Example 51 with X509TrustManager
use of javax.net.ssl.X509TrustManager in project zm-mailbox by Zimbra.
the class SSLUtil method getDummySSLContext.
/**
* Returns an SSLContext that can be used to create SSL connections without
* certificates. This is obviously insecure and should only be used for
* testing.
*
* @return an SSLContext that trusts all certificates
*/
public static SSLContext getDummySSLContext() {
TrustManager tm = new X509TrustManager() {
public void checkClientTrusted(X509Certificate[] cert, String authType) {
// trust all certs
}
public void checkServerTrusted(X509Certificate[] cert, String authType) {
// trust all certs
}
public X509Certificate[] getAcceptedIssuers() {
return null;
}
};
try {
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, new TrustManager[] { tm }, null);
return sc;
} catch (Exception e) {
throw new IllegalStateException("Could not create SSL context", e);
}
}
Also used :
X509TrustManager(javax.net.ssl.X509TrustManager)
SSLContext(javax.net.ssl.SSLContext)
X509Certificate(java.security.cert.X509Certificate)
X509TrustManager(javax.net.ssl.X509TrustManager)
TrustManager(javax.net.ssl.TrustManager)
Example 52 with X509TrustManager
use of javax.net.ssl.X509TrustManager in project maven-plugins by apache.
the class ProjectInfoReportUtils method getURLConnection.
/**
* @param url not null
* @param project not null
* @param settings not null
* @return the url connection with auth if required. Don't check the certificate if SSL scheme.
* @throws IOException if any
*/
private static URLConnection getURLConnection(URL url, MavenProject project, Settings settings) throws IOException {
URLConnection conn = url.openConnection();
conn.setConnectTimeout(TIMEOUT);
conn.setReadTimeout(TIMEOUT);
//@formatter:off
if (settings.getServers() != null && !settings.getServers().isEmpty() && project != null && project.getDistributionManagement() != null && (project.getDistributionManagement().getRepository() != null || project.getDistributionManagement().getSnapshotRepository() != null) && (StringUtils.isNotEmpty(project.getDistributionManagement().getRepository().getUrl()) || StringUtils.isNotEmpty(project.getDistributionManagement().getSnapshotRepository().getUrl()))) //@formatter:on
{
Server server = null;
if (url.toString().contains(project.getDistributionManagement().getRepository().getUrl())) {
server = settings.getServer(project.getDistributionManagement().getRepository().getId());
}
if (server == null && url.toString().contains(project.getDistributionManagement().getSnapshotRepository().getUrl())) {
server = settings.getServer(project.getDistributionManagement().getSnapshotRepository().getId());
}
if (server != null && StringUtils.isNotEmpty(server.getUsername()) && StringUtils.isNotEmpty(server.getPassword())) {
String up = server.getUsername().trim() + ":" + server.getPassword().trim();
String upEncoded = new String(Base64.encodeBase64Chunked(up.getBytes())).trim();
conn.setRequestProperty("Authorization", "Basic " + upEncoded);
}
}
if (conn instanceof HttpsURLConnection) {
HostnameVerifier hostnameverifier = new HostnameVerifier() {
/** {@inheritDoc} */
public boolean verify(String urlHostName, SSLSession session) {
return true;
}
};
((HttpsURLConnection) conn).setHostnameVerifier(hostnameverifier);
TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
/** {@inheritDoc} */
public void checkClientTrusted(final X509Certificate[] chain, final String authType) {
}
/** {@inheritDoc} */
public void checkServerTrusted(final X509Certificate[] chain, final String authType) {
}
/** {@inheritDoc} */
public X509Certificate[] getAcceptedIssuers() {
return null;
}
} };
try {
SSLContext sslContext = SSLContext.getInstance("SSL");
sslContext.init(null, trustAllCerts, new SecureRandom());
SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();
((HttpsURLConnection) conn).setSSLSocketFactory(sslSocketFactory);
} catch (NoSuchAlgorithmException e1) {
// ignore
} catch (KeyManagementException e) {
// ignore
}
}
return conn;
}
Also used :
Server(org.apache.maven.settings.Server)
SSLSession(javax.net.ssl.SSLSession)
SecureRandom(java.security.SecureRandom)
SSLContext(javax.net.ssl.SSLContext)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
URLConnection(java.net.URLConnection)
HttpsURLConnection(javax.net.ssl.HttpsURLConnection)
X509Certificate(java.security.cert.X509Certificate)
KeyManagementException(java.security.KeyManagementException)
HostnameVerifier(javax.net.ssl.HostnameVerifier)
TrustManager(javax.net.ssl.TrustManager)
X509TrustManager(javax.net.ssl.X509TrustManager)
X509TrustManager(javax.net.ssl.X509TrustManager)
SSLSocketFactory(javax.net.ssl.SSLSocketFactory)
HttpsURLConnection(javax.net.ssl.HttpsURLConnection)
Example 53 with X509TrustManager
use of javax.net.ssl.X509TrustManager in project cloudstack by apache.
