Examples with X509TrustManager javax.net.ssl.X509TrustManager used on opensource projects

Example 81 with X509TrustManager

use of javax.net.ssl.X509TrustManager in project cxf by apache.

the class CipherSuitesTest method testAESIncludedTLSv11.

// Both client + server include AES, client is TLSv1.1
@org.junit.Test
public void testAESIncludedTLSv11() throws Exception {
    // Doesn't work with IBM JDK
    if ("IBM Corporation".equals(System.getProperty("java.vendor"))) {
        return;
    }
    SpringBusFactory bf = new SpringBusFactory();
    URL busFile = CipherSuitesTest.class.getResource("ciphersuites-client-noconfig.xml");
    Bus bus = bf.createBus(busFile.toString());
    BusFactory.setDefaultBus(bus);
    BusFactory.setThreadDefaultBus(bus);
    URL url = SOAPService.WSDL_LOCATION;
    SOAPService service = new SOAPService(url, SOAPService.SERVICE);
    assertNotNull("Service is null", service);
    final Greeter port = service.getHttpsPort();
    assertNotNull("Port is null", port);
    updateAddressPort(port, PORT);
    Client client = ClientProxy.getClient(port);
    HTTPConduit conduit = (HTTPConduit) client.getConduit();
    TLSClientParameters tlsParams = new TLSClientParameters();
    X509TrustManager trustManager = new NoOpX509TrustManager();
    TrustManager[] trustManagers = new TrustManager[1];
    trustManagers[0] = trustManager;
    tlsParams.setTrustManagers(trustManagers);
    tlsParams.setDisableCNCheck(true);
    tlsParams.setSecureSocketProtocol("TLSv1.1");
    conduit.setTlsClientParameters(tlsParams);
    assertEquals(port.greetMe("Kitty"), "Hello Kitty");
    ((java.io.Closeable) port).close();
    bus.shutdown(true);
}

Example 82 with X509TrustManager

use of javax.net.ssl.X509TrustManager in project cxf by apache.

the class TrustManagerTest method testValidServerCertX509TrustManager2.

// Here the Trust Manager checks the server cert. this time we are invoking on the
// service that is configured in code (not by spring)
@org.junit.Test
public void testValidServerCertX509TrustManager2() throws Exception {
    SpringBusFactory bf = new SpringBusFactory();
    URL busFile = TrustManagerTest.class.getResource("client-trust.xml");
    Bus bus = bf.createBus(busFile.toString());
    BusFactory.setDefaultBus(bus);
    BusFactory.setThreadDefaultBus(bus);
    URL url = SOAPService.WSDL_LOCATION;
    SOAPService service = new SOAPService(url, SOAPService.SERVICE);
    assertNotNull("Service is null", service);
    final Greeter port = service.getHttpsPort();
    assertNotNull("Port is null", port);
    updateAddressPort(port, PORT3);
    String validPrincipalName = "CN=Bethal,OU=Bethal,O=ApacheTest,L=Syracuse,C=US";
    TLSClientParameters tlsParams = new TLSClientParameters();
    X509TrustManager trustManager = new ServerCertX509TrustManager(validPrincipalName);
    TrustManager[] trustManagers = new TrustManager[1];
    trustManagers[0] = trustManager;
    tlsParams.setTrustManagers(trustManagers);
    tlsParams.setDisableCNCheck(true);
    Client client = ClientProxy.getClient(port);
    HTTPConduit http = (HTTPConduit) client.getConduit();
    http.setTlsClientParameters(tlsParams);
    assertEquals(port.greetMe("Kitty"), "Hello Kitty");
    ((java.io.Closeable) port).close();
    bus.shutdown(true);
}

Example 83 with X509TrustManager

use of javax.net.ssl.X509TrustManager in project cxf by apache.

the class TrustManagerTest method testValidServerCertX509TrustManager.

