List of usage examples for org.apache.http.nio.conn.ssl SSLIOSessionStrategy SSLIOSessionStrategy
public SSLIOSessionStrategy(final SSLContext sslcontext, final HostnameVerifier hostnameVerifier)
From source file:httpasync.AsyncClientConfiguration.java
public final static void main(String[] args) throws Exception { // Use custom message parser / writer to customize the way HTTP // messages are parsed from and written out to the data stream. NHttpMessageParserFactory<HttpResponse> responseParserFactory = new DefaultHttpResponseParserFactory() { @Override//from w w w . j av a 2 s.co m public NHttpMessageParser<HttpResponse> create(final SessionInputBuffer buffer, final MessageConstraints constraints) { LineParser lineParser = new BasicLineParser() { @Override public Header parseHeader(final CharArrayBuffer buffer) { try { return super.parseHeader(buffer); } catch (ParseException ex) { return new BasicHeader(buffer.toString(), null); } } }; return new DefaultHttpResponseParser(buffer, lineParser, DefaultHttpResponseFactory.INSTANCE, constraints); } }; NHttpMessageWriterFactory<HttpRequest> requestWriterFactory = new DefaultHttpRequestWriterFactory(); // Use a custom connection factory to customize the process of // initialization of outgoing HTTP connections. Beside standard connection // configuration parameters HTTP connection factory can define message // parser / writer routines to be employed by individual connections. NHttpConnectionFactory<ManagedNHttpClientConnection> connFactory = new ManagedNHttpClientConnectionFactory( requestWriterFactory, responseParserFactory, HeapByteBufferAllocator.INSTANCE); // Client HTTP connection objects when fully initialized can be bound to // an arbitrary network socket. The process of network socket initialization, // its connection to a remote address and binding to a local one is controlled // by a connection socket factory. // SSL context for secure connections can be created either based on // system or application specific properties. SSLContext sslcontext = SSLContexts.createSystemDefault(); // Use custom hostname verifier to customize SSL hostname verification. HostnameVerifier hostnameVerifier = new DefaultHostnameVerifier(); // Create a registry of custom connection session strategies for supported // protocol schemes. Registry<SchemeIOSessionStrategy> sessionStrategyRegistry = RegistryBuilder .<SchemeIOSessionStrategy>create().register("http", NoopIOSessionStrategy.INSTANCE) .register("https", new SSLIOSessionStrategy(sslcontext, hostnameVerifier)).build(); // Use custom DNS resolver to override the system DNS resolution. DnsResolver dnsResolver = new SystemDefaultDnsResolver() { @Override public InetAddress[] resolve(final String host) throws UnknownHostException { if (host.equalsIgnoreCase("myhost")) { return new InetAddress[] { InetAddress.getByAddress(new byte[] { 127, 0, 0, 1 }) }; } else { return super.resolve(host); } } }; // Create I/O reactor configuration IOReactorConfig ioReactorConfig = IOReactorConfig.custom() .setIoThreadCount(Runtime.getRuntime().availableProcessors()).setConnectTimeout(30000) .setSoTimeout(30000).build(); // Create a custom I/O reactort ConnectingIOReactor ioReactor = new DefaultConnectingIOReactor(ioReactorConfig); // Create a connection manager with custom configuration. PoolingNHttpClientConnectionManager connManager = new PoolingNHttpClientConnectionManager(ioReactor, connFactory, sessionStrategyRegistry, dnsResolver); // Create message constraints MessageConstraints messageConstraints = MessageConstraints.custom().setMaxHeaderCount(200) .setMaxLineLength(2000).build(); // Create connection configuration ConnectionConfig connectionConfig = ConnectionConfig.custom() .setMalformedInputAction(CodingErrorAction.IGNORE) .setUnmappableInputAction(CodingErrorAction.IGNORE).setCharset(Consts.UTF_8) .setMessageConstraints(messageConstraints).build(); // Configure the connection manager to use connection configuration either // by default or for a specific host. connManager.setDefaultConnectionConfig(connectionConfig); connManager.setConnectionConfig(new HttpHost("somehost", 