List of usage examples for org.apache.http.ssl SSLContextBuilder build
public SSLContext build() throws NoSuchAlgorithmException, KeyManagementException
From source file:de.zazaz.iot.bosch.indego.ifttt.IftttIndegoAdapter.java
/** * This creates a HTTP client instance for connecting the IFTTT server. * //from w w w . j a v a 2 s .co m * @return the HTTP client instance */ private CloseableHttpClient buildHttpClient() { if (configuration.isIftttIgnoreServerCertificate()) { try { SSLContextBuilder builder = new SSLContextBuilder(); builder.loadTrustMaterial(new TrustStrategy() { @Override public boolean isTrusted(X509Certificate[] chain_, String authType_) throws CertificateException { return true; } }); SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(builder.build()); return HttpClients.custom().setSSLSocketFactory(sslsf).build(); } catch (Exception ex) { LOG.error(ex); // This should never happen, but we have to handle it throw new RuntimeException(ex); } } else { return HttpClients.createDefault(); } }
From source file:org.ulyssis.ipp.publisher.HttpOutput.java
private SSLContext createSslCustomContext() { try {//from w w w .ja v a 2s . c o m SSLContextBuilder builder = SSLContexts.custom(); if (options.getKeystore().isPresent()) { KeyStore cks = KeyStore.getInstance(KeyStore.getDefaultType()); cks.load(new FileInputStream(options.getKeystore().get().toFile()), options.getKeystorePass().toCharArray()); builder.loadKeyMaterial(cks, options.getKeystorePass().toCharArray()); } if (options.getTruststore().isPresent()) { KeyStore tks = KeyStore.getInstance(KeyStore.getDefaultType()); tks.load(new FileInputStream(options.getTruststore().get().toFile()), options.getTruststorePass().toCharArray()); builder.loadTrustMaterial(tks, new TrustSelfSignedStrategy()); } if (!options.getKeystore().isPresent() && !options.getKeystore().isPresent()) { return SSLContext.getDefault(); } return builder.build(); } catch (Exception e) { // TODO: DO SOMETHING WITH THE EXCEPTION! LOG.error("Exception", e); } return null; }
From source file:com.lehman.ic9.net.httpClient.java
/** * Build client method is used initialize the HTTP client and is * called from perform request./*from w ww .j av a 2 s .c o m*/ * @param httpGet is a HttpRequest object with the request. * @throws NoSuchAlgorithmException Exception * @throws KeyStoreException Exception * @throws KeyManagementException Exception * @throws AuthenticationException Exception */ private void buildClient(HttpRequest httpGet) throws NoSuchAlgorithmException, KeyStoreException, KeyManagementException, AuthenticationException { this.hcb = HttpClients.custom(); this.hcb.setDefaultCookieStore(this.cs); this.hcb.setDefaultCredentialsProvider(this.cp); this.hcb.setDefaultRequestConfig(this.rcb.build()); if (this.allowSelfSigned) { SSLContextBuilder sslBuilder = new SSLContextBuilder(); sslBuilder.loadTrustMaterial(null, new TrustSelfSignedStrategy()); SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslBuilder.build(), SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); this.hcb.setSSLSocketFactory(sslsf); } this.buildAuth(httpGet); if (this.tcpNoDelay) { SocketConfig socketConfig = SocketConfig.custom().setTcpNoDelay(true).build(); this.hcb.setDefaultSocketConfig(socketConfig); } this.cli = hcb.build(); }
From source file:com.liferay.petra.json.web.service.client.BaseJSONWebServiceClientImpl.java
protected SSLIOSessionStrategy getSSLIOSessionStrategy() { SSLContextBuilder sslContextBuilder = SSLContexts.custom(); SSLContext sslContext = null; try {//from www . j a v a 2 s. c o m sslContextBuilder.loadTrustMaterial(_keyStore, new TrustSelfSignedStrategy()); sslContext = sslContextBuilder.build(); sslContext.init(null, new TrustManager[] { new X509TrustManagerImpl() }, null); } catch (Exception e) { throw new RuntimeException(e); } return new SSLIOSessionStrategy(sslContext, new String[] { "TLSv1" }, null, SSLConnectionSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER); }
From source file:com.ibm.og.client.ApacheClient.java
private SSLSocketFactory createSSLSocketFactory() { final SSLContextBuilder builder = SSLContextBuilder.create(); configureKeyStores(builder);/*from w w w .j av a2 s . c o m*/ configureTrustStores(builder); try { return builder.build().getSocketFactory(); } catch (final Exception e) { throw new RuntimeException(e); } }
From source file:org.apache.camel.component.etcd.EtcdEndpoint.java
