List of usage examples for org.apache.http.conn.ssl SSLSocketFactory SSLSocketFactory
public SSLSocketFactory(final String algorithm, final KeyStore keystore, final String keyPassword, final KeyStore truststore, final SecureRandom random, final X509HostnameVerifier hostnameVerifier) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException
From source file:brooklyn.launcher.BrooklynWebServerTest.java
@Test public void verifyHttps() throws Exception { Map<String, ?> flags = ImmutableMap.<String, Object>builder().put("httpsEnabled", true) .put("keystoreUrl", getFile("server.ks")).put("keystorePassword", "password").build(); webServer = new BrooklynWebServer(flags, newManagementContext(brooklynProperties)); webServer.start();//w w w . ja va 2s .com try { KeyStore keyStore = load("client.ks", "password"); KeyStore trustStore = load("client.ts", "password"); SSLSocketFactory socketFactory = new SSLSocketFactory(SSLSocketFactory.TLS, keyStore, "password", trustStore, (SecureRandom) null, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); HttpToolResponse response = HttpTool.execAndConsume(HttpTool.httpClientBuilder() .port(webServer.getActualPort()).https(true).socketFactory(socketFactory).build(), new HttpGet(webServer.getRootUrl())); assertEquals(response.getResponseCode(), 200); } finally { webServer.stop(); } }
From source file:org.apache.brooklyn.launcher.BrooklynWebServerTest.java
@Test(dataProvider = "keystorePaths") public void verifyHttps(String keystoreUrl) throws Exception { Map<String, ?> flags = ImmutableMap.<String, Object>builder().put("httpsEnabled", true) .put("keystoreUrl", keystoreUrl).put("keystorePassword", "password").build(); webServer = new BrooklynWebServer(flags, newManagementContext(brooklynProperties)); webServer.start();// ww w . j a v a 2s . c o m try { KeyStore keyStore = load("client.ks", "password"); KeyStore trustStore = load("client.ts", "password"); SSLSocketFactory socketFactory = new SSLSocketFactory(SSLSocketFactory.TLS, keyStore, "password", trustStore, (SecureRandom) null, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); HttpToolResponse response = HttpTool.execAndConsume(HttpTool.httpClientBuilder() .port(webServer.getActualPort()).https(true).socketFactory(socketFactory).build(), new HttpGet(webServer.getRootUrl())); assertEquals(response.getResponseCode(), 200); } finally { webServer.stop(); } }
From source file:brooklyn.launcher.BrooklynWebServerTest.java
@Test public void verifyHttpsFromConfig() throws Exception { brooklynProperties.put(BrooklynWebConfig.HTTPS_REQUIRED, true); brooklynProperties.put(BrooklynWebConfig.KEYSTORE_URL, getFile("server.ks")); brooklynProperties.put(BrooklynWebConfig.KEYSTORE_PASSWORD, "password"); webServer = new BrooklynWebServer(MutableMap.of(), newManagementContext(brooklynProperties)); webServer.start();/*w w w . j a v a 2 s .c o m*/ try { KeyStore keyStore = load("client.ks", "password"); KeyStore trustStore = load("client.ts", "password"); SSLSocketFactory socketFactory = new SSLSocketFactory(SSLSocketFactory.TLS, keyStore, "password", trustStore, (SecureRandom) null, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); HttpToolResponse response = HttpTool.execAndConsume(HttpTool.httpClientBuilder() .port(webServer.getActualPort()).https(true).socketFactory(socketFactory).build(), new HttpGet(webServer.getRootUrl())); assertEquals(response.getResponseCode(), 200); } finally { webServer.stop(); } }
From source file:de.kp.ames.http.HttpClient.java
/** * SSLSocketFactory can be used to validate the identity of the HTTPS server * against a list of trusted certificates (truststore) and to authenticate to * the HTTPS server using a private key (clientstore) * //from ww w . ja v a 2 s. co m * @return * @throws Exception */ private SSLSocketFactory createSslSocketFactory() throws Exception { /* * Load Truststore (server certificate) */ KeyStore trustStore = KeyStoreUtil.getTrustStore(); /* * Load Clientstore (client certificate) */ KeyStore clientStore = KeyStoreUtil.getClientStore(); /* * Pass client & trust store to Socket Factory * * The factory is responsible for the verification * of the server certificate. * * /* * This tells the SSLSocketFactory to accept the certificate even if the hostname doesn't match the information from the certificate. Especially useful when testing using self-signed certificates or changing ip-addresses. */ SSLSocketFactory socketFactory = new SSLSocketFactory(SSLSocketFactory.TLS, clientStore, HttpConstants.CLIENTSTORE_KEYPASS, trustStore, null, (X509HostnameVerifier) SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); return socketFactory; }