80), ConnectionConfig.DEFAULT); // Configure total max or per route limits for persistent connections // that can be kept in the pool or leased by the connection manager. connManager.setMaxTotal(100); connManager.setDefaultMaxPerRoute(10); connManager.setMaxPerRoute(new HttpRoute(new HttpHost("somehost", 80)), 20); // Use custom cookie store if necessary. CookieStore cookieStore = new BasicCookieStore(); // Use custom credentials provider if necessary. CredentialsProvider credentialsProvider = new BasicCredentialsProvider(); // Create global request configuration RequestConfig defaultRequestConfig = RequestConfig.custom().setCookieSpec(CookieSpecs.DEFAULT) .setExpectContinueEnabled(true) .setTargetPreferredAuthSchemes(Arrays.asList(AuthSchemes.NTLM, AuthSchemes.DIGEST)) .setProxyPreferredAuthSchemes(Arrays.asList(AuthSchemes.BASIC)).build(); // Create an HttpClient with the given custom dependencies and configuration. CloseableHttpAsyncClient httpclient = HttpAsyncClients.custom().setConnectionManager(connManager) .setDefaultCookieStore(cookieStore).setDefaultCredentialsProvider(credentialsProvider) // .setProxy(new HttpHost("myproxy", 8080)) .setDefaultRequestConfig(defaultRequestConfig).build(); try { // HttpGet httpget = new HttpGet("http://localhost/"); HttpGet httpget = new HttpGet("https://jdev.jimubox.com/logstash/#/dashboard/elasticsearch/stockNginx"); // Request configuration can be overridden at the request level. // They will take precedence over the one set at the client level. RequestConfig requestConfig = RequestConfig.copy(defaultRequestConfig).setSocketTimeout(5000) .setConnectTimeout(5000).setConnectionRequestTimeout(5000) // .setProxy(new HttpHost("myotherproxy", 8080)) .build(); httpget.setConfig(requestConfig); // Execution context can be customized locally. HttpClientContext localContext = HttpClientContext.create(); // Contextual attributes set the local context level will take // precedence over those set at the client level. localContext.setCookieStore(cookieStore); localContext.setCredentialsProvider(credentialsProvider); System.out.println("Executing request " + httpget.getRequestLine()); httpclient.start(); // Pass local context as a parameter Future<HttpResponse> future = httpclient.execute(httpget, localContext, null); // Please note that it may be unsafe to access HttpContext instance // while the request is still being executed HttpResponse response = future.get(); System.out.println("Response: " + response.getStatusLine()); // Once the request has been executed the local context can // be used to examine updated state and various objects affected // by the request execution. // Last executed request localContext.getRequest(); // Execution route localContext.getHttpRoute(); // Target auth state localContext.getTargetAuthState(); // Proxy auth state localContext.getTargetAuthState(); // Cookie origin localContext.getCookieOrigin(); // Cookie spec used localContext.getCookieSpec(); // User security token localContext.getUserToken(); } finally { httpclient.close(); } }
From source file:com.boonya.http.async.examples.nio.client.AsyncClientConfiguration.java
public final static void main(String[] args) throws Exception { // Use custom message parser / writer to customize the way HTTP // messages are parsed from and written out to the data stream. NHttpMessageParserFactory<HttpResponse> responseParserFactory = new DefaultHttpResponseParserFactory() { @Override//w ww . j a v a 2 s. c o m public NHttpMessageParser<HttpResponse> create(final SessionInputBuffer buffer, final MessageConstraints constraints) { LineParser lineParser = new BasicLineParser() { @Override public Header parseHeader(final CharArrayBuffer buffer) { try { return super.parseHeader(buffer); } catch (ParseException ex) { return new BasicHeader(buffer.toString(), null); } } }; return new DefaultHttpResponseParser(buffer, lineParser, DefaultHttpResponseFactory.INSTANCE, constraints); } }; NHttpMessageWriterFactory<HttpRequest> requestWriterFactory = new DefaultHttpRequestWriterFactory(); // Use a custom connection factory to customize the process of // initialization of