Examples with KeyManager javax.net.ssl.KeyManager used on opensource projects

Search in sources :

Example 46 with KeyManager

use of javax.net.ssl.KeyManager in project incubator-pulsar by apache.

the class SecurityUtility method setupKeyManager.

private static KeyManager[] setupKeyManager(KeyStoreHolder ksh, PrivateKey privateKey, Certificate[] certificates) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
    KeyManager[] keyManagers = null;
    if (certificates != null && privateKey != null) {
        ksh.setPrivateKey("private", privateKey, certificates);
        KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        kmf.init(ksh.getKeyStore(), "".toCharArray());
        keyManagers = kmf.getKeyManagers();
    }
    return keyManagers;
}
Also used : KeyManager(javax.net.ssl.KeyManager) KeyManagerFactory(javax.net.ssl.KeyManagerFactory)

Example 47 with KeyManager

use of javax.net.ssl.KeyManager in project incubator-pulsar by apache.

the class DiscoveryServiceWebTest method testTlsEnable.

@Test
public void testTlsEnable() throws Exception {
    // 1. start server with tls enable
    int port = nextFreePort();
    int tlsPort = nextFreePort();
    ServiceConfig config = new ServiceConfig();
    config.setWebServicePort(port);
    config.setWebServicePortTls(tlsPort);
    config.setTlsEnabled(true);
    config.setTlsCertificateFilePath(TLS_SERVER_CERT_FILE_PATH);
    config.setTlsKeyFilePath(TLS_SERVER_KEY_FILE_PATH);
    ServerManager server = new ServerManager(config);
    DiscoveryZooKeeperClientFactoryImpl.zk = mockZookKeeper;
    Map<String, String> params = new TreeMap<>();
    params.put("zookeeperServers", "dummy-value");
    params.put("zookeeperClientFactoryClass", DiscoveryZooKeeperClientFactoryImpl.class.getName());
    server.addServlet("/", DiscoveryServiceServlet.class, params);
    server.start();
    // 2. get ZookeeperCacheLoader to add more brokers
    final String redirect_broker_host = "broker-1";
    List<String> brokers = Lists.newArrayList(redirect_broker_host);
    brokers.stream().forEach(b -> {
        try {
            final String brokerUrl = b + ":" + port;
            final String brokerUrlTls = b + ":" + tlsPort;
            LoadReport report = new LoadReport("http://" + brokerUrl, "https://" + brokerUrlTls, null, null);
            String reportData = ObjectMapperFactory.getThreadLocal().writeValueAsString(report);
            ZkUtils.createFullPathOptimistic(mockZookKeeper, LOADBALANCE_BROKERS_ROOT + "/" + brokerUrl, reportData.getBytes(ZookeeperClientFactoryImpl.ENCODING_SCHEME), ZooDefs.Ids.OPEN_ACL_UNSAFE, CreateMode.PERSISTENT);
        } catch (KeeperException.NodeExistsException ne) {
        // Ok
        } catch (KeeperException | InterruptedException e) {
            e.printStackTrace();
            fail("failed while creating broker znodes");
        } catch (JsonProcessingException e) {
            e.printStackTrace();
            fail("failed while creating broker znodes");
        }
    });
    // 3. https request with tls enable at server side
    String serviceUrl = String.format("https://localhost:%s/", tlsPort);
    String requestUrl = serviceUrl + "admin/namespaces/p1/c1/n1";
    KeyManager[] keyManagers = null;
    TrustManager[] trustManagers = InsecureTrustManagerFactory.INSTANCE.getTrustManagers();
    SSLContext sslCtx = SSLContext.getInstance("TLS");
    sslCtx.init(keyManagers, trustManagers, new SecureRandom());
    HttpsURLConnection.setDefaultSSLSocketFactory(sslCtx.getSocketFactory());
    try {
        InputStream response = new URL(requestUrl).openStream();
        fail("it should give unknown host exception as: discovery service redirects request to: " + redirect_broker_host);
    } catch (Exception e) {
        // 4. Verify: server accepts https request and redirected to one of the available broker host defined into
        // zk. and as broker-service is not up: it should give "UnknownHostException with host=broker-url"
        String host = e.getLocalizedMessage();
        assertEquals(e.getClass(), UnknownHostException.class);
        assertTrue(host.startsWith(redirect_broker_host));
    }
    server.stop();
}
Also used : ServerManager(org.apache.pulsar.discovery.service.server.ServerManager) UnknownHostException(java.net.UnknownHostException) InputStream(java.io.InputStream) SecureRandom(java.security.SecureRandom) SSLContext(javax.net.ssl.SSLContext) TreeMap(java.util.TreeMap) URL(java.net.URL) KeeperException(org.apache.zookeeper.KeeperException) JsonProcessingException(com.fasterxml.jackson.core.JsonProcessingException) UnknownHostException(java.net.UnknownHostException) TrustManager(javax.net.ssl.TrustManager) ServiceConfig(org.apache.pulsar.discovery.service.server.ServiceConfig) LoadReport(org.apache.pulsar.policies.data.loadbalancer.LoadReport) JsonProcessingException(com.fasterxml.jackson.core.JsonProcessingException) KeyManager(javax.net.ssl.KeyManager) KeeperException(org.apache.zookeeper.KeeperException) Test(org.testng.annotations.Test)

