Example 46 with SSLContext
use of javax.net.ssl.SSLContext in project spring-boot by spring-projects.
the class UndertowServletWebServerFactory method configureSsl.
private void configureSsl(Ssl ssl, int port, Builder builder) {
try {
SSLContext sslContext = SSLContext.getInstance(ssl.getProtocol());
sslContext.init(getKeyManagers(), getTrustManagers(), null);
builder.addHttpsListener(port, getListenAddress(), sslContext);
builder.setSocketOption(Options.SSL_CLIENT_AUTH_MODE, getSslClientAuthMode(ssl));
if (ssl.getEnabledProtocols() != null) {
builder.setSocketOption(Options.SSL_ENABLED_PROTOCOLS, Sequence.of(ssl.getEnabledProtocols()));
}
if (ssl.getCiphers() != null) {
builder.setSocketOption(Options.SSL_ENABLED_CIPHER_SUITES, Sequence.of(ssl.getCiphers()));
}
} catch (NoSuchAlgorithmException ex) {
throw new IllegalStateException(ex);
} catch (KeyManagementException ex) {
throw new IllegalStateException(ex);
}
}
Also used :
SSLContext(javax.net.ssl.SSLContext)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
KeyManagementException(java.security.KeyManagementException)
Example 47 with SSLContext
use of javax.net.ssl.SSLContext in project camel by apache.
the class JettySolrFactory method installAllTrustingClientSsl.
private static void installAllTrustingClientSsl() throws KeyManagementException, NoSuchAlgorithmException, KeyStoreException {
SSLContextBuilder builder = new SSLContextBuilder();
builder.loadTrustMaterial(null, new TrustSelfSignedStrategy());
// // Create a trust manager that does not validate certificate chains
final TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
@Override
public void checkClientTrusted(final X509Certificate[] chain, final String authType) {
}
@Override
public void checkServerTrusted(final X509Certificate[] chain, final String authType) {
}
@Override
public X509Certificate[] getAcceptedIssuers() {
return null;
}
} };
final SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, trustAllCerts, new java.security.SecureRandom());
SSLContext.setDefault(sslContext);
// // Install the all-trusting trust manager
// final SSLContext sslContext = SSLContext.getInstance( "SSL" );
// sslContext.init( null, trustAllCerts, new
// java.security.SecureRandom() );
// // Create an ssl socket factory with our all-trusting manager
// final SSLSocketFactory sslSocketFactory =
// sslContext.getSocketFactory();
// HttpsURLConnection.setDefaultSSLSocketFactory(sslSocketFactory);
}
Also used :
X509TrustManager(javax.net.ssl.X509TrustManager)
SSLContext(javax.net.ssl.SSLContext)
SSLContextBuilder(org.apache.http.conn.ssl.SSLContextBuilder)
TrustSelfSignedStrategy(org.apache.http.conn.ssl.TrustSelfSignedStrategy)
X509Certificate(java.security.cert.X509Certificate)
TrustManager(javax.net.ssl.TrustManager)
X509TrustManager(javax.net.ssl.X509TrustManager)
Example 48 with SSLContext
use of javax.net.ssl.SSLContext in project camel by apache.
the class WebsocketSSLContextInUriRouteExampleTest method createAsyncHttpSSLClient.
protected AsyncHttpClient createAsyncHttpSSLClient() throws IOException, GeneralSecurityException {
AsyncHttpClient c;
AsyncHttpClientConfig config;
DefaultAsyncHttpClientConfig.Builder builder = new DefaultAsyncHttpClientConfig.Builder();
SSLContext sslContext = new SSLContextParameters().createSSLContext(context());
JdkSslContext ssl = new JdkSslContext(sslContext, true, ClientAuth.REQUIRE);
builder.setSslContext(ssl);
builder.setAcceptAnyCertificate(true);
config = builder.build();
c = new DefaultAsyncHttpClient(config);
return c;
}
Also used :
JdkSslContext(io.netty.handler.ssl.JdkSslContext)
RouteBuilder(org.apache.camel.builder.RouteBuilder)
AsyncHttpClientConfig(org.asynchttpclient.AsyncHttpClientConfig)
DefaultAsyncHttpClientConfig(org.asynchttpclient.DefaultAsyncHttpClientConfig)
DefaultAsyncHttpClientConfig(org.asynchttpclient.DefaultAsyncHttpClientConfig)
DefaultAsyncHttpClient(org.asynchttpclient.DefaultAsyncHttpClient)
SSLContext(javax.net.ssl.SSLContext)
AsyncHttpClient(org.asynchttpclient.AsyncHttpClient)
DefaultAsyncHttpClient(org.asynchttpclient.DefaultAsyncHttpClient)
SSLContextParameters(org.apache.camel.util.jsse.SSLContextParameters)
Example 49 with SSLContext
use of javax.net.ssl.SSLContext in project camel by apache.
the class WebsocketSSLRouteExampleTest method createAsyncHttpSSLClient.
protected AsyncHttpClient createAsyncHttpSSLClient() throws IOException, GeneralSecurityException {
AsyncHttpClient c;
AsyncHttpClientConfig config;
DefaultAsyncHttpClientConfig.Builder builder = new DefaultAsyncHttpClientConfig.Builder();
SSLContext sslContext = new SSLContextParameters().createSSLContext(context());
JdkSslContext ssl = new JdkSslContext(sslContext, true, ClientAuth.REQUIRE);
builder.setSslContext(ssl);
builder.setAcceptAnyCertificate(true);
config = builder.build();
c = new DefaultAsyncHttpClient(config);
return c;
}
Also used :
JdkSslContext(io.netty.handler.ssl.JdkSslContext)
RouteBuilder(org.apache.camel.builder.RouteBuilder)
AsyncHttpClientConfig(org.asynchttpclient.AsyncHttpClientConfig)
DefaultAsyncHttpClientConfig(org.asynchttpclient.DefaultAsyncHttpClientConfig)
DefaultAsyncHttpClientConfig(org.asynchttpclient.DefaultAsyncHttpClientConfig)
DefaultAsyncHttpClient(org.asynchttpclient.DefaultAsyncHttpClient)
SSLContext(javax.net.ssl.SSLContext)
AsyncHttpClient(org.asynchttpclient.AsyncHttpClient)
DefaultAsyncHttpClient(org.asynchttpclient.DefaultAsyncHttpClient)
SSLContextParameters(org.apache.camel.util.jsse.SSLContextParameters)
Example 50 with SSLContext
use of javax.net.ssl.SSLContext in project flink by apache.
the class SSLUtilsTest method testCreateSSLServerContextMisconfiguration.
/**
* Tests if SSL Server Context creation fails with bad SSL configuration
*/
@Test
public void testCreateSSLServerContextMisconfiguration() {
Configuration serverConfig = new Configuration();
serverConfig.setBoolean(ConfigConstants.SECURITY_SSL_ENABLED, true);
serverConfig.setString(ConfigConstants.SECURITY_SSL_KEYSTORE, "src/test/resources/local127.keystore");
serverConfig.setString(ConfigConstants.SECURITY_SSL_KEYSTORE_PASSWORD, "badpassword");
serverConfig.setString(ConfigConstants.SECURITY_SSL_KEY_PASSWORD, "badpassword");
try {
SSLContext serverContext = SSLUtils.createSSLServerContext(serverConfig);
Assert.fail("SSL server context created even with bad SSL configuration ");
} catch (Exception e) {
// Exception here is valid
}
}
Also used :
Configuration(org.apache.flink.configuration.Configuration)
SSLContext(javax.net.ssl.SSLContext)
Test(org.junit.Test)
Aggregations
SSLContext (javax.net.ssl.SSLContext)745
IOException (java.io.IOException)171
TrustManager (javax.net.ssl.TrustManager)139
KeyStore (java.security.KeyStore)130
TrustManagerFactory (javax.net.ssl.TrustManagerFactory)112
SecureRandom (java.security.SecureRandom)110
X509TrustManager (javax.net.ssl.X509TrustManager)107
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)106
KeyManagementException (java.security.KeyManagementException)92
KeyManagerFactory (javax.net.ssl.KeyManagerFactory)92
CertificateException (java.security.cert.CertificateException)84
X509Certificate (java.security.cert.X509Certificate)84
SSLSocketFactory (javax.net.ssl.SSLSocketFactory)69
Test (org.junit.Test)65
SSLSocket (javax.net.ssl.SSLSocket)64
InputStream (java.io.InputStream)59
FileInputStream (java.io.FileInputStream)56
SSLEngine (javax.net.ssl.SSLEngine)54
KeyManager (javax.net.ssl.KeyManager)52
KeyStoreException (java.security.KeyStoreException)45