outgoing HTTP connections. Beside standard connection // configuration parameters HTTP connection factory can define message // parser / writer routines to be employed by individual connections. NHttpConnectionFactory<ManagedNHttpClientConnection> connFactory = new ManagedNHttpClientConnectionFactory( requestWriterFactory, responseParserFactory, HeapByteBufferAllocator.INSTANCE); // Client HTTP connection objects when fully initialized can be bound to // an arbitrary network socket. The process of network socket initialization, // its connection to a remote address and binding to a local one is controlled // by a connection socket factory. // SSL context for secure connections can be created either based on // system or application specific properties. SSLContext sslcontext = SSLContexts.createSystemDefault(); // Use custom hostname verifier to customize SSL hostname verification. HostnameVerifier hostnameVerifier = new DefaultHostnameVerifier(); // Create a registry of custom connection session strategies for supported // protocol schemes. Registry<SchemeIOSessionStrategy> sessionStrategyRegistry = RegistryBuilder .<SchemeIOSessionStrategy>create().register("http", NoopIOSessionStrategy.INSTANCE) .register("https", new SSLIOSessionStrategy(sslcontext, hostnameVerifier)).build(); // Use custom DNS resolver to override the system DNS resolution. DnsResolver dnsResolver = new SystemDefaultDnsResolver() { @Override public InetAddress[] resolve(final String host) throws UnknownHostException { if (host.equalsIgnoreCase("myhost")) { return new InetAddress[] { InetAddress.getByAddress(new byte[] { 127, 0, 0, 1 }) }; } else { return super.resolve(host); } } }; // Create I/O reactor configuration IOReactorConfig ioReactorConfig = IOReactorConfig.custom() .setIoThreadCount(Runtime.getRuntime().availableProcessors()).setConnectTimeout(30000) .setSoTimeout(30000).build(); // Create a custom I/O reactort ConnectingIOReactor ioReactor = new DefaultConnectingIOReactor(ioReactorConfig); // Create a connection manager with custom configuration. PoolingNHttpClientConnectionManager connManager = new PoolingNHttpClientConnectionManager(ioReactor, connFactory, sessionStrategyRegistry, dnsResolver); // Create message constraints MessageConstraints messageConstraints = MessageConstraints.custom().setMaxHeaderCount(200) .setMaxLineLength(2000).build(); // Create connection configuration ConnectionConfig connectionConfig = ConnectionConfig.custom() .setMalformedInputAction(CodingErrorAction.IGNORE) .setUnmappableInputAction(CodingErrorAction.IGNORE).setCharset(Consts.UTF_8) .setMessageConstraints(messageConstraints).build(); // Configure the connection manager to use connection configuration either // by default or for a specific host. connManager.setDefaultConnectionConfig(connectionConfig); connManager.setConnectionConfig(new HttpHost("somehost", 80), ConnectionConfig.DEFAULT); // Configure total max or per route limits for persistent connections // that can be kept in the pool or leased by the connection manager. connManager.setMaxTotal(100); connManager.setDefaultMaxPerRoute(10); connManager.setMaxPerRoute(new HttpRoute(new HttpHost("somehost", 80)), 20); // Use custom cookie store if necessary. CookieStore cookieStore = new BasicCookieStore(); // Use custom credentials provider if necessary. CredentialsProvider credentialsProvider = new BasicCredentialsProvider(); // Create global request configuration RequestConfig defaultRequestConfig = RequestConfig.custom().setCookieSpec(CookieSpecs.DEFAULT) .setExpectContinueEnabled(true) .setTargetPreferredAuthSchemes(Arrays.asList(AuthSchemes.NTLM, AuthSchemes.DIGEST)) .setProxyPreferredAuthSchemes(Arrays.asList(AuthSchemes.BASIC)).build(); // Create an HttpClient with the given custom dependencies and configuration. CloseableHttpAsyncClient httpclient = HttpAsyncClients.custom().setConnectionManager(connManager) .setDefaultCookieStore(cookieStore).setDefaultCredentialsProvider(credentialsProvider) .setProxy(new HttpHost("myproxy", 8080)).setDefaultRequestConfig(defaultRequestConfig).build(); try { HttpGet httpget = new