// Here the Trust Manager checks the server cert
@org.junit.Test
public void testValidServerCertX509TrustManager() throws Exception {
    SpringBusFactory bf = new SpringBusFactory();
    URL busFile = TrustManagerTest.class.getResource("client-trust.xml");
    Bus bus = bf.createBus(busFile.toString());
    BusFactory.setDefaultBus(bus);
    BusFactory.setThreadDefaultBus(bus);
    URL url = SOAPService.WSDL_LOCATION;
    SOAPService service = new SOAPService(url, SOAPService.SERVICE);
    assertNotNull("Service is null", service);
    final Greeter port = service.getHttpsPort();
    assertNotNull("Port is null", port);
    updateAddressPort(port, PORT);
    String validPrincipalName = "CN=Bethal,OU=Bethal,O=ApacheTest,L=Syracuse,C=US";
    TLSClientParameters tlsParams = new TLSClientParameters();
    X509TrustManager trustManager = new ServerCertX509TrustManager(validPrincipalName);
    TrustManager[] trustManagers = new TrustManager[1];
    trustManagers[0] = trustManager;
    tlsParams.setTrustManagers(trustManagers);
    tlsParams.setDisableCNCheck(true);
    Client client = ClientProxy.getClient(port);
    HTTPConduit http = (HTTPConduit) client.getConduit();
    http.setTlsClientParameters(tlsParams);
    assertEquals(port.greetMe("Kitty"), "Hello Kitty");
    ((java.io.Closeable) port).close();
    bus.shutdown(true);
}

Example 84 with X509TrustManager

use of javax.net.ssl.X509TrustManager in project Payara by payara.

the class ConnectionManager method getSecureConnection.

/**
 * creates a connection to the loadbalancer
 * @param contextRoot context root that will be used in constructing the URL
 * @throws java.io.IOException
 * @return HTTPS connection to the load balancer.
 */
private HttpsURLConnection getSecureConnection(String contextRoot) throws IOException {
    if (_lbHost == null || _lbPort == null) {
        String msg = LbLogUtil.getStringManager().getString("LbDeviceNotConfigured", _lbName);
        throw new IOException(msg);
    }
    HttpsURLConnection conn = null;
    URL url = null;
    try {
        // ---------------------------------
        // Create a trust manager that does not validate certificate chains
        TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {

            @Override
            public java.security.cert.X509Certificate[] getAcceptedIssuers() {
                return null;
            }

            @Override
            public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) {
            }

            @Override
            public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) {
            }
        } };
        // Install the all-trusting trust manager
        SSLContext sc = SSLContext.getInstance(TLS);
        ServiceLocator habitat = Globals.getDefaultHabitat();
        SSLUtils sslUtils = habitat.getService(SSLUtils.class);
        sc.init(sslUtils.getKeyManagers(), trustAllCerts, new java.security.SecureRandom());
        // ---------------------------------
        url = new URL(HTTPS_PROTOCOL, _lbHost, Integer.parseInt(_lbPort), contextRoot);
        if (_lbProxyHost != null && _lbProxyPort != null) {
            Proxy proxy = new Proxy(Proxy.Type.HTTP, new InetSocketAddress(_lbProxyHost, Integer.parseInt(_lbProxyPort)));
            conn = (HttpsURLConnection) url.openConnection(proxy);
        } else {
            conn = (HttpsURLConnection) url.openConnection();
        }
        conn.setSSLSocketFactory(sc.getSocketFactory());
        HostnameVerifier hnv = new SSLHostNameVerifier();
        conn.setDefaultHostnameVerifier(hnv);
    } catch (Exception e) {
        throw new IOException(e.getMessage(), e);
    }
    return conn;
}

Example 85 with X509TrustManager

use of javax.net.ssl.X509TrustManager in project Payara by payara.

the class JSFTest method disableCertValidation.

public static void disableCertValidation() {
    // Create a trust manager that does not validate certificate chains
    TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {

        public X509Certificate[] getAcceptedIssuers() {
            return null;
        }

        public void checkClientTrusted(X509Certificate[] certs, String authType) {
            return;
        }

        public void checkServerTrusted(X509Certificate[] certs, String authType) {
            return;
        }
    } };
    try {
        SSLContext sc = SSLContext.getInstance("TLS");
        sc.init(null, trustAllCerts, new SecureRandom());
        HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
    } catch (Exception e) {
        return;
    }
}