Example 1 with DelegatingSSLSocketFactory
use of com.ibm.watson.developer_cloud.service.security.DelegatingSSLSocketFactory in project java-sdk by watson-developer-cloud.
the class HttpClientSingleton method setupTLSProtocol.
/**
* Specifically enable all TLS protocols. See: https://github.com/watson-developer-cloud/java-sdk/issues/610
*
* @param builder the {@link OkHttpClient} builder.
*/
private void setupTLSProtocol(final OkHttpClient.Builder builder) {
try {
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init((KeyStore) null);
TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
if (trustManagers.length != 1 || !(trustManagers[0] instanceof X509TrustManager)) {
throw new IllegalStateException("Unexpected default trust managers:" + Arrays.toString(trustManagers));
}
X509TrustManager trustManager = (X509TrustManager) trustManagers[0];
System.setProperty("com.ibm.jsse2.overrideDefaultTLS", "true");
SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
sslContext.init(null, new TrustManager[] { trustManager }, null);
SSLSocketFactory sslSocketFactory = new DelegatingSSLSocketFactory(sslContext.getSocketFactory()) {
@Override
protected SSLSocket configureSocket(SSLSocket socket) throws IOException {
socket.setEnabledProtocols(new String[] { TlsVersion.TLS_1_0.javaName(), TlsVersion.TLS_1_1.javaName(), TlsVersion.TLS_1_2.javaName() });
return socket;
}
};
builder.sslSocketFactory(sslSocketFactory, trustManager);
} catch (NoSuchAlgorithmException e) {
LOG.log(Level.SEVERE, "The cryptographic algorithm requested is not available in the environment.", e);
} catch (KeyStoreException e) {
LOG.log(Level.SEVERE, "Error using the keystore.", e);
} catch (KeyManagementException e) {
LOG.log(Level.SEVERE, "Error initializing the SSL Context.", e);
}
}
Also used :
X509TrustManager(javax.net.ssl.X509TrustManager)
DelegatingSSLSocketFactory(com.ibm.watson.developer_cloud.service.security.DelegatingSSLSocketFactory)
TrustManagerFactory(javax.net.ssl.TrustManagerFactory)
SSLSocket(javax.net.ssl.SSLSocket)
SSLContext(javax.net.ssl.SSLContext)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
KeyStoreException(java.security.KeyStoreException)
DelegatingSSLSocketFactory(com.ibm.watson.developer_cloud.service.security.DelegatingSSLSocketFactory)
SSLSocketFactory(javax.net.ssl.SSLSocketFactory)
KeyManagementException(java.security.KeyManagementException)
TrustManager(javax.net.ssl.TrustManager)
X509TrustManager(javax.net.ssl.X509TrustManager)
Aggregations
DelegatingSSLSocketFactory (com.ibm.watson.developer_cloud.service.security.DelegatingSSLSocketFactory)1
KeyManagementException (java.security.KeyManagementException)1
KeyStoreException (java.security.KeyStoreException)1
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1
SSLContext (javax.net.ssl.SSLContext)1
SSLSocket (javax.net.ssl.SSLSocket)1
SSLSocketFactory (javax.net.ssl.SSLSocketFactory)1
TrustManager (javax.net.ssl.TrustManager)1
TrustManagerFactory (javax.net.ssl.TrustManagerFactory)1
X509TrustManager (javax.net.ssl.X509TrustManager)1