HttpGet("http://localhost/"); // Request configuration can be overridden at the request level. // They will take precedence over the one set at the client level. RequestConfig requestConfig = RequestConfig.copy(defaultRequestConfig).setSocketTimeout(5000) .setConnectTimeout(5000).setConnectionRequestTimeout(5000) .setProxy(new HttpHost("myotherproxy", 8080)).build(); httpget.setConfig(requestConfig); // Execution context can be customized locally. HttpClientContext localContext = HttpClientContext.create(); // Contextual attributes set the local context level will take // precedence over those set at the client level. localContext.setCookieStore(cookieStore); localContext.setCredentialsProvider(credentialsProvider); System.out.println("Executing request " + httpget.getRequestLine()); httpclient.start(); // Pass local context as a parameter Future<HttpResponse> future = httpclient.execute(httpget, localContext, null); // Please note that it may be unsafe to access HttpContext instance // while the request is still being executed HttpResponse response = future.get(); System.out.println("Response: " + response.getStatusLine()); // Once the request has been executed the local context can // be used to examine updated state and various objects affected // by the request execution. // Last executed request localContext.getRequest(); // Execution route localContext.getHttpRoute(); // Target auth state localContext.getTargetAuthState(); // Proxy auth state localContext.getTargetAuthState(); // Cookie origin localContext.getCookieOrigin(); // Cookie spec used localContext.getCookieSpec(); // User security token localContext.getUserToken(); } finally { httpclient.close(); } }
From source file:afred.javademo.httpclient.official.AsyncClientConfiguration.java
public final static void main(String[] args) throws Exception { // Use custom message parser / writer to customize the way HTTP // messages are parsed from and written out to the data stream. NHttpMessageParserFactory<HttpResponse> responseParserFactory = new DefaultHttpResponseParserFactory() { @Override/*from www. j a v a2s . c om*/ public NHttpMessageParser<HttpResponse> create(final SessionInputBuffer buffer, final MessageConstraints constraints) { LineParser lineParser = new BasicLineParser() { @Override public Header parseHeader(final CharArrayBuffer buffer) { try { return super.parseHeader(buffer); } catch (ParseException ex) { return new BasicHeader(buffer.toString(), null); } } }; return new DefaultHttpResponseParser(buffer, lineParser, DefaultHttpResponseFactory.INSTANCE, constraints); } }; NHttpMessageWriterFactory<HttpRequest> requestWriterFactory = new DefaultHttpRequestWriterFactory(); // Use a custom connection factory to customize the process of // initialization of outgoing HTTP connections. Beside standard connection // configuration parameters HTTP connection factory can define message // parser / writer routines to be employed by individual connections. NHttpConnectionFactory<ManagedNHttpClientConnection> connFactory = new ManagedNHttpClientConnectionFactory( requestWriterFactory, responseParserFactory, HeapByteBufferAllocator.INSTANCE); // Client HTTP connection objects when fully initialized can be bound to // an arbitrary network socket. The process of network socket initialization, // its connection to a remote address and binding to a local one is controlled // by a connection socket factory. // SSL context for secure connections can be created either based on // system or application specific properties. SSLContext sslcontext = SSLContexts.createSystemDefault(); // Use custom hostname verifier to customize SSL hostname verification. X509HostnameVerifier hostnameVerifier = new BrowserCompatHostnameVerifier(); // Create a registry of custom connection session strategies for supported // protocol schemes. Registry<SchemeIOSessionStrategy> sessionStrategyRegistry = RegistryBuilder .