clientKeystorePath, clientKeystorePassword); Info tPathInfo = new Info(trustStorePath, trustStorePassword); sslContext.init(KeyStoreUtil.getKeyManagers(kPathInfo), KeyStoreUtil.getTrustManagers(tPathInfo), null); HostnameVerifier hostnameVerifier = new DefaultHostnameVerifier(); SSLConnectionSocketFactory sslSocketFactory = new SSLConnectionSocketFactory(sslContext, hostnameVerifier); SchemeIOSessionStrategy httpsIOSessionStrategy = new SSLIOSessionStrategy(sslContext, hostnameVerifier); httpConfig.defaultSchemeForDiscoveredNodes("https"); httpConfig.sslSocketFactory(sslSocketFactory); // for sync calls httpConfig.httpsIOSessionStrategy(httpsIOSessionStrategy); // for async calls } catch (Exception e) { throw new RuntimeException(e); } }
From source file:com.cisco.oss.foundation.http.apache.ApacheHttpClient.java
@Override protected void configureClient() { RequestConfig.Builder requestBuilder = RequestConfig.custom(); requestBuilder = requestBuilder.setConnectTimeout(metadata.getConnectTimeout()); requestBuilder = requestBuilder.setSocketTimeout(metadata.getReadTimeout()); requestBuilder = requestBuilder.setStaleConnectionCheckEnabled(metadata.isStaleConnectionCheckEnabled()); RequestConfig requestConfig = requestBuilder.build(); boolean addSslSupport = StringUtils.isNotEmpty(metadata.getKeyStorePath()) && StringUtils.isNotEmpty(metadata.getKeyStorePassword()); boolean addTrustSupport = StringUtils.isNotEmpty(metadata.getTrustStorePath()) && StringUtils.isNotEmpty(metadata.getTrustStorePassword()); autoCloseable = metadata.isAutoCloseable(); HttpClientBuilder httpClientBuilder = HttpClientBuilder.create(); SSLContext sslContext = null; try {//from ww w . ja va 2 s. c o m String keystoreType = "JKS"; if (addSslSupport && addTrustSupport) { KeyStore keyStore = KeyStore.getInstance(keystoreType); keyStore.load(new FileInputStream(metadata.getKeyStorePath()), metadata.getKeyStorePassword().toCharArray()); KeyStore trustStore = KeyStore.getInstance(keystoreType); trustStore.load(new FileInputStream(metadata.getTrustStorePath()), metadata.getTrustStorePassword().toCharArray()); sslContext = SSLContexts.custom().useProtocol("TLS") .loadKeyMaterial(keyStore, metadata.getKeyStorePassword().toCharArray()) .loadTrustMaterial(trustStore, null).build(); } else if (addSslSupport) { TrustManagerFactory tmf = TrustManagerFactory .getInstance(TrustManagerFactory.getDefaultAlgorithm()); KeyStore keyStore = KeyStore.getInstance(keystoreType); keyStore.load(new FileInputStream(metadata.getKeyStorePath()), metadata.getKeyStorePassword().toCharArray()); tmf.init(keyStore); sslContext = SSLContexts.custom().useProtocol("SSL") .loadKeyMaterial(keyStore, metadata.getKeyStorePassword().toCharArray()).build(); sslContext.init(null, tmf.getTrustManagers(), null); SSLConnectionSocketFactory sf = new SSLConnectionSocketFactory(sslContext, hostnameVerifier); httpClientBuilder.setSSLSocketFactory(sf); } else if (addTrustSupport) { KeyStore trustStore = KeyStore.getInstance(keystoreType); trustStore.load(new FileInputStream(metadata.getTrustStorePath()), metadata.getTrustStorePassword().toCharArray()); sslContext = SSLContexts.custom().useProtocol("TLS").loadTrustMaterial(trustStore, null).build(); } if (addSslSupport | addTrustSupport) { SSLContext.setDefault(sslContext); httpClientBuilder.setSslcontext(sslContext); } } catch (Exception e) { LOGGER.error("can't set TLS Support. Error is: {}", e, e); } httpClientBuilder.setMaxConnPerRoute(metadata.getMaxConnectionsPerAddress()) .setMaxConnTotal(metadata.getMaxConnectionsTotal()).setDefaultRequestConfig(requestConfig) .evictExpiredConnections().evictIdleConnections(metadata.getIdleTimeout(), TimeUnit.MILLISECONDS) .setKeepAliveStrategy(new InfraConnectionKeepAliveStrategy(metadata.getIdleTimeout())); HttpAsyncClientBuilder httpAsyncClientBuilder = HttpAsyncClients.custom(); httpAsyncClientBuilder.setDefaultRequestConfig(requestConfig) .setMaxConnPerRoute(metadata.getMaxConnectionsPerAddress()) .setMaxConnTotal(metadata.getMaxConnectionsTotal()) .setKeepAliveStrategy(new InfraConnectionKeepAliveStrategy(metadata.getIdleTimeout())) .setSSLContext(sslContext); if (metadata.isDisableCookies()) { httpClientBuilder.disableCookieManagement(); httpAsyncClientBuilder.disableCookieManagement(); } if (hostnameVerifier != null) { httpClientBuilder.setSSLHostnameVerifier(hostnameVerifier); httpAsyncClientBuilder.setSSLHostnameVerifier(hostnameVerifier); } if (!followRedirects) { httpClientBuilder.disableRedirectHandling(); } httpClient = httpClientBuilder.build(); httpAsyncClient = httpAsyncClientBuilder.build(); httpAsyncClient.start(); }
From source file:com.tremolosecurity.scale.config.ScaleCommonConfig.java
