Example 26 with TrustManager
use of javax.net.ssl.TrustManager in project OpenAttestation by OpenAttestation.
the class X509Util method createX509TrustManagerWithCertificates.
/**
*
* @deprecated use TlsPolicy instead
* @param certificates
* @return
* @throws KeyManagementException
*/
public static X509TrustManager createX509TrustManagerWithCertificates(X509Certificate[] certificates) throws KeyManagementException {
try {
TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(KeyStoreUtil.createTrustedSslKeystore(certificates));
TrustManager[] tms = tmf.getTrustManagers();
for (TrustManager tm : tms) {
if (tm instanceof X509TrustManager) {
return (X509TrustManager) tm;
}
}
} catch (NoSuchAlgorithmException | IOException | CertificateException | UnrecoverableEntryException | KeyStoreException e) {
throw new KeyManagementException("Cannot create X509TrustManager", e);
}
throw new IllegalArgumentException("TrustManagerFactory did not return an X509TrustManager instance");
}
Also used :
X509TrustManager(javax.net.ssl.X509TrustManager)
TrustManagerFactory(javax.net.ssl.TrustManagerFactory)
UnrecoverableEntryException(java.security.UnrecoverableEntryException)
CertificateException(java.security.cert.CertificateException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
IOException(java.io.IOException)
KeyStoreException(java.security.KeyStoreException)
KeyManagementException(java.security.KeyManagementException)
TrustManager(javax.net.ssl.TrustManager)
X509TrustManager(javax.net.ssl.X509TrustManager)
Example 27 with TrustManager
use of javax.net.ssl.TrustManager in project OpenGrok by OpenGrok.
the class Query method createHttpsUrlConnection.
private HttpsURLConnection createHttpsUrlConnection(URL url) {
try {
System.setProperty("jsse.enableSNIExtension", "false");
TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
@Override
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
@Override
public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) {
}
@Override
public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) {
}
} };
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new java.security.SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
@Override
public boolean verify(String arg0, SSLSession arg1) {
return true;
}
});
return (HttpsURLConnection) url.openConnection();
} catch (Exception ex) {
handleException(ex);
}
return null;
}
Also used :
SSLSession(javax.net.ssl.SSLSession)
SSLContext(javax.net.ssl.SSLContext)
ParseException(org.json.simple.parser.ParseException)
TrustManager(javax.net.ssl.TrustManager)
X509TrustManager(javax.net.ssl.X509TrustManager)
HostnameVerifier(javax.net.ssl.HostnameVerifier)
X509TrustManager(javax.net.ssl.X509TrustManager)
HttpsURLConnection(javax.net.ssl.HttpsURLConnection)
Example 28 with TrustManager
use of javax.net.ssl.TrustManager in project languagetool by languagetool-org.
the class HTTPTools method disableCertChecks.
/**
* For testing, we disable all checks because we use a self-signed certificate on the server
* side and we want this test to run everywhere without importing the certificate into the JVM's trust store.
*
* See http://stackoverflow.com/questions/2893819/telling-java-to-accept-self-signed-ssl-certificate
*/
static void disableCertChecks() throws NoSuchAlgorithmException, KeyManagementException {
TrustManager[] trustAllCerts = { new X509TrustManager() {
@Override
public X509Certificate[] getAcceptedIssuers() {
return null;
}
@Override
public void checkClientTrusted(X509Certificate[] certs, String authType) {
}
@Override
public void checkServerTrusted(X509Certificate[] certs, String authType) {
}
} };
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
}
Also used :
X509TrustManager(javax.net.ssl.X509TrustManager)
SecureRandom(java.security.SecureRandom)
SSLContext(javax.net.ssl.SSLContext)
X509Certificate(java.security.cert.X509Certificate)
TrustManager(javax.net.ssl.TrustManager)
X509TrustManager(javax.net.ssl.X509TrustManager)
Example 29 with TrustManager
use of javax.net.ssl.TrustManager in project jfinal by jfinal.