From source file:org.apache.brooklyn.launcher.BrooklynWebServerTest.java
private void verifyHttpsFromConfig(BrooklynProperties brooklynProperties) throws Exception { webServer = new BrooklynWebServer(MutableMap.of(), newManagementContext(brooklynProperties)); webServer.start();//from w ww . j ava 2s. co m try { KeyStore keyStore = load("client.ks", "password"); KeyStore trustStore = load("client.ts", "password"); SSLSocketFactory socketFactory = new SSLSocketFactory(SSLSocketFactory.TLS, keyStore, "password", trustStore, (SecureRandom) null, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); HttpToolResponse response = HttpTool.execAndConsume(HttpTool.httpClientBuilder() .port(webServer.getActualPort()).https(true).socketFactory(socketFactory).build(), new HttpGet(webServer.getRootUrl())); assertEquals(response.getResponseCode(), 200); } finally { webServer.stop(); } }
From source file:org.switchyard.component.resteasy.util.ClientInvoker.java
private SSLSocketFactory getSSLSocketFactory(SSLContextModel sslContextConfig) { SSLSocketFactory sslFactory = null; if (sslContextConfig != null) { X509HostnameVerifier verifier = null; if (sslContextConfig.getVerifier() != null) { if (sslContextConfig.getVerifier().equals(ANY)) { verifier = new AllowAllHostnameVerifier(); } else if (sslContextConfig.getVerifier().equals(BROWSER)) { verifier = new BrowserCompatHostnameVerifier(); } else if (sslContextConfig.getVerifier().equals(STRICT)) { verifier = new StrictHostnameVerifier(); }//from w w w. j a v a 2s .c o m } KeyStore truststore = null; KeyStore keystore = null; if (sslContextConfig.getTruststore() != null) { FileInputStream instream = null; try { truststore = KeyStore.getInstance(KeyStore.getDefaultType()); instream = new FileInputStream(new File(sslContextConfig.getTruststore())); truststore.load(instream, sslContextConfig.getTruststorePass().toCharArray()); } catch (Exception e) { throw RestEasyMessages.MESSAGES.unexpectedExceptionLoadingTruststore(e); } finally { if (instream != null) { try { instream.close(); } catch (IOException ioe) { throw RestEasyMessages.MESSAGES.unexpectedExceptionClosingTruststore(ioe); } } } } if (sslContextConfig.getKeystore() != null) { FileInputStream instream = null; try { keystore = KeyStore.getInstance(KeyStore.getDefaultType()); instream = new FileInputStream(new File(sslContextConfig.getKeystore())); keystore.load(instream, sslContextConfig.getKeystorePass().toCharArray()); } catch (Exception e) { throw RestEasyMessages.MESSAGES.unexpectedExceptionLoadingKeystore(e); } finally { if (instream != null) { try { instream.close(); } catch (IOException ioe) { throw RestEasyMessages.MESSAGES.unexpectedExceptionClosingKeystore(ioe); } } } } try { sslFactory = new SSLSocketFactory(SSLSocketFactory.TLS, keystore, sslContextConfig.getKeystorePass(), truststore, null, verifier); } catch (Exception e) { throw new RuntimeException(e); } } return sslFactory; }
From source file:org.jboss.as.test.manualmode.web.ssl.SSLTruststoreUtil.java
public static DefaultHttpClient getHttpClientWithSSL(File keyStoreFile, String keyStorePassword, File trustStoreFile, String trustStorePassword) { try {/*from ww w .ja v a2 s . co m*/ final KeyStore truststore = loadKeyStore(trustStoreFile, trustStorePassword.toCharArray()); final KeyStore keystore = keyStoreFile != null ? loadKeyStore(keyStoreFile, keyStorePassword.toCharArray()) : null; final SSLSocketFactory ssf = new SSLSocketFactory(SSLSocketFactory.TLS, keystore, keyStorePassword, truststore, null, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); HttpParams params = new BasicHttpParams(); SchemeRegistry registry = new SchemeRegistry(); registry.register(new Scheme("http", CustomCLIExecutor.MANAGEMENT_HTTP_PORT, PlainSocketFactory.getSocketFactory())); registry.register(new Scheme("https", CustomCLIExecutor.MANAGEMENT_HTTPS_PORT, ssf)); for (int port : HTTPSWebConnectorTestCase.HTTPS_PORTS) { registry.register(new Scheme("https", port, ssf)); } ClientConnectionManager ccm = new PoolingClientConnectionManager(registry); return new DefaultHttpClient(ccm, params); } catch (Exception e) { LOGGER.error( "Creating HttpClient with customized SSL failed. We are returning the default one instead.", e); return new DefaultHttpClient(); } }