public HttpClientInfo createHttpClientInfo() { SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslctx, new AllowAllHostnameVerifier()); PlainConnectionSocketFactory sf = PlainConnectionSocketFactory.getSocketFactory(); Registry<ConnectionSocketFactory> r = RegistryBuilder.<ConnectionSocketFactory>create().register("http", sf) .register("https", sslsf).build(); RequestConfig globalConfig = RequestConfig.custom().setCookieSpec(CookieSpecs.BROWSER_COMPATIBILITY) .setRedirectsEnabled(true).build(); PoolingHttpClientConnectionManager cm = new PoolingHttpClientConnectionManager(r); return new HttpClientInfo(cm, globalConfig); }
From source file:org.jboss.tools.jmx.jolokia.JolokiaConnectionWrapper.java
protected J4pClient createJ4pClient() { CustomClientBuilder jb = new CustomClientBuilder() { @Override/*from w w w .j a v a2s . co m*/ public void clientBuilderAdditions(HttpClientBuilder builder) { Set<Header> defaultHeaders = headers.entrySet().stream() .map(entry -> new BasicHeader(entry.getKey(), entry.getValue())) .collect(Collectors.toSet()); builder.setDefaultHeaders(defaultHeaders); } @Override protected SSLConnectionSocketFactory createDefaultSSLConnectionSocketFactory() { if (ignoreSSLErrors) { try { final SSLContext sslcontext = SSLContext.getInstance("TLS"); sslcontext.init(null, new TrustManager[] { new AcceptAllTrustManager() }, null); return new JolokiaSSLConnectionSocketFactory(sslcontext, new NoopHostnameVerifier()); } catch (NoSuchAlgorithmException e1) { Activator.pluginLog().logWarning(e1); } catch (KeyManagementException e) { Activator.pluginLog().logWarning(e); } } SSLContext sslcontext = SSLContexts.createSystemDefault(); X509HostnameVerifier hostnameVerifier = new BrowserCompatHostnameVerifier(); return new SSLConnectionSocketFactory(sslcontext, hostnameVerifier); } }; jb.url(url); return jb.build(); }
From source file:io.mandrel.requests.http.ApacheHttpRequester.java
public void init() { available = new Semaphore(maxParallel(), true); SSLContext sslContext = SSLContexts.createSystemDefault(); HostnameVerifier hostnameVerifier = new DefaultHostnameVerifier(); Registry<ConnectionSocketFactory> sessionStrategyRegistry = RegistryBuilder .<ConnectionSocketFactory>create().register("http", PlainConnectionSocketFactory.getSocketFactory()) .register("https", new SSLConnectionSocketFactory(sslContext, hostnameVerifier)).build(); DnsResolver dnsResolver = new SystemDefaultDnsResolver() { @Override/*from www. ja va2 s .co m*/ public InetAddress[] resolve(final String host) throws UnknownHostException { if (host.equalsIgnoreCase("localhost")) { return new InetAddress[] { InetAddress.getByAddress(new byte[] { 127, 0, 0, 1 }) }; } else { return new InetAddress[] { nameResolver().resolve(host) }; } } }; // Create a connection manager with custom configuration. PoolingHttpClientConnectionManager connManager = new PoolingHttpClientConnectionManager( sessionStrategyRegistry, dnsResolver); // Create message constraints MessageConstraints messageConstraints = MessageConstraints.custom().setMaxHeaderCount(maxHeaderCount) .setMaxLineLength(maxLineLength).build(); // Create connection configuration ConnectionConfig connectionConfig = ConnectionConfig.custom() .setMalformedInputAction(CodingErrorAction.IGNORE) .setUnmappableInputAction(CodingErrorAction.IGNORE).setCharset(Consts.UTF_8) .setMessageConstraints(messageConstraints).build(); connManager.setDefaultConnectionConfig(connectionConfig); // Configure total max or per route limits for persistent connections // that can be kept in the pool or leased by the connection manager. connManager.setMaxTotal(maxPersistentConnections()); connManager.setDefaultMaxPerRoute(maxPersistentConnections()); // TODO // Use custom credentials provider if necessary. // CredentialsProvider credentialsProvider = new // BasicCredentialsProvider(); // Create global request configuration defaultRequestConfig = RequestConfig.custom().setCookieSpec(CookieSpecs.DEFAULT) .setExpectContinueEnabled(true).setStaleConnectionCheckEnabled(true) .setTargetPreferredAuthSchemes(Arrays.asList(AuthSchemes.NTLM, AuthSchemes.DIGEST)) .setProxyPreferredAuthSchemes(Arrays.asList(AuthSchemes.BASIC)).setMaxRedirects(maxRedirects()) .setSocketTimeout(socketTimeout()).setConnectTimeout(connectTimeout()) .setConnectionRequestTimeout(requestTimeOut()).setRedirectsEnabled(followRedirects()).build(); // Create an HttpClient with the given custom dependencies and // configuration. client = HttpClients.custom().setConnectionManager(connManager) // .setDefaultCredentialsProvider(credentialsProvider) .setDefaultRequestConfig(defaultRequestConfig).build(); }