the class HttpKit method initSSLSocketFactory.
private static SSLSocketFactory initSSLSocketFactory() {
try {
TrustManager[] tm = { new HttpKit().new TrustAnyTrustManager() };
// ("TLS", "SunJSSE");
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, tm, new java.security.SecureRandom());
return sslContext.getSocketFactory();
} catch (Exception e) {
throw new RuntimeException(e);
}
}
Also used :
SSLContext(javax.net.ssl.SSLContext)
IOException(java.io.IOException)
KeyManagementException(java.security.KeyManagementException)
CertificateException(java.security.cert.CertificateException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
UnsupportedEncodingException(java.io.UnsupportedEncodingException)
NoSuchProviderException(java.security.NoSuchProviderException)
TrustManager(javax.net.ssl.TrustManager)
X509TrustManager(javax.net.ssl.X509TrustManager)
Example 30 with TrustManager
use of javax.net.ssl.TrustManager in project okhttp-OkGo by jeasonlzy.
the class HttpsUtils method getSslSocketFactory.
public static SSLParams getSslSocketFactory(X509TrustManager trustManager, InputStream bksFile, String password, InputStream[] certificates) {
SSLParams sslParams = new SSLParams();
try {
KeyManager[] keyManagers = prepareKeyManager(bksFile, password);
TrustManager[] trustManagers = prepareTrustManager(certificates);
X509TrustManager manager;
if (trustManager != null) {
//优先使用用户自定义的TrustManager
manager = trustManager;
} else if (trustManagers != null) {
//然后使用默认的TrustManager
manager = chooseTrustManager(trustManagers);
} else {
//否则使用不安全的TrustManager
manager = UnSafeTrustManager;
}
// 创建TLS类型的SSLContext对象, that uses our TrustManager
SSLContext sslContext = SSLContext.getInstance("TLS");
// 用上面得到的trustManagers初始化SSLContext,这样sslContext就会信任keyStore中的证书
// 第一个参数是授权的密钥管理器,用来授权验证,比如授权自签名的证书验证。第二个是被授权的证书管理器,用来验证服务器端的证书
sslContext.init(keyManagers, new TrustManager[] { manager }, null);
// 通过sslContext获取SSLSocketFactory对象
sslParams.sSLSocketFactory = sslContext.getSocketFactory();
sslParams.trustManager = manager;
return sslParams;
} catch (NoSuchAlgorithmException e) {
throw new AssertionError(e);
} catch (KeyManagementException e) {
throw new AssertionError(e);
}
}
Also used :
X509TrustManager(javax.net.ssl.X509TrustManager)
SSLContext(javax.net.ssl.SSLContext)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
KeyManager(javax.net.ssl.KeyManager)
KeyManagementException(java.security.KeyManagementException)
TrustManager(javax.net.ssl.TrustManager)
X509TrustManager(javax.net.ssl.X509TrustManager)
Aggregations
TrustManager (javax.net.ssl.TrustManager)229
SSLContext (javax.net.ssl.SSLContext)139
X509TrustManager (javax.net.ssl.X509TrustManager)139
TrustManagerFactory (javax.net.ssl.TrustManagerFactory)90
X509Certificate (java.security.cert.X509Certificate)70
IOException (java.io.IOException)60
KeyStore (java.security.KeyStore)60
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)60
SecureRandom (java.security.SecureRandom)58
KeyManagementException (java.security.KeyManagementException)54
KeyManager (javax.net.ssl.KeyManager)52
CertificateException (java.security.cert.CertificateException)43
KeyStoreException (java.security.KeyStoreException)37
KeyManagerFactory (javax.net.ssl.KeyManagerFactory)34
HostnameVerifier (javax.net.ssl.HostnameVerifier)23
URL (java.net.URL)22
GeneralSecurityException (java.security.GeneralSecurityException)22
SSLSocketFactory (javax.net.ssl.SSLSocketFactory)20
InputStream (java.io.InputStream)18
FileInputStream (java.io.FileInputStream)16
