List of usage examples for org.apache.http.conn.ssl SSLContextBuilder setSecureRandom
public SSLContextBuilder setSecureRandom(final SecureRandom secureRandom)
From source file:org.apache.solr.util.SSLTestConfig.java
/** * Builds a new SSLContext for jetty servers which have been configured based on the settings of * this object./*from w w w. ja v a 2 s. c o m*/ * * NOTE: Uses a completely insecure {@link SecureRandom} instance to prevent tests from blocking * due to lack of entropy, also explicitly allows the use of self-signed * certificates (since that's what is almost always used during testing). * almost always used during testing). */ public SSLContext buildServerSSLContext() throws KeyManagementException, UnrecoverableKeyException, NoSuchAlgorithmException, KeyStoreException { assert isSSLMode(); SSLContextBuilder builder = SSLContexts.custom(); builder.setSecureRandom(NotSecurePsuedoRandom.INSTANCE); builder.loadKeyMaterial(buildKeyStore(keyStore, getKeyStorePassword()), getKeyStorePassword().toCharArray()); if (isClientAuthMode()) { builder.loadTrustMaterial(buildKeyStore(trustStore, getTrustStorePassword()), new TrustSelfSignedStrategy()).build(); } return builder.build(); }
From source file:org.apache.solr.util.SSLTestConfig.java
/** * Builds a new SSLContext for HTTP <b>clients</b> to use when communicating with servers which have * been configured based on the settings of this object. * * NOTE: Uses a completely insecure {@link SecureRandom} instance to prevent tests from blocking * due to lack of entropy, also explicitly allows the use of self-signed * certificates (since that's what is almost always used during testing). *//*from w w w. jav a2 s . c o m*/ public SSLContext buildClientSSLContext() throws KeyManagementException, UnrecoverableKeyException, NoSuchAlgorithmException, KeyStoreException { assert isSSLMode(); SSLContextBuilder builder = SSLContexts.custom(); builder.setSecureRandom(NotSecurePsuedoRandom.INSTANCE); // NOTE: KeyStore & TrustStore are swapped because they are from configured from server perspective... // we are a client - our keystore contains the keys the server trusts, and vice versa builder.loadTrustMaterial(buildKeyStore(keyStore, getKeyStorePassword()), new TrustSelfSignedStrategy()) .build(); if (isClientAuthMode()) { builder.loadKeyMaterial(buildKeyStore(trustStore, getTrustStorePassword()), getTrustStorePassword().toCharArray()); } return builder.build(); }
From source file:org.bonitasoft.connectors.rest.RESTConnector.java
/** * Set the request builder based on the request * //ww w. jav a 2 s. co m * @param ssl The request SSL options * @param httpClientBuilder The request builder * @throws Exception */ private void setSSL(final SSL ssl, final HttpClientBuilder httpClientBuilder) throws Exception { if (ssl != null) { final SSLContextBuilder sslContextBuilder = new SSLContextBuilder(); if (ssl.getTrustStore() != null) { final KeyStore trustStore = ssl.getTrustStore().generateKeyStore(); if (ssl.isUseSelfSignedCertificate()) { sslContextBuilder.loadTrustMaterial(trustStore, new TrustSelfSignedStrategy()); } else { sslContextBuilder.loadTrustMaterial(trustStore); } } if (ssl.getKeyStore() != null) { final KeyStore keyStore = ssl.getKeyStore().generateKeyStore(); final String keyStorePassword = ssl.getKeyStore().getPassword(); sslContextBuilder.loadKeyMaterial(keyStore, keyStorePassword.toCharArray()); } sslContextBuilder.setSecureRandom(null); if (ssl.isUseTLS()) { sslContextBuilder.useTLS(); } else { sslContextBuilder.useSSL(); } final SSLVerifier verifier = ssl.getSslVerifier(); X509HostnameVerifier hostnameVerifier = SSLConnectionSocketFactory.STRICT_HOSTNAME_VERIFIER; switch (verifier) { case BROWSER: hostnameVerifier = SSLConnectionSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER; break; case ALLOW: hostnameVerifier = SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER; break; case STRICT: hostnameVerifier = SSLConnectionSocketFactory.STRICT_HOSTNAME_VERIFIER; break; default: hostnameVerifier = SSLConnectionSocketFactory.STRICT_HOSTNAME_VERIFIER; break; } final SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory( sslContextBuilder.build(), hostnameVerifier); httpClientBuilder.setSSLSocketFactory(socketFactory); } }