Examples with TrustManagerTrustAll - com.helger.commons.ws.TrustManagerTrustAll

Example 6 with TrustManagerTrustAll

use of com.helger.commons.ws.TrustManagerTrustAll in project phoss-directory by phax.

the class LocalHost8080FuncTest method setUp.

@Before
public void setUp() throws GeneralSecurityException, IOException {
    // Set test BC provider first!
    PDMetaManager.setBusinessCardProvider(LocalHost8080FuncTest::_createMockBC);
    PDMetaManager.getInstance();
    final File aTestClientCertificateKeyStore = new File("src/test/resources/smp.pilot.jks");
    if (aTestClientCertificateKeyStore.exists()) {
        // https
        final KeyStore aKeyStore = KeyStoreHelper.loadKeyStoreDirect(EKeyStoreType.JKS, aTestClientCertificateKeyStore.getAbsolutePath(), "peppol");
        // Try to create the socket factory from the provided key store
        final KeyManagerFactory aKeyManagerFactory = KeyManagerFactory.getInstance("SunX509");
        aKeyManagerFactory.init(aKeyStore, "peppol".toCharArray());
        final SSLContext aSSLContext = SSLContext.getInstance("TLS");
        aSSLContext.init(aKeyManagerFactory.getKeyManagers(), new TrustManager[] { new TrustManagerTrustAll(false) }, null);
        final Client aClient = ClientBuilder.newBuilder().sslContext(aSSLContext).hostnameVerifier(new HostnameVerifierVerifyAll(false)).build();
        m_aTarget = aClient.target("https://localhost:8080");
    } else {
        // http only
        LOGGER.warn("The SMP pilot keystore is missing for the tests! Client certificate handling will not be tested!");
        ClientCertificateValidator.allowAllForTests(true);
        final Client aClient = ClientBuilder.newClient();
        m_aTarget = aClient.target("http://localhost:8080");
    }
}

Also used : HostnameVerifierVerifyAll(com.helger.commons.ws.HostnameVerifierVerifyAll) SSLContext(javax.net.ssl.SSLContext) Client(javax.ws.rs.client.Client) File(java.io.File) KeyStore(java.security.KeyStore) TrustManagerTrustAll(com.helger.commons.ws.TrustManagerTrustAll) KeyManagerFactory(javax.net.ssl.KeyManagerFactory) Before(org.junit.Before)

Example 7 with TrustManagerTrustAll

use of com.helger.commons.ws.TrustManagerTrustAll in project as2-lib by phax.

the class AbstractHttpSenderModule method createSSLContext.

/**
 * Create the {@link SSLContext} to be used for https connections. By default
 * the SSL context will trust all hosts and present no keys. Override this
 * method in a subclass to customize this handling.
 *
 * @return The created {@link SSLContext}. May not be <code>null</code>.
 * @throws GeneralSecurityException
 *         If something internally goes wrong.
 */
@Nonnull
@OverrideOnDemand
public SSLContext createSSLContext() throws GeneralSecurityException {
    // Trust all server certificates
    final SSLContext aSSLCtx = SSLContext.getInstance("TLS");
    aSSLCtx.init(null, new TrustManager[] { new TrustManagerTrustAll(false) }, null);
    return aSSLCtx;
}

Also used : SSLContext(javax.net.ssl.SSLContext) TrustManagerTrustAll(com.helger.commons.ws.TrustManagerTrustAll) Nonnull(javax.annotation.Nonnull) OverrideOnDemand(com.helger.commons.annotation.OverrideOnDemand)

Example 8 with TrustManagerTrustAll

use of com.helger.commons.ws.TrustManagerTrustAll in project ph-web by phax.

the class HttpClientSettings method setSSLContextTrustAll.

/**
 * Attention: INSECURE METHOD!<br>
 * Set the a special SSL Context that does not expect any specific server
 * certificate. To be totally loose, you should also set a hostname verifier
 * that accepts all host names.
 *
 * @return this for chaining
 * @throws GeneralSecurityException
 *         In case TLS initialization fails
 */
@Nonnull
public final HttpClientSettings setSSLContextTrustAll() throws GeneralSecurityException {
    final SSLContext aSSLContext = SSLContext.getInstance("TLS");
    aSSLContext.init(null, new TrustManager[] { new TrustManagerTrustAll(false) }, null);
    return setSSLContext(aSSLContext);
}

Also used : SSLContext(javax.net.ssl.SSLContext) TrustManagerTrustAll(com.helger.commons.ws.TrustManagerTrustAll) Nonnull(javax.annotation.Nonnull)

Example 9 with TrustManagerTrustAll

use of com.helger.commons.ws.TrustManagerTrustAll in project peppol-commons by phax.

the class MainForArunFromBasware method main.

