List of usage examples for org.apache.http.conn.ssl SSLConnectionSocketFactory SSLConnectionSocketFactory
public SSLConnectionSocketFactory(final javax.net.ssl.SSLSocketFactory socketfactory, final X509HostnameVerifier hostnameVerifier)
From source file:org.springframework.http.server.reactive.ServerHttpsRequestIntegrationTests.java
@Before public void setup() throws Exception { this.server.setHandler(new CheckRequestHandler()); this.server.afterPropertiesSet(); this.server.start(); // Set dynamically chosen port this.port = this.server.getPort(); SSLContextBuilder builder = new SSLContextBuilder(); builder.loadTrustMaterial(new TrustSelfSignedStrategy()); SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(builder.build(), NoopHostnameVerifier.INSTANCE); CloseableHttpClient httpclient = HttpClients.custom().setSSLSocketFactory(socketFactory).build(); HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory( httpclient);/*from www . ja v a 2s . co m*/ this.restTemplate = new RestTemplate(requestFactory); }
From source file:io.apicurio.studio.fe.servlet.servlets.DownloadServlet.java
@PostConstruct protected void postConstruct() { try {//from w w w . j a va 2 s.co m if (uiConfig.isDisableHubApiTrustManager()) { SSLContext sslContext = SSLContexts.custom().loadTrustMaterial(null, new TrustSelfSignedStrategy()) .build(); SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslContext, NoopHostnameVerifier.INSTANCE); httpClient = HttpClients.custom().setSSLSocketFactory(sslsf).build(); } else { httpClient = HttpClients.createSystem(); } } catch (Exception e) { throw new RuntimeException(e); } }
From source file:com.kenai.redminenb.repository.RedmineManagerFactoryHelper.java
public static HttpClient getTransportConfig() { /**/* w w w . ja va2 s . c o m*/ * Implement a minimal hostname verifier. This is needed to be able to use * hosts with certificates, that don't match the used hostname (VServer). * * This is implemented by first trying the "Browser compatible" hostname * verifier and if that fails, fall back to the default java hostname * verifier. * * If the default case the hostname verifier in java always rejects, but * for netbeans the "SSL Certificate Exception" module is available that * catches this and turns a failure into a request to the GUI user. */ X509HostnameVerifier hostnameverified = new X509HostnameVerifier() { @Override public void verify(String string, SSLSocket ssls) throws IOException { if (SSLSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER.verify(string, ssls.getSession())) { return; } if (!HttpsURLConnection.getDefaultHostnameVerifier().verify(string, ssls.getSession())) { throw new SSLException("Hostname did not verify"); } } @Override public void verify(String string, X509Certificate xc) throws SSLException { throw new SSLException("Check not implemented yet"); } @Override public void verify(String string, String[] strings, String[] strings1) throws SSLException { throw new SSLException("Check not implemented yet"); } @Override public boolean verify(String string, SSLSession ssls) { if (SSLSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER.verify(string, ssls)) { return true; } return HttpsURLConnection.getDefaultHostnameVerifier().verify(string, ssls); } }; try { SSLConnectionSocketFactory scsf = new SSLConnectionSocketFactory(SSLContext.getDefault(), hostnameverified); HttpClient hc = HttpClientBuilder.create() .setRoutePlanner(new SystemDefaultRoutePlanner(ProxySelector.getDefault())) .setSSLSocketFactory(scsf).build(); return hc; } catch (NoSuchAlgorithmException ex) { throw new RuntimeException(ex); } }
From source file:com.rootcloud.ejb.RootCloudBean.java