<SchemeIOSessionStrategy>create().register("http", NoopIOSessionStrategy.INSTANCE) .register("https", new SSLIOSessionStrategy(sslcontext, hostnameVerifier)).build(); // Use custom DNS resolver to override the system DNS resolution. DnsResolver dnsResolver = new SystemDefaultDnsResolver() { @Override public InetAddress[] resolve(final String host) throws UnknownHostException { if (host.equalsIgnoreCase("myhost")) { return new InetAddress[] { InetAddress.getByAddress(new byte[] { 127, 0, 0, 1 }) }; } else { return super.resolve(host); } } }; // Create I/O reactor configuration IOReactorConfig ioReactorConfig = IOReactorConfig.custom() .setIoThreadCount(Runtime.getRuntime().availableProcessors()).setConnectTimeout(30000) .setSoTimeout(30000).build(); // Create a custom I/O reactort ConnectingIOReactor ioReactor = new DefaultConnectingIOReactor(ioReactorConfig); // Create a connection manager with custom configuration. PoolingNHttpClientConnectionManager connManager = new PoolingNHttpClientConnectionManager(ioReactor, connFactory, sessionStrategyRegistry, dnsResolver); // Create message constraints MessageConstraints messageConstraints = MessageConstraints.custom().setMaxHeaderCount(200) .setMaxLineLength(2000).build(); // Create connection configuration ConnectionConfig connectionConfig = ConnectionConfig.custom() .setMalformedInputAction(CodingErrorAction.IGNORE) .setUnmappableInputAction(CodingErrorAction.IGNORE).setCharset(Consts.UTF_8) .setMessageConstraints(messageConstraints).build(); // Configure the connection manager to use connection configuration either // by default or for a specific host. connManager.setDefaultConnectionConfig(connectionConfig); connManager.setConnectionConfig(new HttpHost("somehost", 80), ConnectionConfig.DEFAULT); // Configure total max or per route limits for persistent connections // that can be kept in the pool or leased by the connection manager. connManager.setMaxTotal(100); connManager.setDefaultMaxPerRoute(10); connManager.setMaxPerRoute(new HttpRoute(new HttpHost("somehost", 80)), 20); // Use custom cookie store if necessary. CookieStore cookieStore = new BasicCookieStore(); // Use custom credentials provider if necessary. CredentialsProvider credentialsProvider = new BasicCredentialsProvider(); // Create global request configuration RequestConfig defaultRequestConfig = RequestConfig.custom().setCookieSpec(CookieSpecs.BEST_MATCH) .setExpectContinueEnabled(true).setStaleConnectionCheckEnabled(true) .setTargetPreferredAuthSchemes(Arrays.asList(AuthSchemes.NTLM, AuthSchemes.DIGEST)) .setProxyPreferredAuthSchemes(Arrays.asList(AuthSchemes.BASIC)).build(); // Create an HttpClient with the given custom dependencies and configuration. CloseableHttpAsyncClient httpclient = HttpAsyncClients.custom().setConnectionManager(connManager) .setDefaultCookieStore(cookieStore).setDefaultCredentialsProvider(credentialsProvider) .setProxy(new HttpHost("myproxy", 8080)).setDefaultRequestConfig(defaultRequestConfig).build(); try { HttpGet httpget = new HttpGet("http://localhost/"); // Request configuration can be overridden at the request level. // They will take precedence over the one set at the client level. RequestConfig requestConfig = RequestConfig.copy(defaultRequestConfig).setSocketTimeout(5000) .setConnectTimeout(5000).setConnectionRequestTimeout(5000) .setProxy(new HttpHost("myotherproxy", 8080)).build(); httpget.setConfig(requestConfig); // Execution context can be customized locally. HttpClientContext localContext = HttpClientContext.create(); // Contextual attributes set the local context level will take // precedence over those set at the client level. localContext.setCookieStore(cookieStore); localContext.setCredentialsProvider(credentialsProvider); System.out.println("Executing request " + httpget.getRequestLine()); httpclient.start(); // Pass local context as a parameter Future<HttpResponse> future = httpclient.execute(httpget, localContext, null); // Please note that it may be unsafe to access HttpContext instance // while the request is still being executed HttpResponse response = future.get(); System.out.println("Response: " + response.getStatusLine()); // Once the request has been executed the local context can // be used to examine updated state and various objects affected // by the request execution. // Last executed request localContext.getRequest(); // Execution route localContext.getHttpRoute(); // Target auth state localContext.getTargetAuthState(); // Proxy auth state localContext.getTargetAuthState(); // Cookie origin localContext.getCookieOrigin(); // Cookie spec used localContext.getCookieSpec(); // User security token localContext.getUserToken(); } finally { httpclient.close(); } }
