Example 56 with KeyManager
use of javax.net.ssl.KeyManager in project fabric8 by fabric8io.
the class WebClients method configureClientCert.
public static void configureClientCert(WebClient webClient, String clientCertData, File clientCertFile, String clientKeyData, File clientKeyFile, String clientKeyAlgo, char[] clientKeyPassword) {
try {
KeyStore keyStore = createKeyStore(clientCertData, clientCertFile, clientKeyData, clientKeyFile, clientKeyAlgo, clientKeyPassword);
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyManagerFactory.init(keyStore, clientKeyPassword);
KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
HTTPConduit conduit = WebClient.getConfig(webClient).getHttpConduit();
TLSClientParameters params = conduit.getTlsClientParameters();
if (params == null) {
params = new TLSClientParameters();
conduit.setTlsClientParameters(params);
}
KeyManager[] existingKeyManagers = params.getKeyManagers();
if (existingKeyManagers != null && existingKeyManagers.length > 0) {
List<KeyManager> list = new ArrayList<>();
list.addAll(Arrays.asList(existingKeyManagers));
list.addAll(Arrays.asList(keyManagers));
keyManagers = list.toArray(new KeyManager[list.size()]);
}
params.setKeyManagers(keyManagers);
} catch (Exception e) {
LOG.error("Could not create key manager for " + clientCertFile + " (" + clientKeyFile + ")", e);
}
}
Also used :
HTTPConduit(org.apache.cxf.transport.http.HTTPConduit)
TLSClientParameters(org.apache.cxf.configuration.jsse.TLSClientParameters)
ArrayList(java.util.ArrayList)
KeyStore(java.security.KeyStore)
KeyManager(javax.net.ssl.KeyManager)
IOException(java.io.IOException)
FileNotFoundException(java.io.FileNotFoundException)
KeyManagerFactory(javax.net.ssl.KeyManagerFactory)
Example 57 with KeyManager
use of javax.net.ssl.KeyManager in project ballerina by ballerina-lang.
the class OpenSecureSocket method getSslContext.
private SSLContext getSslContext(BStruct options) throws UnrecoverableKeyException, CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException, KeyManagementException {
String algorithm = Security.getProperty("ssl.KeyManagerFactory.algorithm");
if (algorithm == null) {
algorithm = "SunX509";
}
if (log.isDebugEnabled()) {
log.debug("SSL algorithm : " + algorithm);
}
String keyStorePath = options.getStringField(SocketConstants.KEY_STORE_OPTION_FIELD_INDEX);
String keyStorePass = options.getStringField(SocketConstants.KEY_STORE_PASS_OPTION_FIELD_INDEX);
String trustStorePath = options.getStringField(SocketConstants.TRUST_STORE_OPTION_FIELD_INDEX);
String trustStorePass = options.getStringField(SocketConstants.TRUST_STORE_PASS_OPTION_FIELD_INDEX);
String certPassword = options.getStringField(SocketConstants.CERT_PASS_OPTION_FIELD_INDEX);
String protocol = options.getStringField(SocketConstants.SSL_PROTOCOL_OPTION_FIELD_INDEX);
String sslProtocol = (protocol == null || protocol.isEmpty()) ? SocketConstants.DEFAULT_SSL_PROTOCOL : options.getStringField(SocketConstants.SSL_PROTOCOL_OPTION_FIELD_INDEX);
if (log.isDebugEnabled()) {
log.debug("KeyStore path: " + keyStorePath);
log.debug("TrustStore path: " + trustStorePath);
log.debug("Protocol: " + sslProtocol);
}
KeyManager[] keyManagers = getKeyManagers(certPassword, keyStorePath, keyStorePass, algorithm);
TrustManager[] trustManagers = getTrustManagers(trustStorePath, trustStorePass, algorithm);
SSLContext sslContext = SSLContext.getInstance(sslProtocol);
sslContext.init(keyManagers, trustManagers, null);
return sslContext;
}
Also used :
SSLContext(javax.net.ssl.SSLContext)
KeyManager(javax.net.ssl.KeyManager)
TrustManager(javax.net.ssl.TrustManager)
Example 58 with KeyManager
use of javax.net.ssl.KeyManager in project activemq-artemis by apache.
the class FailoverStaticNetworkTest method setUp.
@Before
public void setUp() throws Exception {
KeyManager[] km = SslBrokerServiceTest.getKeyManager();
TrustManager[] tm = SslBrokerServiceTest.getTrustManager();
sslContext = new SslContext(km, tm, null);
}
Also used :
KeyManager(javax.net.ssl.KeyManager)
TrustManager(javax.net.ssl.TrustManager)
SslContext(org.apache.activemq.broker.SslContext)
Before(org.junit.Before)
Example 59 with KeyManager
use of javax.net.ssl.KeyManager in project tomcat70 by apache.
the class JSSESocketFactory method getKeyManagers.