private CloseableHttpClient createHttpClient() throws KeyManagementException, NoSuchAlgorithmException, KeyStoreException { SSLContext sslContext = SSLContextBuilder.create().loadTrustMaterial(new TrustSelfSignedStrategy()).build(); HostnameVerifier allowAllHosts = new NoopHostnameVerifier(); SSLConnectionSocketFactory connectionFactory = new SSLConnectionSocketFactory(sslContext, allowAllHosts); return HttpClients.custom().setSSLSocketFactory(connectionFactory).build(); }
From source file:com.thoughtworks.go.agent.common.ssl.GoAgentServerHttpClientBuilder.java
public CloseableHttpClient build() throws Exception { HttpClientBuilder builder = HttpClients.custom(); builder.useSystemProperties();/*w w w . j a va 2s . c om*/ builder.setDefaultSocketConfig(SocketConfig.custom().setTcpNoDelay(true).setSoKeepAlive(true).build()) .setKeepAliveStrategy(DefaultConnectionKeepAliveStrategy.INSTANCE); HostnameVerifier hostnameVerifier = sslVerificationMode.verifier(); TrustStrategy trustStrategy = sslVerificationMode.trustStrategy(); KeyStore trustStore = agentTruststore(); SSLContextBuilder sslContextBuilder = SSLContextBuilder.create().useProtocol( systemEnvironment.get(SystemEnvironment.GO_SSL_TRANSPORT_PROTOCOL_TO_BE_USED_BY_AGENT)); if (trustStore != null || trustStrategy != null) { sslContextBuilder.loadTrustMaterial(trustStore, trustStrategy); } sslContextBuilder.loadKeyMaterial(agentKeystore(), keystorePassword().toCharArray()); SSLConnectionSocketFactory sslConnectionSocketFactory = new SSLConnectionSocketFactory( sslContextBuilder.build(), hostnameVerifier); builder.setSSLSocketFactory(sslConnectionSocketFactory); return builder.build(); }
From source file:com.cloud.agent.direct.download.HttpsDirectTemplateDownloader.java
public HttpsDirectTemplateDownloader(String url, Long templateId, String destPoolPath, String checksum, Map<String, String> headers) { super(url, templateId, destPoolPath, checksum, headers); SSLContext sslcontext = null; try {/*from w w w . j av a2 s. co m*/ sslcontext = getSSLContext(); } catch (KeyStoreException | NoSuchAlgorithmException | CertificateException | IOException | KeyManagementException e) { throw new CloudRuntimeException("Failure getting SSL context for HTTPS downloader: " + e.getMessage()); } SSLConnectionSocketFactory factory = new SSLConnectionSocketFactory(sslcontext, SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); RequestConfig config = RequestConfig.custom().setConnectTimeout(5000).setConnectionRequestTimeout(5000) .setSocketTimeout(5000).build(); httpsClient = HttpClients.custom().setSSLSocketFactory(factory).setDefaultRequestConfig(config).build(); createUriRequest(url, headers); }
From source file:org.nekorp.workflow.desktop.rest.util.RestTemplateFactory.java
@PostConstruct public void init() { targetHost = new HttpHost(host, port, protocol); //connectionPool = new PoolingHttpClientConnectionManager(); //connectionPool.setDefaultMaxPerRoute(10); //connectionPool.setMaxTotal(20); CredentialsProvider credsProvider = new BasicCredentialsProvider(); credsProvider.setCredentials(new AuthScope(targetHost.getHostName(), targetHost.getPort()), new UsernamePasswordCredentials(username, password)); //wildcard ssl certificate SSLContext sslContext = SSLContexts.createDefault(); SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslContext, NoopHostnameVerifier.INSTANCE); httpclient = HttpClients.custom().setDefaultCredentialsProvider(credsProvider) //.setConnectionManager(connectionPool) .setSSLSocketFactory(sslsf).build(); // Create AuthCache instance AuthCache authCache = new BasicAuthCache(); // Generate BASIC scheme object and add it to the local // auth cache BasicScheme basicAuth = new BasicScheme(); authCache.put(targetHost, basicAuth); // Add AuthCache to the execution context HttpClientContext localContext = HttpClientContext.create(); localContext.setAuthCache(authCache); HttpComponentsClientHttpRequestFactory factory = new HttpComponentsClientHttpRequestFactoryBasicAuth( httpclient, localContext);/*from w w w .j ava2 s . c om*/ this.template = new RestTemplate(); template.getMessageConverters().add(new BufferedImageHttpMessageConverter()); template.setRequestFactory(factory); }
