List of usage examples for org.apache.http.ssl SSLContexts custom
public static SSLContextBuilder custom()
From source file:io.apicurio.hub.api.security.KeycloakLinkedAccountsProvider.java
@PostConstruct protected void postConstruct() { try {/*from ww w. j av a 2 s.c om*/ if (config.isDisableKeycloakTrustManager()) { SSLContext sslContext = SSLContexts.custom().loadTrustMaterial(null, new TrustSelfSignedStrategy()) .build(); SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslContext, NoopHostnameVerifier.INSTANCE); httpClient = HttpClients.custom().setSSLSocketFactory(sslsf).build(); } else { httpClient = HttpClients.createSystem(); } } catch (Exception e) { throw new RuntimeException(e); } }
From source file:com.palominolabs.crm.sf.rest.RestConnectionPoolImpl.java
/** * Create a new pool with a specific idle connection timeout. * * @param metricRegistry metric registry * @param idleConnTimeout how long an unused connection must sit idle before it is eligible for removal from the *///from w ww . java 2 s. co m public RestConnectionPoolImpl(MetricRegistry metricRegistry, int idleConnTimeout) { this.metricRegistry = metricRegistry; SSLContext sslContext = null; try { sslContext = SSLContexts.custom().useProtocol("TLSv1.2").build(); } catch (Exception e) { throw new RuntimeException(e); } SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslContext); Registry<ConnectionSocketFactory> r = RegistryBuilder.<ConnectionSocketFactory>create() .register("https", sslsf).build(); connectionManager = new PoolingHttpClientConnectionManager(r); connectionManager.setDefaultMaxPerRoute(20); connectionManager.setMaxTotal(60); SocketConfig socketConfig = SocketConfig.custom().setSoTimeout(300000).build(); connectionManager.setDefaultSocketConfig(socketConfig); objectMapper = new ObjectMapper(); objectMapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false); this.httpClient = HttpClientBuilder.create().setConnectionManager(connectionManager).build(); this.idleConnTimeout = idleConnTimeout; }
From source file:org.createnet.raptor.auth.AuthHttpClient.java
private CloseableHttpClient getHttpClient() throws KeyStoreException, NoSuchAlgorithmException, KeyManagementException, UnrecoverableKeyException, CertificateException, IOException { if (httpclient == null) { logger.debug("Created http client instance"); // Trust own CA and all self-signed certs SSLContext sslcontext = SSLContexts.custom().loadTrustMaterial(new File(config.token.truststore.path), config.token.truststore.password.toCharArray(), new TrustSelfSignedStrategy()).build(); // Allow TLSv1 protocol only SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslcontext, new String[] { "TLSv1.2", "TLSv1.1", "TLSv1" }, null, SSLConnectionSocketFactory.getDefaultHostnameVerifier()); Registry socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create() .register("http", PlainConnectionSocketFactory.INSTANCE).register("https", sslsf).build(); HttpClientConnectionManager poolingConnManager = new PoolingHttpClientConnectionManager( socketFactoryRegistry);/*from ww w. j a va 2 s. co m*/ httpclient = HttpClients.custom() // .setSSLSocketFactory(sslsf) .setConnectionManager(poolingConnManager) // .setConnectionManagerShared(true) .build(); } return httpclient; }
From source file:tech.beshu.ror.httpclient.ApacheHttpCoreClient.java
private CloseableHttpAsyncClient getNonValidatedHttpClient() { try {//from ww w . j ava2 s.c om return HttpAsyncClients.custom().setSSLHostnameVerifier(new NoopHostnameVerifier()) .setSSLContext(SSLContexts.custom() .loadTrustMaterial(null, (X509Certificate[] chain, String authType) -> true).build()) .build(); } catch (KeyManagementException | NoSuchAlgorithmException | KeyStoreException e) { logger.error("cannot create non-validating Apache HTTP Core client.. ", e); return HttpAsyncClients.createDefault(); } }
From source file:org.owasp.benchmark.tools.BenchmarkCrawler.java
public static SSLConnectionSocketFactory getSSLFactory() throws Exception { SSLContext sslcontext = SSLContexts.custom().loadTrustMaterial(null, new TrustSelfSignedStrategy()).build(); // Allow TLSv1 protocol only SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslcontext, new String[] { "TLSv1" }, null, NoopHostnameVerifier.INSTANCE); return sslsf; }
