List of usage examples for org.apache.http.conn.ssl SSLSocketFactory STRICT_HOSTNAME_VERIFIER
X509HostnameVerifier STRICT_HOSTNAME_VERIFIER
To view the source code for org.apache.http.conn.ssl SSLSocketFactory STRICT_HOSTNAME_VERIFIER.
Click Source Link
From source file:com.allstate.client.ssl.SSLUtils.java
public static SSLSocketFactory getMergedSocketFactory(Security securityOne, Security securityTwo) throws GeneralSecurityException { X509KeyManager keyManagerOne = getKeyManager(securityOne.getKeyStore(), securityOne.getKeyStorePassword()); X509KeyManager keyManagerTwo = getKeyManager(securityTwo.getKeyStore(), securityTwo.getKeyStorePassword()); X509TrustManager trustManager = getMultiTrustManager(getTrustManager(securityOne.getTrustStore()), getTrustManager(securityTwo.getTrustStore())); SSLContext context = SSLContext.getInstance(securityOne.getSslContextProtocol()); boolean strictHostVerification = securityOne.isStrictHostVerification() && securityTwo.isStrictHostVerification(); context.init(new KeyManager[] { keyManagerOne, keyManagerTwo }, new TrustManager[] { trustManager }, new SecureRandom()); X509HostnameVerifier verifier = strictHostVerification ? SSLSocketFactory.STRICT_HOSTNAME_VERIFIER : SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER; return new SSLSocketFactory(context, verifier); }
From source file:eu.nullbyte.android.urllib.CertPinningSSLSocketFactory.java
public CertPinningSSLSocketFactory(ClientCertificate clientCertificate, Certificate[] certificates) throws UnrecoverableKeyException, NoSuchAlgorithmException, KeyStoreException, KeyManagementException { super(null);/* w w w . j av a2 s .c o m*/ this.certificates = certificates; this.mClientCertificate = clientCertificate; setHostnameVerifier(SSLSocketFactory.STRICT_HOSTNAME_VERIFIER); }
From source file:org.reficio.ws.client.ssl.SSLUtils.java
public static SSLSocketFactory getMergedSocketFactory(org.reficio.ws.client.core.Security securityOne, Security securityTwo) throws GeneralSecurityException { X509KeyManager keyManagerOne = getKeyManager(securityOne.getKeyStore(), securityOne.getKeyStorePassword()); X509KeyManager keyManagerTwo = getKeyManager(securityTwo.getKeyStore(), securityTwo.getKeyStorePassword()); X509TrustManager trustManager = getMultiTrustManager(getTrustManager(securityOne.getTrustStore()), getTrustManager(securityTwo.getTrustStore())); SSLContext context = SSLContext.getInstance(securityOne.getSslContextProtocol()); boolean strictHostVerification = securityOne.isStrictHostVerification() && securityTwo.isStrictHostVerification(); context.init(new KeyManager[] { keyManagerOne, keyManagerTwo }, new TrustManager[] { trustManager }, new SecureRandom()); X509HostnameVerifier verifier = strictHostVerification ? SSLSocketFactory.STRICT_HOSTNAME_VERIFIER : SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER; return new SSLSocketFactory(context, verifier); }
From source file:org.envirocar.app.network.HTTPClient.java
/** * setup a client instance with SSL/HTTPS capabilities. * //from ww w . j a v a2 s .co m * @param client the client to set up */ public static void setupClient(HttpClient client) { SSLSocketFactory factory = SSLSocketFactory.getSocketFactory(); factory.setHostnameVerifier(SSLSocketFactory.STRICT_HOSTNAME_VERIFIER); client.getConnectionManager().getSchemeRegistry().register(new Scheme("https", factory, 443)); }
From source file:com.allstate.client.ssl.SSLUtils.java
public static SSLSocketFactory getFactory(Security security) throws GeneralSecurityException { X509HostnameVerifier verifier = security.isStrictHostVerification() ? SSLSocketFactory.STRICT_HOSTNAME_VERIFIER : SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER; SSLSocketFactory socketFactory = new SSLSocketFactory(security.getSslContextProtocol(), security.getKeyStore(), security.getKeyStorePasswordAsString(), security.getTrustStore(), new SecureRandom(), null, verifier); return socketFactory; }
From source file:edu.rit.csh.androidwebnews.WebnewsHttpClient.java
/** * Makes the SSL cert work correctly./*from ww w .j a v a 2 s. com*/ * * @return SSLSocketFactory - provides the SSLFactory for communicating * with the scheme */ private SSLSocketFactory newSslSocketFactory() { try { // Get an instance of the Bouncy Castle KeyStore format KeyStore trusted = KeyStore.getInstance(KeyStore.getDefaultType()); trusted.load(null, null); // Pass the keystore to the SSLSocketFactory. The factory is responsible // for the verification of the server certificate. SSLSocketFactory sf = new WebnewsSocketFactory(trusted); // Hostname verification from certificate // http://hc.apache.org/httpcomponents-client-ga/tutorial/html/connmgmt.html#d4e506 sf.setHostnameVerifier(SSLSocketFactory.STRICT_HOSTNAME_VERIFIER); return sf; } catch (Exception e) { throw new AssertionError(e); } }