@Override protected void doStart() throws Exception { if ((configuration.getTrustSelfsigned() == true) || (configuration.getCaFile() != null) || (configuration.getKeyFile() != null)) { // Need to create a custom httpclient since we need to change the SSL information. SSLContextBuilder builder = new SSLContextBuilder(); if (configuration.getTrustSelfsigned() == true) { // Don't need to look at the CA file since we are going to trust anyhow. final TrustStrategy acceptingTrustStrategy = new TrustStrategy() { @Override/*w ww . ja v a 2 s .c o m*/ public boolean isTrusted(X509Certificate[] certificate, String authType) { return true; } }; builder.loadTrustMaterial(acceptingTrustStrategy); } else { if (configuration.getCaFile() != null) { builder.loadTrustMaterial(new File(configuration.getCaFile())); } } // Now check if there are any private keys. if (configuration.getKeyFile() != null) { builder.loadKeyMaterial(new File(configuration.getKeyFile()), null, null); } //SSLSocketFactory socketfactory = SSLSocketFactory(builder.build()); final CloseableHttpAsyncClient httpClient = HttpAsyncClients.custom().setSSLContext(builder.build()) .build(); etcdClient = new EtcdClient(configuration.makeURI()); } else { etcdClient = new EtcdClient(configuration.makeURI()); } }
From source file:com.thinkbiganalytics.nifi.v2.core.metadata.MetadataProviderSelectorService.java
/** * Taken from NiFi GetHttp Processor//from w ww . j a v a 2s . com */ private SSLContext createSSLContext(final SSLContextService service) throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, KeyManagementException, UnrecoverableKeyException { final SSLContextBuilder sslContextBuilder = new SSLContextBuilder(); if (StringUtils.isNotBlank(service.getTrustStoreFile())) { final KeyStore truststore = KeyStore.getInstance(service.getTrustStoreType()); try (final InputStream in = new FileInputStream(new File(service.getTrustStoreFile()))) { truststore.load(in, service.getTrustStorePassword().toCharArray()); } sslContextBuilder.loadTrustMaterial(truststore, new TrustSelfSignedStrategy()); } if (StringUtils.isNotBlank(service.getKeyStoreFile())) { final KeyStore keystore = KeyStore.getInstance(service.getKeyStoreType()); try (final InputStream in = new FileInputStream(new File(service.getKeyStoreFile()))) { keystore.load(in, service.getKeyStorePassword().toCharArray()); } sslContextBuilder.loadKeyMaterial(keystore, service.getKeyStorePassword().toCharArray()); } sslContextBuilder.useProtocol(service.getSslAlgorithm()); return sslContextBuilder.build(); }
From source file:org.commonjava.util.jhttpc.HttpFactory.java
private SSLConnectionSocketFactory createSSLSocketFactory(final SiteConfig location) throws JHttpCException { SSLConnectionSocketFactory fac = (SSLConnectionSocketFactory) location.getAttribute(SSL_FACTORY_ATTRIB); if (fac != null) { return fac; }/* www . j a va2s. com*/ KeyStore ks = null; KeyStore ts = null; final String kcPem = location.getKeyCertPem(); final String kcPass = passwords.lookup(new PasswordKey(location, PasswordType.KEY)); if (kcPem != null) { logger.debug("Adding client key/certificate from: {}", location); if (kcPass == null || kcPass.length() < 1) { logger.error("Invalid configuration. Location: {} cannot have an empty key password!", location.getUri()); throw new JHttpCException( "Location: " + location.getUri() + " is misconfigured! Key password cannot be empty."); } try { logger.trace("Reading Client SSL key from:\n\n{}\n\n", kcPem); ks = SSLUtils.readKeyAndCert(kcPem, kcPass); logger.trace("Keystore contains the following certificates: {}", new CertEnumerator(ks, kcPass)); } catch (final CertificateException e) { logger.error(String.format( "Invalid configuration. Location: %s has an invalid client certificate! Error: %s", location.getUri(), e.getMessage()), e); throw new JHttpCException( "Failed to initialize SSL connection for repository: " + location.getUri()); } catch (final KeyStoreException e) { logger.error(String.format( "Invalid configuration. Cannot initialize keystore for repository: %s. Error: %s", location.getUri(), e.getMessage()), e); throw new JHttpCException( "Failed to initialize SSL connection for repository: " + location.getUri()); } catch (final NoSuchAlgorithmException e) { logger.error(String.format( "Invalid configuration. Cannot initialize keystore for repository: %s. Error: %s", location.getUri(), e.getMessage()), e); throw new JHttpCException( "Failed to initialize SSL connection for repository: " + location.getUri()); } catch (final InvalidKeySpecException e) { logger.error( String.format("Invalid configuration. Invalid client key for repository: %s. Error: %s", location.getUri(), e.getMessage()), e); throw new JHttpCException( "Failed to initialize SSL connection for repository: " + location.getUri()); } catch (IOException e) { throw new JHttpCException("Failed to read client SSL key/certificate from: %s. Reason: %s", e, location, e.getMessage()); } catch (JHttpCException e) { throw new JHttpCException("Failed to read client SSL key/certificate from: %s. Reason: %s", e, location, e.getMessage()); } } else { logger.debug("No client key/certificate found"); } final String sPem = location.getServerCertPem(); // logger.debug( "Server certificate PEM:\n{}", sPem ); if (sPem != null) { logger.debug("Loading TrustStore (server SSL) information from: {}", location); try { logger.trace("Reading Server SSL cert from:\n\n{}\n\n", sPem); ts = SSLUtils.decodePEMTrustStore(sPem, location.getHost()); logger.trace("Trust store contains the following certificates:\n{}", new CertEnumerator(ts, null)); } catch (final CertificateException e) { logger.error(String.format( "Invalid configuration. Location: %s has an invalid server certificate! Error: %s", location.getUri(), e.getMessage()), e); throw new JHttpCException( "Failed to initialize SSL connection for repository: " + location.getUri()); } catch (final KeyStoreException e) { logger.error(String.format( "Invalid configuration. Cannot initialize keystore for repository: %s. Error: %s", location.getUri(), e.getMessage()), e); throw new JHttpCException( "Failed to initialize SSL connection for repository: " + location.getUri()); } catch (final NoSuchAlgorithmException e) { logger.error(String.format( "Invalid configuration. Cannot initialize keystore for repository: %s. Error: %s", location.getUri(), e.getMessage()), e); throw new JHttpCException( "Failed to initialize SSL connection for repository: " + location.getUri()); } catch (IOException e) { throw new JHttpCException( "Failed to read server SSL certificate(s) (or couldn't parse server hostname) from: %s. Reason: %s", e, location, e.getMessage()); } } else { logger.debug("No server certificates found"); } if (ks != null || ts != null) { logger.debug("Setting up SSL context."); try { SSLContextBuilder sslBuilder = SSLContexts.custom().useProtocol(SSLConnectionSocketFactory.TLS); if (ks != null) { logger.trace("Loading key material for SSL context..."); PrivateKeyStrategy pkStrategy = new MonolithicKeyStrategy(); sslBuilder.loadKeyMaterial(ks, kcPass.toCharArray(), pkStrategy); } if (ts != null) { logger.trace("Loading trust material for SSL context..."); SiteTrustType trustType = location.getTrustType(); if (trustType == null) { trustType = SiteTrustType.DEFAULT; } sslBuilder.loadTrustMaterial(ts, trustType.getTrustStrategy()); } SSLContext ctx = sslBuilder.build(); fac = new SSLConnectionSocketFactory(ctx, new DefaultHostnameVerifier()); location.setAttribute(SSL_FACTORY_ATTRIB, fac); return fac; } catch (final KeyManagementException e) { logger.error( "Invalid configuration. Cannot initialize SSL socket factory for repository: {}. Error: {}", e, location.getUri(), e.getMessage()); throw new JHttpCException( "Failed to initialize SSL connection for repository: " + location.getUri()); } catch (final UnrecoverableKeyException e) { logger.error( "Invalid configuration. Cannot initialize SSL socket factory for repository: {}. Error: {}", e, location.getUri(), e.getMessage()); throw new JHttpCException( "Failed to initialize SSL connection for repository: " + location.getUri()); } catch (final NoSuchAlgorithmException e) { logger.error( "Invalid configuration. Cannot initialize SSL socket factory for repository: {}. Error: {}", e, location.getUri(), e.getMessage()); throw new JHttpCException( "Failed to initialize SSL connection for repository: " + location.getUri()); } catch (final KeyStoreException e) { logger.error( "Invalid configuration. Cannot initialize SSL socket factory for repository: {}. Error: {}", e, location.getUri(), e.getMessage()); throw new JHttpCException( "Failed to initialize SSL connection for repository: " + location.getUri()); } } else { logger.debug("No SSL configuration present; no SSL context created."); } return null; }
From source file:org.apache.nifi.processors.standard.GetHTTP.java
private SSLContext createSSLContext(final SSLContextService service) throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, KeyManagementException, UnrecoverableKeyException { final SSLContextBuilder sslContextBuilder = new SSLContextBuilder(); if (StringUtils.isNotBlank(service.getTrustStoreFile())) { final KeyStore truststore = KeyStoreUtils.getTrustStore(service.getTrustStoreType()); try (final InputStream in = new FileInputStream(new File(service.getTrustStoreFile()))) { truststore.load(in, service.getTrustStorePassword().toCharArray()); }//from ww w. j a va 2 s . c om sslContextBuilder.loadTrustMaterial(truststore, new TrustSelfSignedStrategy()); } if (StringUtils.isNotBlank(service.getKeyStoreFile())) { final KeyStore keystore = KeyStoreUtils.getKeyStore(service.getKeyStoreType()); try (final InputStream in = new FileInputStream(new File(service.getKeyStoreFile()))) { keystore.load(in, service.getKeyStorePassword().toCharArray()); } sslContextBuilder.loadKeyMaterial(keystore, service.getKeyStorePassword().toCharArray()); } sslContextBuilder.useProtocol(service.getSslAlgorithm()); return sslContextBuilder.build(); }