From source file:securitytools.common.http.HttpClientFactory.java
public static CloseableHttpAsyncClient buildAsync(ClientConfiguration clientConfiguration) throws NoSuchAlgorithmException { HttpAsyncClientBuilder builder = HttpAsyncClients.custom(); // Certificate Validation // TODO/*from w w w . ja v a 2 s . c om*/ if (clientConfiguration.isCertificateValidationEnabled()) { builder.setSSLStrategy(new SSLIOSessionStrategy(SSLContext.getDefault(), SSLConnectionSocketFactory.STRICT_HOSTNAME_VERIFIER)); } else { // Disable SSLIOSessionStrategy sslStrategy = new SSLIOSessionStrategy(SSLContext.getDefault(), SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); builder.setSSLStrategy(sslStrategy); } // Timeouts RequestConfig.Builder requestConfigBuilder = RequestConfig.custom(); requestConfigBuilder.setConnectTimeout(clientConfiguration.getConnectionTimeout()); requestConfigBuilder.setConnectionRequestTimeout(clientConfiguration.getConnectionTimeout()); requestConfigBuilder.setSocketTimeout(clientConfiguration.getSocketTimeout()); builder.setDefaultRequestConfig(requestConfigBuilder.build()); // User Agent builder.setUserAgent(clientConfiguration.getUserAgent()); // Proxy if (clientConfiguration.getProxyHost() != null) { builder.setProxy(clientConfiguration.getProxyHost()); } return builder.build(); }
From source file:org.elasticsearch.xpack.ssl.SSLClientAuthTests.java
public void testThatHttpFailsWithoutSslClientAuth() throws IOException { SSLIOSessionStrategy sessionStrategy = new SSLIOSessionStrategy(SSLContexts.createDefault(), NoopHostnameVerifier.INSTANCE); try (RestClient restClient = createRestClient( httpClientBuilder -> httpClientBuilder.setSSLStrategy(sessionStrategy), "https")) { restClient.performRequest("GET", "/"); fail("Expected SSLHandshakeException"); } catch (IOException e) { Throwable t = ExceptionsHelper.unwrap(e, CertPathBuilderException.class); assertThat(t, instanceOf(CertPathBuilderException.class)); assertThat(t.getMessage(),//from w ww. j av a 2 s .c o m containsString("unable to find valid certification path to requested target")); } }
From source file:org.elasticsearch.xpack.ssl.SSLClientAuthTests.java
public void testThatHttpWorksWithSslClientAuth() throws IOException { SSLIOSessionStrategy sessionStrategy = new SSLIOSessionStrategy(getSSLContext(), NoopHostnameVerifier.INSTANCE); try (RestClient restClient = createRestClient( httpClientBuilder -> httpClientBuilder.setSSLStrategy(sessionStrategy), "https")) { Response response = restClient.performRequest("GET", "/", new BasicHeader("Authorization", basicAuthHeaderValue(transportClientUsername(), transportClientPassword()))); assertThat(response.getStatusLine().getStatusCode(), equalTo(200)); assertThat(EntityUtils.toString(response.getEntity()), containsString("You Know, for Search")); }//from w ww.j a v a2 s .co m }
From source file:org.appenders.log4j2.elasticsearch.jest.JKSCertInfo.java
@Override public void applyTo(HttpClientConfig.Builder clientConfigBuilder) { try (FileInputStream keystoreFile = new FileInputStream(new File(keystorePath)); FileInputStream truststoreFile = new FileInputStream(new File(truststorePath))) { KeyStore keyStore = KeyStore.getInstance("jks"); keyStore.load(keystoreFile, keystorePassword.toCharArray()); KeyManagerFactory keyManagerFactory = KeyManagerFactory .getInstance(KeyManagerFactory.getDefaultAlgorithm()); keyManagerFactory.init(keyStore, keystorePassword.toCharArray()); KeyStore trustStore = KeyStore.getInstance("jks"); trustStore.load(truststoreFile, truststorePassword.toCharArray()); TrustManagerFactory trustManagerFactory = TrustManagerFactory .getInstance(TrustManagerFactory.getDefaultAlgorithm()); trustManagerFactory.init(trustStore); SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null); // TODO: add support for hostname verification modes clientConfigBuilder.sslSocketFactory(new SSLConnectionSocketFactory(sslContext)); clientConfigBuilder/*from w w w .jav a 2 s .c o m*/ .httpsIOSessionStrategy(new SSLIOSessionStrategy(sslContext, new NoopHostnameVerifier())); } catch (IOException | GeneralSecurityException e) { throw new ConfigurationException(configExceptionMessage, e); } }