/**
* Gets the initialized key managers.
*/
protected KeyManager[] getKeyManagers(String keystoreType, String keystoreProvider, String algorithm, String keyAlias) throws Exception {
KeyManager[] kms = null;
String keystorePass = getKeystorePassword();
KeyStore ks = getKeystore(keystoreType, keystoreProvider, keystorePass);
if (keyAlias != null && !ks.isKeyEntry(keyAlias)) {
throw new IOException(sm.getString("jsse.alias_no_key_entry", keyAlias));
}
KeyManagerFactory kmf = KeyManagerFactory.getInstance(algorithm);
String keyPass = endpoint.getKeyPass();
if (keyPass == null) {
keyPass = keystorePass;
}
kmf.init(ks, keyPass.toCharArray());
kms = kmf.getKeyManagers();
if (keyAlias != null) {
String alias = keyAlias;
if (JSSESocketFactory.defaultKeystoreType.equals(keystoreType)) {
alias = alias.toLowerCase(Locale.ENGLISH);
}
for (int i = 0; i < kms.length; i++) {
kms[i] = new JSSEKeyManager((X509KeyManager) kms[i], alias);
}
}
return kms;
}
Also used :
X509KeyManager(javax.net.ssl.X509KeyManager)
IOException(java.io.IOException)
X509KeyManager(javax.net.ssl.X509KeyManager)
KeyManager(javax.net.ssl.KeyManager)
KeyStore(java.security.KeyStore)
AbstractEndpoint(org.apache.tomcat.util.net.AbstractEndpoint)
KeyManagerFactory(javax.net.ssl.KeyManagerFactory)
Example 60 with KeyManager
use of javax.net.ssl.KeyManager in project k-9 by k9mail.
the class DefaultTrustedSocketFactory method createSocket.
public Socket createSocket(Socket socket, String host, int port, String clientCertificateAlias) throws NoSuchAlgorithmException, KeyManagementException, MessagingException, IOException {
TrustManager[] trustManagers = new TrustManager[] { trustManagerFactory.getTrustManagerForDomain(host, port) };
KeyManager[] keyManagers = null;
if (!TextUtils.isEmpty(clientCertificateAlias)) {
keyManagers = new KeyManager[] { new KeyChainKeyManager(context, clientCertificateAlias) };
}
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(keyManagers, trustManagers, null);
SSLSocketFactory socketFactory = sslContext.getSocketFactory();
Socket trustedSocket;
if (socket == null) {
trustedSocket = socketFactory.createSocket();
} else {
trustedSocket = socketFactory.createSocket(socket, host, port, true);
}
SSLSocket sslSocket = (SSLSocket) trustedSocket;
hardenSocket(sslSocket);
setSniHost(socketFactory, sslSocket, host);
return trustedSocket;
}
Also used :
SSLSocket(javax.net.ssl.SSLSocket)
SSLContext(javax.net.ssl.SSLContext)
SSLSocketFactory(javax.net.ssl.SSLSocketFactory)
KeyManager(javax.net.ssl.KeyManager)
Socket(java.net.Socket)
SSLSocket(javax.net.ssl.SSLSocket)
TrustManager(javax.net.ssl.TrustManager)
Aggregations
KeyManager (javax.net.ssl.KeyManager)210
SSLContext (javax.net.ssl.SSLContext)127
TrustManager (javax.net.ssl.TrustManager)127
KeyManagerFactory (javax.net.ssl.KeyManagerFactory)103
KeyStore (java.security.KeyStore)95
IOException (java.io.IOException)59
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)59
SecureRandom (java.security.SecureRandom)54
TrustManagerFactory (javax.net.ssl.TrustManagerFactory)54
KeyManagementException (java.security.KeyManagementException)46
X509TrustManager (javax.net.ssl.X509TrustManager)45
KeyStoreException (java.security.KeyStoreException)42
X509KeyManager (javax.net.ssl.X509KeyManager)40
InputStream (java.io.InputStream)33
UnrecoverableKeyException (java.security.UnrecoverableKeyException)32
FileInputStream (java.io.FileInputStream)31
CertificateException (java.security.cert.CertificateException)30
GeneralSecurityException (java.security.GeneralSecurityException)24
X509Certificate (java.security.cert.X509Certificate)23
File (java.io.File)15