the class HttpClientWrapper method wrapClient.
public static HttpClient wrapClient(HttpClient base) {
try {
SSLContext ctx = SSLUtils.getSSLContext();
X509TrustManager tm = new X509TrustManager() {
@Override
public void checkClientTrusted(X509Certificate[] xcs, String string) throws CertificateException {
}
@Override
public void checkServerTrusted(X509Certificate[] xcs, String string) throws CertificateException {
}
@Override
public X509Certificate[] getAcceptedIssuers() {
return null;
}
};
X509HostnameVerifier verifier = new X509HostnameVerifier() {
@Override
public void verify(String string, SSLSocket ssls) throws IOException {
}
@Override
public void verify(String string, X509Certificate xc) throws SSLException {
}
@Override
public void verify(String string, String[] strings, String[] strings1) throws SSLException {
}
@Override
public boolean verify(String string, SSLSession ssls) {
return true;
}
};
ctx.init(null, new TrustManager[] { tm }, null);
SSLSocketFactory ssf = new SSLSocketFactory(ctx);
ssf.setHostnameVerifier(verifier);
ClientConnectionManager ccm = base.getConnectionManager();
SchemeRegistry sr = ccm.getSchemeRegistry();
sr.register(new Scheme("https", ssf, 443));
return new DefaultHttpClient(ccm, base.getParams());
} catch (Exception ex) {
ex.printStackTrace();
return null;
}
}
Also used :
Scheme(org.apache.http.conn.scheme.Scheme)
SSLSocket(javax.net.ssl.SSLSocket)
SSLSession(javax.net.ssl.SSLSession)
SSLContext(javax.net.ssl.SSLContext)
ClientConnectionManager(org.apache.http.conn.ClientConnectionManager)
X509Certificate(java.security.cert.X509Certificate)
DefaultHttpClient(org.apache.http.impl.client.DefaultHttpClient)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
SSLException(javax.net.ssl.SSLException)
X509HostnameVerifier(org.apache.http.conn.ssl.X509HostnameVerifier)
X509TrustManager(javax.net.ssl.X509TrustManager)
SchemeRegistry(org.apache.http.conn.scheme.SchemeRegistry)
SSLSocketFactory(org.apache.http.conn.ssl.SSLSocketFactory)
Example 54 with X509TrustManager
use of javax.net.ssl.X509TrustManager in project cubrid-manager by CUBRID.
the class ClientHttp method setUpConnection.