From source file:org.wso2.mdm.qsg.utils.HTTPInvoker.java
private static HttpClient createHttpClient() throws KeyStoreException, NoSuchAlgorithmException, KeyManagementException { HttpClientBuilder b = HttpClientBuilder.create(); // setup a Trust Strategy that allows all certificates. ////from w ww . j av a 2 s . com SSLContext sslContext = new SSLContextBuilder().loadTrustMaterial(null, new TrustStrategy() { public boolean isTrusted(X509Certificate[] arg0, String arg1) throws CertificateException { return true; } }).build(); b.setSSLContext(sslContext); //b.setSSLHostnameVerifier(new NoopHostnameVerifier()); // don't check Hostnames, either. // -- use SSLConnectionSocketFactory.getDefaultHostnameVerifier(), if you don't want to weaken HostnameVerifier hostnameVerifier = SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER; // here's the special part: // -- need to create an SSL Socket Factory, to use our weakened "trust strategy"; // -- and create a Registry, to register it. // SSLConnectionSocketFactory sslSocketFactory = new SSLConnectionSocketFactory(sslContext, hostnameVerifier); Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create() .register("http", PlainConnectionSocketFactory.getSocketFactory()) .register("https", sslSocketFactory).build(); // now, we create connection-manager using our Registry. // -- allows multi-threaded use PoolingHttpClientConnectionManager connMgr = new PoolingHttpClientConnectionManager(socketFactoryRegistry); b.setConnectionManager(connMgr); // finally, build the HttpClient; // -- done! CloseableHttpClient client = b.build(); return client; }
From source file:com.kappaware.logtrawler.output.httpclient.HttpClient.java
public HttpClient(SslHandling sslHandling, On404 on404) { this.on404 = on404; if (sslHandling == SslHandling.NONE) { httpclient = HttpClients.custom().build(); } else {//from ww w . j av a2 s . c o m try { SSLConnectionSocketFactory sslConnectionSocketFactory; SSLContext sslContext = SSLContext.getInstance("TLS"); if (sslHandling == SslHandling.STRICT_SSL) { sslContext.init(null, null, null); sslConnectionSocketFactory = new SSLConnectionSocketFactory(sslContext, new BrowserCompatHostnameVerifier()); } else { sslContext.init(null, new TrustManager[] { new PassthroughTrustManager() }, null); sslConnectionSocketFactory = new SSLConnectionSocketFactory(sslContext, new AllowAllHostnameVerifier()); } httpclient = HttpClients.custom().setSSLSocketFactory(sslConnectionSocketFactory).build(); } catch (Exception e) { throw new RuntimeException("Exception in SSL configuration", e); } } }
From source file:com.hp.octane.integrations.services.rest.SSCRestClientImpl.java
SSCRestClientImpl(OctaneSDK.SDKServicesConfigurer configurer) { if (configurer == null || configurer.pluginServices == null) { throw new IllegalArgumentException("invalid configurer"); }/* w w w . j a v a 2 s.com*/ SSLContext sslContext = SSLContexts.createSystemDefault(); HostnameVerifier hostnameVerifier = new OctaneRestClientImpl.CustomHostnameVerifier(); SSLConnectionSocketFactory sslSocketFactory = new SSLConnectionSocketFactory(sslContext, hostnameVerifier); Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create() .register("http", PlainConnectionSocketFactory.getSocketFactory()) .register("https", sslSocketFactory).build(); PoolingHttpClientConnectionManager connectionManager = new PoolingHttpClientConnectionManager( socketFactoryRegistry); connectionManager.setMaxTotal(MAX_TOTAL_CONNECTIONS); connectionManager.setDefaultMaxPerRoute(MAX_TOTAL_CONNECTIONS); HttpClientBuilder clientBuilder = HttpClients.custom().setConnectionManager(connectionManager); httpClient = clientBuilder.build(); }