From source file:org.appenders.log4j2.elasticsearch.jest.PEMCertInfo.java
@Override public void applyTo(HttpClientConfig.Builder builder) { if (java.security.Security.getProvider(BouncyCastleProvider.PROVIDER_NAME) == null) { java.security.Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider()); }//from w ww . j ava2s . c o m try (FileInputStream clientCert = new FileInputStream(new File(clientCertPath)); FileInputStream key = new FileInputStream(new File(keyPath)); FileInputStream certificateAuthoritiies = new FileInputStream(new File(caPath))) { KeyStore keyStore = PemReader.loadKeyStore(clientCert, key, Optional.ofNullable(keyPassphrase)); KeyManagerFactory keyManagerFactory = KeyManagerFactory .getInstance(KeyManagerFactory.getDefaultAlgorithm()); keyManagerFactory.init(keyStore, keyPassphrase.toCharArray()); KeyStore trustStore = PemReader.loadTrustStore(certificateAuthoritiies); TrustManagerFactory trustManagerFactory = TrustManagerFactory .getInstance(TrustManagerFactory.getDefaultAlgorithm()); trustManagerFactory.init(trustStore); SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null); // TODO: add support for hostname verification modes builder.sslSocketFactory(new SSLConnectionSocketFactory(sslContext)); builder.httpsIOSessionStrategy(new SSLIOSessionStrategy(sslContext, new NoopHostnameVerifier())); } catch (IOException | GeneralSecurityException e) { throw new ConfigurationException(configExceptionMessage, e); } }
From source file:io.apiman.manager.api.es.DefaultEsClientFactory.java
/** * @param httpConfig/*from w w w .j a va2s. c om*/ */ @SuppressWarnings("nls") private void updateSslConfig(Builder httpConfig) { try { String clientKeystorePath = getConfig().get("client-keystore"); String clientKeystorePassword = getConfig().get("client-keystore.password"); String trustStorePath = getConfig().get("trust-store"); String trustStorePassword = getConfig().get("trust-store.password"); SSLContext sslContext = SSLContext.getInstance("TLS"); Info kPathInfo = new Info(clientKeystorePath, clientKeystorePassword); Info tPathInfo = new Info(trustStorePath, trustStorePassword); sslContext.init(KeyStoreUtil.getKeyManagers(kPathInfo), KeyStoreUtil.getTrustManagers(tPathInfo), null); HostnameVerifier hostnameVerifier = new DefaultHostnameVerifier(); SSLConnectionSocketFactory sslSocketFactory = new SSLConnectionSocketFactory(sslContext, hostnameVerifier); SchemeIOSessionStrategy httpsIOSessionStrategy = new SSLIOSessionStrategy(sslContext, hostnameVerifier); httpConfig.defaultSchemeForDiscoveredNodes("https"); httpConfig.sslSocketFactory(sslSocketFactory); // for sync calls httpConfig.httpsIOSessionStrategy(httpsIOSessionStrategy); // for async calls } catch (Exception e) { throw new RuntimeException(e); } }
From source file:org.apache.zeppelin.notebook.repo.zeppelinhub.rest.HttpProxyClient.java
private PoolingNHttpClientConnectionManager getAsyncConnectionManager() { ConnectingIOReactor ioReactor = null; PoolingNHttpClientConnectionManager cm = null; try {//from w ww .j ava 2 s.c o m ioReactor = new DefaultConnectingIOReactor(); // ssl setup SSLContext sslcontext = SSLContexts.createSystemDefault(); X509HostnameVerifier hostnameVerifier = new BrowserCompatHostnameVerifier(); @SuppressWarnings("deprecation") Registry<SchemeIOSessionStrategy> sessionStrategyRegistry = RegistryBuilder .<SchemeIOSessionStrategy>create().register("http", NoopIOSessionStrategy.INSTANCE) .register("https", new SSLIOSessionStrategy(sslcontext, hostnameVerifier)).build(); cm = new PoolingNHttpClientConnectionManager(ioReactor, sessionStrategyRegistry); } catch (IOReactorException e) { LOG.error("Couldn't initialize multi-threaded async client ", e); return null; } return cm; }