From source file:com.nesscomputing.tinyhttp.HttpFetcher.java
public HttpFetcher(final SSLConfig sslConfig) { params.setBooleanParameter(ClientPNames.HANDLE_REDIRECTS, true); registry.register(HTTP_SCHEME);//from ww w . j ava2 s.co m if (sslConfig != null && sslConfig.isSSLEnabled()) { try { final TrustManager[] trustManagers = new TrustManager[] { HttpsTrustManagerFactory.getTrustManager(sslConfig) }; final SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(null, trustManagers, null); final SSLSocketFactory sslSocketFactory = new SSLSocketFactory(sslContext, SSLSocketFactory.STRICT_HOSTNAME_VERIFIER); registry.register(new Scheme("https", 443, sslSocketFactory)); LOG.debug("HTTPS enabled."); } catch (GeneralSecurityException ce) { throw Throwables.propagate(ce); } catch (IOException ioe) { throw Throwables.propagate(ioe); } } else { LOG.debug("HTTPS disabled."); } connectionManager = new SingleClientConnManager(registry); LOG.debug("HTTP fetcher ready."); }
From source file:edu.cwru.apo.TrustAPOHttpClient.java
private SSLSocketFactory newSslSocketFactory() { try {/* w w w . j a va 2s . c o m*/ // Get an instance of the Bouncy Castle KeyStore format KeyStore trusted = KeyStore.getInstance("BKS"); // Get the raw resource, which contains the keystore with // your trusted certificates (root and any intermediate certs) InputStream in = context.getResources().openRawResource(R.raw.keystore); try { // Initialize the keystore with the provided trusted certificates // Also provide the password of the keystore trusted.load(in, "mysecret".toCharArray()); } finally { in.close(); } // Pass the keystore to the SSLSocketFactory. The factory is responsible // for the verification of the server certificate. SSLSocketFactory sf = new SSLSocketFactory(trusted); // Hostname verification from certificate // http://hc.apache.org/httpcomponents-client-ga/tutorial/html/connmgmt.html#d4e506 sf.setHostnameVerifier(SSLSocketFactory.STRICT_HOSTNAME_VERIFIER); return sf; } catch (Exception e) { throw new AssertionError(e); } }
From source file:org.authme.android.util.AuthMeHttpClient.java
private SSLSocketFactory newSslSocketFactory() { try {//w w w . ja va2 s. c o m // Get an instance of the Bouncy Castle KeyStore format KeyStore trusted = KeyStore.getInstance("BKS"); // Could probably load the main keystore and then append, but this works trusted.load(null, null); InputStream is = context.getResources().openRawResource(R.raw.cacert_root); CertificateFactory certificateFactory = CertificateFactory.getInstance("X509"); Certificate certificate = certificateFactory.generateCertificate(is); trusted.setCertificateEntry("CACertRoot", certificate); // Now continue on using this keystore SSLSocketFactory sf = new SSLSocketFactory(trusted); // Hostname verification from certificate // http://hc.apache.org/httpcomponents-client-ga/tutorial/html/connmgmt.html#d4e506 sf.setHostnameVerifier(SSLSocketFactory.STRICT_HOSTNAME_VERIFIER); return sf; } catch (Exception e) { throw new AssertionError(e); } }
From source file:com.phonty.improved.PhontyHttpClient.java
private SSLSocketFactory newSslSocketFactory() { try {// w w w . j a va 2s . c om // Get an instance of the Bouncy Castle KeyStore format KeyStore trusted = KeyStore.getInstance("BKS"); // Get the raw resource, which contains the keystore with // your trusted certificates (root and any intermediate certs) InputStream in = context.getResources().openRawResource(R.raw.keystore); try { // Initialize the keystore with the provided trusted certificates // Also provide the password of the keystore trusted.load(in, "pqoeponkjlcnvkjenenobnervoerovneokrnvoie".toCharArray()); } finally { in.close(); } // Pass the keystore to the SSLSocketFactory. The factory is responsible // for the verification of the server certificate. SSLSocketFactory sf = new SSLSocketFactory(trusted); // Hostname verification from certificate // http://hc.apache.org/httpcomponents-client-ga/tutorial/html/connmgmt.html#d4e506 sf.setHostnameVerifier(SSLSocketFactory.STRICT_HOSTNAME_VERIFIER); return sf; } catch (Exception e) { throw new AssertionError(e); } }