public static void main(final String[] args) throws Exception {
    // START MODIFY BELOW
    // Your SMP ID
    final String SMP_ID = "TEST-SMP";
    // Use SMK or SML?
    final ISMLInfo aSMLInfo = ESML.DIGIT_TEST;
    // Keystore path and password
    final EKeyStoreType eKeyStoreType = EKeyStoreType.JKS;
    final String sKeystorePath = "keystore/smp.pilot.jks";
    final String sKeystorePassword = "peppol";
    // Participant to be created
    final String sServiceGroupID = "0088:5798000000001";
    // Create (true) or delete (false) participant?
    final boolean bCreate = false;
    // Proxy server settings
    final String sProxyHostname = null;
    final int nProxyPort = 0;
    WSHelper.setMetroDebugSystemProperties(true);
    // Set proxy as system properties
    if (nProxyPort > 0 && StringHelper.hasText(sProxyHostname)) {
        SystemProperties.setPropertyValue("http.proxyHost", sProxyHostname);
        SystemProperties.setPropertyValue("http.proxyPort", nProxyPort);
        SystemProperties.setPropertyValue("https.proxyHost", sProxyHostname);
        SystemProperties.setPropertyValue("https.proxyPort", nProxyPort);
    }
    final ManageParticipantIdentifierServiceCaller aParticipantClient = new ManageParticipantIdentifierServiceCaller(aSMLInfo);
    if (aSMLInfo.isClientCertificateRequired()) {
        // Main key storage
        final KeyStore aKeyStore = KeyStoreHelper.loadKeyStoreDirect(eKeyStoreType, sKeystorePath, sKeystorePassword);
        // Key manager
        final KeyManagerFactory aKeyManagerFactory = KeyManagerFactory.getInstance("SunX509");
        aKeyManagerFactory.init(aKeyStore, sKeystorePassword.toCharArray());
        // Assign key manager and empty trust manager to SSL context
        final SSLContext aSSLCtx = SSLContext.getInstance("TLS");
        aSSLCtx.init(aKeyManagerFactory.getKeyManagers(), new TrustManager[] { new TrustManagerTrustAll(false) }, null);
        aParticipantClient.setSSLSocketFactory(aSSLCtx.getSocketFactory());
    }
    // Main WS call
    final IParticipantIdentifier aServiceGroupID = PeppolIdentifierFactory.INSTANCE.createParticipantIdentifierWithDefaultScheme(sServiceGroupID);
    if (bCreate) {
        // Create
        aParticipantClient.create(SMP_ID, aServiceGroupID);
        LOGGER.info("Successfully created participant " + aServiceGroupID.getURIEncoded());
    } else {
        // Delete
        aParticipantClient.delete(SMP_ID, aServiceGroupID);
        LOGGER.info("Successfully deleted participant " + aServiceGroupID.getURIEncoded());
    }
}

Also used : ISMLInfo(com.helger.peppol.sml.ISMLInfo) EKeyStoreType(com.helger.security.keystore.EKeyStoreType) SSLContext(javax.net.ssl.SSLContext) KeyStore(java.security.KeyStore) TrustManagerTrustAll(com.helger.commons.ws.TrustManagerTrustAll) ManageParticipantIdentifierServiceCaller(com.helger.peppol.smlclient.ManageParticipantIdentifierServiceCaller) KeyManagerFactory(javax.net.ssl.KeyManagerFactory) IParticipantIdentifier(com.helger.peppolid.IParticipantIdentifier)

Example 10 with TrustManagerTrustAll

use of com.helger.commons.ws.TrustManagerTrustAll in project ph-commons by phax.

the class WSClientConfig method setSSLSocketFactoryTrustAll.

/**
 * Set the {@link SSLSocketFactory} to be used by this client to one that
 * trusts all servers.
 *
 * @param bDebugMode
 *        <code>true</code> for extended debug logging, <code>false</code> for
 *        production.
 * @throws KeyManagementException
 *         if initializing the SSL context failed
 * @return this for chaining
 * @since 9.1.5
 */
@Nonnull
public final WSClientConfig setSSLSocketFactoryTrustAll(final boolean bDebugMode) throws KeyManagementException {
    try {
        final SSLContext aSSLContext = SSLContext.getInstance("TLSv1.2");
        aSSLContext.init(null, new TrustManager[] { new TrustManagerTrustAll(bDebugMode) }, null);
        final SSLSocketFactory aSF = aSSLContext.getSocketFactory();
        return setSSLSocketFactory(aSF);
    } catch (final NoSuchAlgorithmException ex) {
        throw new IllegalStateException("TLS 1.2 is not supported", ex);
    }
}

Also used : SSLContext(javax.net.ssl.SSLContext) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) SSLSocketFactory(javax.net.ssl.SSLSocketFactory) TrustManagerTrustAll(com.helger.commons.ws.TrustManagerTrustAll) Nonnull(javax.annotation.Nonnull)

Aggregations

TrustManagerTrustAll (com.helger.commons.ws.TrustManagerTrustAll)10 SSLContext (javax.net.ssl.SSLContext)10 KeyManagerFactory (javax.net.ssl.KeyManagerFactory)7 KeyStore (java.security.KeyStore)6 Nonnull (javax.annotation.Nonnull)4 HostnameVerifierVerifyAll (com.helger.commons.ws.HostnameVerifierVerifyAll)3 File (java.io.File)2 Certificate (java.security.cert.Certificate)2 X509Certificate (java.security.cert.X509Certificate)2 Nullable (javax.annotation.Nullable)2 SSLSocketFactory (javax.net.ssl.SSLSocketFactory)2 TrustManager (javax.net.ssl.TrustManager)2 Client (javax.ws.rs.client.Client)2 Before (org.junit.Before)2 OverrideOnDemand (com.helger.commons.annotation.OverrideOnDemand)1 ICommonsList (com.helger.commons.collection.impl.ICommonsList)1 PDTFromString (com.helger.commons.datetime.PDTFromString)1 PDTToString (com.helger.commons.datetime.PDTToString)1 ISMLInfo (com.helger.peppol.sml.ISMLInfo)1 ManageParticipantIdentifierServiceCaller (com.helger.peppol.smlclient.ManageParticipantIdentifierServiceCaller)1