Example 36 with SSLPeerUnverifiedException
use of javax.net.ssl.SSLPeerUnverifiedException in project activemq-artemis by apache.
the class CertificateUtil method getCertsFromChannel.
public static X509Certificate[] getCertsFromChannel(Channel channel) {
X509Certificate[] certificates = null;
ChannelHandler channelHandler = channel.pipeline().get("ssl");
if (channelHandler != null && channelHandler instanceof SslHandler) {
SslHandler sslHandler = (SslHandler) channelHandler;
try {
certificates = sslHandler.engine().getSession().getPeerCertificateChain();
} catch (SSLPeerUnverifiedException e) {
// ignore
}
}
return certificates;
}
Also used :
SSLPeerUnverifiedException(javax.net.ssl.SSLPeerUnverifiedException)
ChannelHandler(io.netty.channel.ChannelHandler)
X509Certificate(javax.security.cert.X509Certificate)
SslHandler(io.netty.handler.ssl.SslHandler)
Example 37 with SSLPeerUnverifiedException
use of javax.net.ssl.SSLPeerUnverifiedException in project activemq-artemis by apache.
the class CertificateUtil method getPeerPrincipalFromConnection.
public static Principal getPeerPrincipalFromConnection(RemotingConnection remotingConnection) {
Principal result = null;
if (remotingConnection != null) {
Connection transportConnection = remotingConnection.getTransportConnection();
if (transportConnection instanceof NettyConnection) {
NettyConnection nettyConnection = (NettyConnection) transportConnection;
ChannelHandler channelHandler = nettyConnection.getChannel().pipeline().get("ssl");
if (channelHandler != null && channelHandler instanceof SslHandler) {
SslHandler sslHandler = (SslHandler) channelHandler;
try {
result = sslHandler.engine().getSession().getPeerPrincipal();
} catch (SSLPeerUnverifiedException ignored) {
}
}
}
}
return result;
}
Also used :
NettyConnection(org.apache.activemq.artemis.core.remoting.impl.netty.NettyConnection)
SSLPeerUnverifiedException(javax.net.ssl.SSLPeerUnverifiedException)
Connection(org.apache.activemq.artemis.spi.core.remoting.Connection)
NettyConnection(org.apache.activemq.artemis.core.remoting.impl.netty.NettyConnection)
RemotingConnection(org.apache.activemq.artemis.spi.core.protocol.RemotingConnection)
ChannelHandler(io.netty.channel.ChannelHandler)
Principal(java.security.Principal)
SslHandler(io.netty.handler.ssl.SslHandler)
Example 38 with SSLPeerUnverifiedException
use of javax.net.ssl.SSLPeerUnverifiedException in project okhttp by square.
the class CertificateChainCleanerTest method chainTooLong.
@Test
public void chainTooLong() {
List<HeldCertificate> heldCertificates = chainOfLength(11);
List<Certificate> certificates = new ArrayList<>();
for (HeldCertificate heldCertificate : heldCertificates) {
certificates.add(heldCertificate.certificate());
}
X509Certificate root = heldCertificates.get(heldCertificates.size() - 1).certificate();
CertificateChainCleaner cleaner = CertificateChainCleaner.Companion.get(root);
try {
cleaner.clean(certificates, "hostname");
fail();
} catch (SSLPeerUnverifiedException expected) {
}
}
Also used :
SSLPeerUnverifiedException(javax.net.ssl.SSLPeerUnverifiedException)
HeldCertificate(okhttp3.tls.HeldCertificate)
ArrayList(java.util.ArrayList)
X509Certificate(java.security.cert.X509Certificate)
CertificateChainCleaner(okhttp3.internal.tls.CertificateChainCleaner)
X509Certificate(java.security.cert.X509Certificate)
Certificate(java.security.cert.Certificate)
HeldCertificate(okhttp3.tls.HeldCertificate)
Test(org.junit.jupiter.api.Test)
Example 39 with SSLPeerUnverifiedException
use of javax.net.ssl.SSLPeerUnverifiedException in project okhttp by square.
the class CertificateChainCleanerTest method normalizeUnknownSelfSignedCertificate.
@Test
public void normalizeUnknownSelfSignedCertificate() {
HeldCertificate root = new HeldCertificate.Builder().serialNumber(1L).build();
CertificateChainCleaner cleaner = CertificateChainCleaner.Companion.get();
try {
cleaner.clean(list(root), "hostname");
fail();
} catch (SSLPeerUnverifiedException expected) {
}
}
Also used :
SSLPeerUnverifiedException(javax.net.ssl.SSLPeerUnverifiedException)
HeldCertificate(okhttp3.tls.HeldCertificate)
CertificateChainCleaner(okhttp3.internal.tls.CertificateChainCleaner)
Test(org.junit.jupiter.api.Test)
Example 40 with SSLPeerUnverifiedException
use of javax.net.ssl.SSLPeerUnverifiedException in project okhttp by square.
the class ConnectionCoalescingTest method skipsOnRedirectWhenCertificatePinningFails.
@Test
public void skipsOnRedirectWhenCertificatePinningFails() throws Exception {
CertificatePinner pinner = new CertificatePinner.Builder().add("san.com", "sha1/afwiKY3RxoMmLkuRW1l7QsPZTJPwDS2pdDROQjXw8ig=").build();
client = client.newBuilder().certificatePinner(pinner).build();
server.enqueue(new MockResponse().setResponseCode(301).addHeader("Location", url.newBuilder().host("san.com").build()));
server.enqueue(new MockResponse());
try {
execute(url);
fail("expected a failed attempt to connect");
} catch (SSLPeerUnverifiedException expected) {
}
}
Also used :
MockResponse(mockwebserver3.MockResponse)
SSLPeerUnverifiedException(javax.net.ssl.SSLPeerUnverifiedException)
Test(org.junit.jupiter.api.Test)
Aggregations
SSLPeerUnverifiedException (javax.net.ssl.SSLPeerUnverifiedException)109
X509Certificate (java.security.cert.X509Certificate)40
Certificate (java.security.cert.Certificate)39
SSLSession (javax.net.ssl.SSLSession)27
SSLSocket (javax.net.ssl.SSLSocket)23
IOException (java.io.IOException)18
CertificateException (java.security.cert.CertificateException)14
SSLException (javax.net.ssl.SSLException)14
X509Certificate (javax.security.cert.X509Certificate)12
Principal (java.security.Principal)11
Test (org.junit.jupiter.api.Test)11
Test (org.junit.Test)8
InetSocketAddress (java.net.InetSocketAddress)7
SSLHandshakeException (javax.net.ssl.SSLHandshakeException)7
SSLSocketFactory (javax.net.ssl.SSLSocketFactory)7
CertificateEncodingException (java.security.cert.CertificateEncodingException)6
HttpsURLConnection (javax.net.ssl.HttpsURLConnection)6
MockResponse (mockwebserver3.MockResponse)6
Request (okhttp3.Request)6
UnknownHostException (java.net.UnknownHostException)5
