Examples with TrustManagerFactory javax.net.ssl.TrustManagerFactory used on opensource projects

Example 96 with TrustManagerFactory

use of javax.net.ssl.TrustManagerFactory in project cxf by apache.

the class STSTokenOutInterceptorTest method prepareTLSParams.

private TLSClientParameters prepareTLSParams() throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, UnrecoverableKeyException {
    TLSClientParameters tlsParams = new TLSClientParameters();
    tlsParams.setDisableCNCheck(true);
    KeyStore trustStore = loadClientKeystore();
    TrustManagerFactory trustFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
    trustFactory.init(trustStore);
    TrustManager[] tm = trustFactory.getTrustManagers();
    tlsParams.setTrustManagers(tm);
    KeyStore keyStore = loadClientKeystore();
    KeyManagerFactory keyFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
    keyFactory.init(keyStore, KEY_PASS.toCharArray());
    KeyManager[] km = keyFactory.getKeyManagers();
    tlsParams.setKeyManagers(km);
    return tlsParams;
}

Example 97 with TrustManagerFactory

use of javax.net.ssl.TrustManagerFactory in project cxf by apache.

the class STSTokenOutInterceptorTest method configureDefaultHttpsConnection.

private void configureDefaultHttpsConnection() throws NoSuchAlgorithmException, KeyStoreException, CertificateException, IOException, KeyManagementException {
    // For localhost testing only
    javax.net.ssl.HttpsURLConnection.setDefaultHostnameVerifier(new javax.net.ssl.HostnameVerifier() {

        public boolean verify(String hostname, javax.net.ssl.SSLSession sslSession) {
            return "localhost".equals(hostname);
        }
    });
    TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
    KeyStore keyStore = loadClientKeystore();
    trustManagerFactory.init(keyStore);
    TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
    SSLContext sc = SSLContext.getInstance("SSL");
    sc.init(null, trustManagers, new java.security.SecureRandom());
    HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
    // Needed to prevent test failure using IBM JDK
    if ("IBM Corporation".equals(System.getProperty("java.vendor"))) {
        System.setProperty("https.protocols", "TLSv1");
    }
}

Example 98 with TrustManagerFactory

use of javax.net.ssl.TrustManagerFactory in project cxf by apache.

the class STSTokenRetrieverTest method prepareTLSParams.

private TLSClientParameters prepareTLSParams() throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, UnrecoverableKeyException {
    TLSClientParameters tlsParams = new TLSClientParameters();
    tlsParams.setDisableCNCheck(true);
    KeyStore trustStore = loadClientKeystore();
    TrustManagerFactory trustFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
    trustFactory.init(trustStore);
    TrustManager[] tm = trustFactory.getTrustManagers();
    tlsParams.setTrustManagers(tm);
    KeyStore keyStore = loadClientKeystore();
    KeyManagerFactory keyFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
    keyFactory.init(keyStore, KEY_PASS.toCharArray());
    KeyManager[] km = keyFactory.getKeyManagers();
    tlsParams.setKeyManagers(km);
    return tlsParams;
}

Example 99 with TrustManagerFactory

use of javax.net.ssl.TrustManagerFactory in project cxf by apache.

the class ClientNonSpring method getTrustManagers.

private static TrustManager[] getTrustManagers(KeyStore trustStore) throws NoSuchAlgorithmException, KeyStoreException {
    String alg = KeyManagerFactory.getDefaultAlgorithm();
    TrustManagerFactory fac = TrustManagerFactory.getInstance(alg);
    fac.init(trustStore);
    return fac.getTrustManagers();
}

Example 100 with TrustManagerFactory

use of javax.net.ssl.TrustManagerFactory in project cxf by apache.

the class SSLv3Test method testSSLv3ServerNotAllowedByDefault.

@org.junit.Test
public void testSSLv3ServerNotAllowedByDefault() throws Exception {
    SpringBusFactory bf = new SpringBusFactory();
    URL busFile = SSLv3Test.class.getResource("sslv3-client.xml");
    Bus bus = bf.createBus(busFile.toString());
    BusFactory.setDefaultBus(bus);
    BusFactory.setThreadDefaultBus(bus);
    System.setProperty("https.protocols", "SSLv3");
    URL service = new URL("https://localhost:" + PORT);
    HttpsURLConnection connection = (HttpsURLConnection) service.openConnection();
    connection.setHostnameVerifier(new DisableCNCheckVerifier());
    SSLContext sslContext = SSLContext.getInstance("SSL");
    KeyStore trustedCertStore = KeyStore.getInstance("jks");
    try (InputStream keystore = ClassLoaderUtils.getResourceAsStream("keys/Truststore.jks", SSLv3Test.class)) {
        trustedCertStore.load(keystore, null);
    }
    TrustManagerFactory tmf = TrustManagerFactory.getInstance("PKIX");
    tmf.init(trustedCertStore);
    TrustManager[] trustManagers = tmf.getTrustManagers();
    sslContext.init(null, trustManagers, new java.security.SecureRandom());
    connection.setSSLSocketFactory(sslContext.getSocketFactory());
    try {
        connection.connect();
        fail("Failure expected on an SSLv3 connection attempt");
    } catch (IOException ex) {
    // expected
    }
    System.clearProperty("https.protocols");
    bus.shutdown(true);
}