/**
* Set up a http client
*
* @throws UnknownHostException a possible exception
* @throws IOException a possible exception
*/
private void setUpConnection() {
tearDownConnection();
this.requestUrl = "https://" + hostAddress + ":" + port + METHOD;
// support https
try {
// KeyStore trustStore =
// KeyStore.getInstance(KeyStore.getDefaultType());
// instream = new FileInputStream(new File("cm.keystore"));
// trustStore.load(instream, "admin1".toCharArray());
// SSLSocketFactory socketFactory = new
// SSLSocketFactory(trustStore);
// Scheme sch = new Scheme("https", 443, socketFactory);
// this.httpClient.getConnectionManager().getSchemeRegistry().register(sch);
X509TrustManager tm = new X509TrustManager() {
public void checkClientTrusted(X509Certificate[] xcs, String string) throws CertificateException {
}
public void checkServerTrusted(X509Certificate[] xcs, String string) throws CertificateException {
}
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}
};
SSLContext ctx = SSLContext.getInstance("TLS");
ctx.init(null, new TrustManager[] { tm }, new SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(ctx.getSocketFactory());
HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
public boolean verify(String hostname, SSLSession session) {
return true;
}
});
URL url = new URL(requestUrl);
conn = (HttpsURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setConnectTimeout(timeout);
conn.setDoInput(true);
conn.setDoOutput(true);
conn.setRequestProperty("Content-Type", "application/json");
} catch (Exception e) {
LOGGER.error("Make to support HTTPS failed.", e);
}
}
Also used :
X509TrustManager(javax.net.ssl.X509TrustManager)
SSLSession(javax.net.ssl.SSLSession)
SecureRandom(java.security.SecureRandom)
SSLContext(javax.net.ssl.SSLContext)
X509Certificate(java.security.cert.X509Certificate)
URL(java.net.URL)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
UnknownHostException(java.net.UnknownHostException)
HostnameVerifier(javax.net.ssl.HostnameVerifier)
Example 55 with X509TrustManager
use of javax.net.ssl.X509TrustManager in project cloudstack by apache.
the class NexentaNmsClient method getHttpsClient.
protected DefaultHttpClient getHttpsClient() {
try {
SSLContext sslContext = SSLUtils.getSSLContext();
X509TrustManager tm = new X509TrustManager() {
@Override
public void checkClientTrusted(X509Certificate[] xcs, String string) throws CertificateException {
}
@Override
public void checkServerTrusted(X509Certificate[] xcs, String string) throws CertificateException {
}
@Override
public X509Certificate[] getAcceptedIssuers() {
return null;
}
};
sslContext.init(null, new TrustManager[] { tm }, new SecureRandom());
SSLSocketFactory socketFactory = new SSLSocketFactory(sslContext, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
SchemeRegistry registry = new SchemeRegistry();
registry.register(new Scheme("https", nmsUrl.getPort(), socketFactory));
BasicClientConnectionManager mgr = new BasicClientConnectionManager(registry);
return new DefaultHttpClient(mgr);
} catch (NoSuchAlgorithmException ex) {
throw new CloudRuntimeException(ex.getMessage());
} catch (KeyManagementException ex) {
throw new CloudRuntimeException(ex.getMessage());
}
}
Also used :
Scheme(org.apache.http.conn.scheme.Scheme)
SecureRandom(java.security.SecureRandom)
SSLContext(javax.net.ssl.SSLContext)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
X509Certificate(java.security.cert.X509Certificate)
DefaultHttpClient(org.apache.http.impl.client.DefaultHttpClient)
KeyManagementException(java.security.KeyManagementException)
X509TrustManager(javax.net.ssl.X509TrustManager)
CloudRuntimeException(com.cloud.utils.exception.CloudRuntimeException)
SchemeRegistry(org.apache.http.conn.scheme.SchemeRegistry)
BasicClientConnectionManager(org.apache.http.impl.conn.BasicClientConnectionManager)
SSLSocketFactory(org.apache.http.conn.ssl.SSLSocketFactory)
Aggregations
X509TrustManager (javax.net.ssl.X509TrustManager)183
TrustManager (javax.net.ssl.TrustManager)114
X509Certificate (java.security.cert.X509Certificate)96
SSLContext (javax.net.ssl.SSLContext)88
CertificateException (java.security.cert.CertificateException)54
IOException (java.io.IOException)50
TrustManagerFactory (javax.net.ssl.TrustManagerFactory)45
SecureRandom (java.security.SecureRandom)44
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)32
KeyManagementException (java.security.KeyManagementException)28
Test (org.junit.Test)21
HostnameVerifier (javax.net.ssl.HostnameVerifier)19
SSLSocketFactory (javax.net.ssl.SSLSocketFactory)19
KeyStore (java.security.KeyStore)17
GeneralSecurityException (java.security.GeneralSecurityException)15
SSLSession (javax.net.ssl.SSLSession)15
KeyStoreException (java.security.KeyStoreException)14
SSLException (javax.net.ssl.SSLException)14
URL (java.net.URL)11
OkHttpClient (okhttp3.OkHttpClient)10