Example 48 with KeyManager

use of javax.net.ssl.KeyManager in project ofbiz-framework by apache.

the class SSLUtil method getSSLContext.

public static SSLContext getSSLContext(KeyStore ks, String password, String alias, boolean trustAny) throws IOException, GeneralSecurityException, GenericConfigException {
    KeyManager[] km = SSLUtil.getKeyManagers(ks, password, alias);
    TrustManager[] tm;
    if (trustAny) {
        tm = SSLUtil.getTrustAnyManagers();
    } else {
        tm = SSLUtil.getTrustManagers();
    }
    SSLContext context = SSLContext.getInstance("SSL");
    context.init(km, tm, new SecureRandom());
    return context;
}
Also used : SecureRandom(java.security.SecureRandom) SSLContext(javax.net.ssl.SSLContext) X509KeyManager(javax.net.ssl.X509KeyManager) KeyManager(javax.net.ssl.KeyManager) TrustManager(javax.net.ssl.TrustManager) X509TrustManager(javax.net.ssl.X509TrustManager)

Example 49 with KeyManager

use of javax.net.ssl.KeyManager in project ofbiz-framework by apache.

the class SSLUtil method getSSLContext.

public static SSLContext getSSLContext(String alias, boolean trustAny) throws IOException, GeneralSecurityException, GenericConfigException {
    KeyManager[] km = SSLUtil.getKeyManagers(alias);
    TrustManager[] tm;
    if (trustAny) {
        tm = SSLUtil.getTrustAnyManagers();
    } else {
        tm = SSLUtil.getTrustManagers();
    }
    SSLContext context = SSLContext.getInstance("SSL");
    context.init(km, tm, new SecureRandom());
    return context;
}
Also used : SecureRandom(java.security.SecureRandom) SSLContext(javax.net.ssl.SSLContext) X509KeyManager(javax.net.ssl.X509KeyManager) KeyManager(javax.net.ssl.KeyManager) TrustManager(javax.net.ssl.TrustManager) X509TrustManager(javax.net.ssl.X509TrustManager)

Example 50 with KeyManager

use of javax.net.ssl.KeyManager in project webcert by sklintyg.

the class KeystoreBasedSocketFactory method createSSLContext.

private static SSLContext createSSLContext(final KeyStore truststore) throws NoSuchAlgorithmException, KeyStoreException, UnrecoverableKeyException, KeyManagementException {
    KeyManagerFactory kmfactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
    kmfactory.init(null, null);
    KeyManager[] keymanagers = kmfactory.getKeyManagers();
    TrustManagerFactory tmfactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
    tmfactory.init(truststore);
    TrustManager[] trustmanagers = tmfactory.getTrustManagers();
    SSLContext sslcontext = SSLContext.getInstance(TLS);
    sslcontext.init(keymanagers, trustmanagers, null);
    return sslcontext;
}
Also used : TrustManagerFactory(javax.net.ssl.TrustManagerFactory) SSLContext(javax.net.ssl.SSLContext) KeyManager(javax.net.ssl.KeyManager) JKSKeyManager(org.springframework.security.saml.key.JKSKeyManager) KeyManagerFactory(javax.net.ssl.KeyManagerFactory) TrustManager(javax.net.ssl.TrustManager)

Aggregations

KeyManager (javax.net.ssl.KeyManager)210 SSLContext (javax.net.ssl.SSLContext)127 TrustManager (javax.net.ssl.TrustManager)127 KeyManagerFactory (javax.net.ssl.KeyManagerFactory)103 KeyStore (java.security.KeyStore)95 IOException (java.io.IOException)59 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)59 SecureRandom (java.security.SecureRandom)54 TrustManagerFactory (javax.net.ssl.TrustManagerFactory)54 KeyManagementException (java.security.KeyManagementException)46 X509TrustManager (javax.net.ssl.X509TrustManager)45 KeyStoreException (java.security.KeyStoreException)42 X509KeyManager (javax.net.ssl.X509KeyManager)40 InputStream (java.io.InputStream)33 UnrecoverableKeyException (java.security.UnrecoverableKeyException)32 FileInputStream (java.io.FileInputStream)31 CertificateException (java.security.cert.CertificateException)30 GeneralSecurityException (java.security.GeneralSecurityException)24 X509Certificate (java.security.cert.X509Certificate)23 File (java.io.File)15
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial