Examples with TrustManager javax.net.ssl.TrustManager used on opensource projects

Example 76 with TrustManager

use of javax.net.ssl.TrustManager in project ddf by codice.

the class AuthSSLProtocolSocketFactory method createTrustManagers.

private static TrustManager[] createTrustManagers(final KeyStore keystore) throws KeyStoreException, NoSuchAlgorithmException {
    if (keystore == null) {
        throw new IllegalArgumentException("Keystore may not be null");
    }
    LOG.debug("Initializing trust manager");
    TrustManagerFactory tmfactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
    tmfactory.init(keystore);
    TrustManager[] trustmanagers = tmfactory.getTrustManagers();
    for (int i = 0; i < trustmanagers.length; i++) {
        if (trustmanagers[i] instanceof X509TrustManager) {
            trustmanagers[i] = new AuthSSLX509TrustManager((X509TrustManager) trustmanagers[i]);
        }
    }
    return trustmanagers;
}

Example 77 with TrustManager

use of javax.net.ssl.TrustManager in project bnd by bndtools.

the class HttpsUtil method disableServerVerification.

static void disableServerVerification(URLConnection connection) throws GeneralSecurityException {
    if (!(connection instanceof HttpsURLConnection))
        return;
    HttpsURLConnection httpsConnection = (HttpsURLConnection) connection;
    TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {

        public X509Certificate[] getAcceptedIssuers() {
            return null;
        }

        public void checkServerTrusted(X509Certificate[] certs, String authType) throws CertificateException {
        }

        public void checkClientTrusted(X509Certificate[] certs, String authType) throws CertificateException {
        }
    } };
    SSLContext sslContext = SSLContext.getInstance("TLS");
    sslContext.init(null, trustAllCerts, new SecureRandom());
    SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();
    httpsConnection.setSSLSocketFactory(sslSocketFactory);
    HostnameVerifier trustAnyHost = new HostnameVerifier() {

        public boolean verify(String string, SSLSession session) {
            return true;
        }
    };
    httpsConnection.setHostnameVerifier(trustAnyHost);
}

Example 78 with TrustManager

use of javax.net.ssl.TrustManager in project BBS-Android by bdpqchen.

the class RxDoHttpClient method getUnsafeOkHttpClient.

public static OkHttpClient.Builder getUnsafeOkHttpClient() {
    try {
        // Create a trust manager that does not validate certificate chains
        final TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {

            @Override
            public void checkClientTrusted(java.security.cert.X509Certificate[] chain, String authType) throws CertificateException {
            }

            @Override
            public void checkServerTrusted(java.security.cert.X509Certificate[] chain, String authType) throws CertificateException {
            }

            @Override
            public java.security.cert.X509Certificate[] getAcceptedIssuers() {
                return new java.security.cert.X509Certificate[] {};
            }
        } };
        // Install the all-trusting trust manager
        final SSLContext sslContext = SSLContext.getInstance("SSL");
        sslContext.init(null, trustAllCerts, new java.security.SecureRandom());
        // Create an ssl socket factory with our all-trusting manager
        final SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();
        OkHttpClient.Builder okHttpClient = new OkHttpClient.Builder();
        okHttpClient.sslSocketFactory(sslSocketFactory);
        okHttpClient.protocols(Collections.singletonList(Protocol.HTTP_1_1));
        okHttpClient.hostnameVerifier((hostname, session) -> true);
        return okHttpClient;
    } catch (Exception e) {
        throw new RuntimeException(e);
    }
}

Example 79 with TrustManager

use of javax.net.ssl.TrustManager in project jabref by JabRef.

the class URLDownload method bypassSSLVerification.

/**
     * Older java VMs does not automatically trust the zbMATH certificate. In this case the following exception is
     * thrown: sun.security.validator.ValidatorException: PKIX path building failed:
     * sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested
     * target JM > 8u101 may trust the certificate by default according to http://stackoverflow.com/a/34111150/873661
     *
     * We will fix this issue by accepting all (!) certificates. This is ugly; but as JabRef does not rely on
     * security-relevant information this is kind of OK (no, actually it is not...).
     *
     * Taken from http://stackoverflow.com/a/6055903/873661
     */
public static void bypassSSLVerification() {
    LOGGER.warn("Fix SSL exceptions by accepting ALL certificates");
    // Create a trust manager that does not validate certificate chains
    TrustManager[] trustAllCerts = { new X509TrustManager() {

        @Override
        public void checkClientTrusted(X509Certificate[] chain, String authType) {
        }

        @Override
        public void checkServerTrusted(X509Certificate[] chain, String authType) {
        }

        @Override
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }
    } };
    // Install the all-trusting trust manager
    try {
        SSLContext context = SSLContext.getInstance("TLS");
        context.init(null, trustAllCerts, new SecureRandom());
        HttpsURLConnection.setDefaultSSLSocketFactory(context.getSocketFactory());
    } catch (Exception e) {
        LOGGER.error("A problem occurred when bypassing SSL verification", e);
    }
}

Example 80 with TrustManager

use of javax.net.ssl.TrustManager in project opennms by OpenNMS.

the class TsrmTicketerPlugin method getService.

private SHSIMPINCPortType getService() {
    final SHSIMPINC service = new SHSIMPINC();
    port = service.getSHSIMPINCSOAP12Port();
    final Client cxfClient = ClientProxy.getClient(port);
    try {
        cxfClient.getRequestContext().put(Message.ENDPOINT_ADDRESS, getProperties().getProperty("tsrm.url"));
        final HTTPConduit http = (HTTPConduit) cxfClient.getConduit();
        String stictSSL = getProperties().getProperty("tsrm.ssl.strict");
        if (!Boolean.parseBoolean(stictSSL)) {
            LOG.debug("Disabling strict SSL checking.");
            // Accept all certificates
            final TrustManager[] simpleTrustManager = new TrustManager[] { new AnyServerX509TrustManager() };
            final TLSClientParameters tlsParams = new TLSClientParameters();
            tlsParams.setTrustManagers(simpleTrustManager);
            tlsParams.setDisableCNCheck(true);
            http.setTlsClientParameters(tlsParams);
        }
    } catch (IOException e) {
        LOG.error("Unable to load tsrm properties ", e);
    }
    // Log incoming and outgoing requests
    LoggingInInterceptor loggingInInterceptor = new LoggingInInterceptor();
    loggingInInterceptor.setPrettyLogging(true);
    cxfClient.getInInterceptors().add(loggingInInterceptor);
    LoggingOutInterceptor loggingOutInterceptor = new LoggingOutInterceptor();
    loggingOutInterceptor.setPrettyLogging(true);
    cxfClient.getOutInterceptors().add(loggingOutInterceptor);
    return port;
}