From source file:org.springframework.cloud.dataflow.shell.command.support.HttpClientUtils.java
/** * Will create a certificate-ignoring {@link SSLContext}. Please use with utmost caution as it undermines security, * but may be useful in certain testing or development scenarios. * * @return The SSLContext/* ww w.j av a2s.c om*/ */ public static SSLContext buildCertificateIgnoringSslContext() { try { return SSLContexts.custom().loadTrustMaterial(new TrustStrategy() { @Override public boolean isTrusted(X509Certificate[] arg0, String arg1) throws CertificateException { return true; } }).build(); } catch (KeyManagementException | NoSuchAlgorithmException | KeyStoreException e) { throw new IllegalStateException( "Unexpected exception while building the certificate-ignoring SSLContext.", e); } }
From source file:net.ymate.framework.commons.HttpClientHelper.java
public static SSLConnectionSocketFactory createConnectionSocketFactory(String certType, URL certFilePath, char[] passwordChars) throws KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException, UnrecoverableKeyException, KeyManagementException { if (StringUtils.isBlank(certType)) { throw new NullArgumentException("certType"); }//from ww w .j av a 2s .c o m if (certFilePath == null) { throw new NullArgumentException("certFilePath"); } if (ArrayUtils.isEmpty(passwordChars)) { throw new NullArgumentException("passwordChars"); } KeyStore _keyStore = KeyStore.getInstance(certType); InputStream _certFileStream = null; try { _certFileStream = certFilePath.openStream(); _keyStore.load(_certFileStream, passwordChars); } finally { IOUtils.closeQuietly(_certFileStream); } SSLContext _sslContext = SSLContexts.custom().loadKeyMaterial(_keyStore, passwordChars).build(); return new SSLConnectionSocketFactory(_sslContext, new String[] { "TLSv1" }, null, new DefaultHostnameVerifier()); }
From source file:io.fabric8.maven.docker.access.hc.http.HttpClientBuilder.java
private static Registry<ConnectionSocketFactory> getSslFactoryRegistry(String certPath) throws IOException { try {/* w w w .ja v a 2s . c o m*/ KeyStore keyStore = KeyStoreUtil.createDockerKeyStore(certPath); SSLContext sslContext = SSLContexts.custom().useProtocol(SSLConnectionSocketFactory.TLS) .loadKeyMaterial(keyStore, "docker".toCharArray()).loadTrustMaterial(keyStore, null).build(); String tlsVerify = System.getenv("DOCKER_TLS_VERIFY"); SSLConnectionSocketFactory sslsf = tlsVerify != null && !tlsVerify.equals("0") && !tlsVerify.equals("false") ? new SSLConnectionSocketFactory(sslContext) : new SSLConnectionSocketFactory(sslContext, NoopHostnameVerifier.INSTANCE); return RegistryBuilder.<ConnectionSocketFactory>create().register("https", sslsf).build(); } catch (GeneralSecurityException e) { // this isn't ideal but the net effect is the same throw new IOException(e); } }
From source file:com.github.restdriver.clientdriver.integration.SecureClientDriverRuleTest.java
private HttpClient getClient() throws KeyManagementException, NoSuchAlgorithmException, KeyStoreException { try {/* ww w. ja v a 2s. com*/ // set the test certificate as trusted SSLContext context = SSLContexts.custom() .loadTrustMaterial(getKeystore(), TrustSelfSignedStrategy.INSTANCE).build(); return HttpClients.custom().setSSLHostnameVerifier(new NoopHostnameVerifier()).setSSLContext(context) .build(); } catch (Exception e) { throw new ClientDriverSetupException("Client could not be created.", e); } }
From source file:org.keycloak.testsuite.util.AdminClientUtil.java
private static SSLContext getSSLContextWithTrustore(File file, String password) throws CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException, KeyManagementException { if (!file.isFile()) { throw new RuntimeException("Truststore file not found: " + file.getAbsolutePath()); }/*from w w w . j ava 2 s . co m*/ SSLContext theContext = SSLContexts.custom().useProtocol("TLS") .loadTrustMaterial(file, password == null ? null : password.toCharArray()).build(); return theContext; }