Examples with HeldCertificate okhttp3.tls.HeldCertificate used on opensource projects

Search in sources :

Example 1 with HeldCertificate

use of okhttp3.tls.HeldCertificate in project okhttp by square.

the class CallTest method httpsWithIpAddress.

@Test
public void httpsWithIpAddress() throws Exception {
    String localIpAddress = InetAddress.getLoopbackAddress().getHostAddress();
    // Create a certificate with an IP address in the subject alt name.
    HeldCertificate heldCertificate = new HeldCertificate.Builder().commonName("example.com").subjectAlternativeName(localIpAddress).build();
    SslClient sslClient = new SslClient.Builder().certificateChain(heldCertificate.keyPair, heldCertificate.certificate).addTrustedCertificate(heldCertificate.certificate).build();
    // Use that certificate on the server and trust it on the client.
    server.useHttps(sslClient.socketFactory, false);
    client = client.newBuilder().sslSocketFactory(sslClient.socketFactory, sslClient.trustManager).hostnameVerifier(new RecordingHostnameVerifier()).protocols(Collections.singletonList(Protocol.HTTP_1_1)).build();
    // Make a request.
    server.enqueue(new MockResponse());
    HttpUrl url = server.url("/").newBuilder().host(localIpAddress).build();
    Request request = new Request.Builder().url(url).build();
    executeSynchronously(request).assertCode(200);
    // Confirm that the IP address was used in the host header.
    RecordedRequest recordedRequest = server.takeRequest();
    assertEquals(localIpAddress + ":" + server.getPort(), recordedRequest.getHeader("Host"));
}
Also used : RecordedRequest(okhttp3.mockwebserver.RecordedRequest) MockResponse(okhttp3.mockwebserver.MockResponse) SslClient(okhttp3.internal.tls.SslClient) HeldCertificate(okhttp3.internal.tls.HeldCertificate) RecordedRequest(okhttp3.mockwebserver.RecordedRequest) Test(org.junit.Test)

Example 2 with HeldCertificate

use of okhttp3.tls.HeldCertificate in project okhttp by square.

the class CertificateChainCleanerTest method normalizeSingleSelfSignedCertificate.

@Test
public void normalizeSingleSelfSignedCertificate() throws Exception {
    HeldCertificate root = new HeldCertificate.Builder().serialNumber(1L).build();
    CertificateChainCleaner cleaner = CertificateChainCleaner.Companion.get(root.certificate());
    assertThat(cleaner.clean(list(root), "hostname")).isEqualTo(list(root));
}
Also used : HeldCertificate(okhttp3.tls.HeldCertificate) CertificateChainCleaner(okhttp3.internal.tls.CertificateChainCleaner) Test(org.junit.jupiter.api.Test)

Example 3 with HeldCertificate

use of okhttp3.tls.HeldCertificate in project okhttp by square.

the class CertificateChainCleanerTest method chainGoesAllTheWayToSelfSignedRoot.

@Test
public void chainGoesAllTheWayToSelfSignedRoot() throws Exception {
    HeldCertificate selfSigned = new HeldCertificate.Builder().serialNumber(1L).certificateAuthority(2).build();
    HeldCertificate trusted = new HeldCertificate.Builder().serialNumber(2L).signedBy(selfSigned).certificateAuthority(1).build();
    HeldCertificate certA = new HeldCertificate.Builder().serialNumber(3L).certificateAuthority(0).signedBy(trusted).build();
    HeldCertificate certB = new HeldCertificate.Builder().serialNumber(4L).signedBy(certA).build();
    CertificateChainCleaner cleaner = CertificateChainCleaner.Companion.get(selfSigned.certificate(), trusted.certificate());
    assertThat(cleaner.clean(list(certB, certA), "hostname")).isEqualTo(list(certB, certA, trusted, selfSigned));
    assertThat(cleaner.clean(list(certB, certA, trusted), "hostname")).isEqualTo(list(certB, certA, trusted, selfSigned));
    assertThat(cleaner.clean(list(certB, certA, trusted, selfSigned), "hostname")).isEqualTo(list(certB, certA, trusted, selfSigned));
}
Also used : HeldCertificate(okhttp3.tls.HeldCertificate) CertificateChainCleaner(okhttp3.internal.tls.CertificateChainCleaner) Test(org.junit.jupiter.api.Test)

Example 4 with HeldCertificate

use of okhttp3.tls.HeldCertificate in project okhttp by square.

the class CertificateChainCleanerTest method chainTooLong.

@Test
public void chainTooLong() {
    List<HeldCertificate> heldCertificates = chainOfLength(11);
    List<Certificate> certificates = new ArrayList<>();
    for (HeldCertificate heldCertificate : heldCertificates) {
        certificates.add(heldCertificate.certificate());
    }
    X509Certificate root = heldCertificates.get(heldCertificates.size() - 1).certificate();
    CertificateChainCleaner cleaner = CertificateChainCleaner.Companion.get(root);
    try {
        cleaner.clean(certificates, "hostname");
        fail();
    } catch (SSLPeerUnverifiedException expected) {
    }
}
Also used : SSLPeerUnverifiedException(javax.net.ssl.SSLPeerUnverifiedException) HeldCertificate(okhttp3.tls.HeldCertificate) ArrayList(java.util.ArrayList) X509Certificate(java.security.cert.X509Certificate) CertificateChainCleaner(okhttp3.internal.tls.CertificateChainCleaner) X509Certificate(java.security.cert.X509Certificate) Certificate(java.security.cert.Certificate) HeldCertificate(okhttp3.tls.HeldCertificate) Test(org.junit.jupiter.api.Test)

Example 5 with HeldCertificate

use of okhttp3.tls.HeldCertificate in project okhttp by square.

the class CertificateChainCleanerTest method orderedChainOfCertificatesWithRoot.

@Test
public void orderedChainOfCertificatesWithRoot() throws Exception {
    HeldCertificate root = new HeldCertificate.Builder().serialNumber(1L).certificateAuthority(1).build();
    HeldCertificate certA = new HeldCertificate.Builder().serialNumber(2L).certificateAuthority(0).signedBy(root).build();
    HeldCertificate certB = new HeldCertificate.Builder().serialNumber(3L).signedBy(certA).build();
    CertificateChainCleaner cleaner = CertificateChainCleaner.Companion.get(root.certificate());
    assertThat(cleaner.clean(list(certB, certA, root), "hostname")).isEqualTo(list(certB, certA, root));
}
Also used : HeldCertificate(okhttp3.tls.HeldCertificate) CertificateChainCleaner(okhttp3.internal.tls.CertificateChainCleaner) Test(org.junit.jupiter.api.Test)

Aggregations

HeldCertificate (okhttp3.tls.HeldCertificate)25 Test (org.junit.jupiter.api.Test)23 HandshakeCertificates (okhttp3.tls.HandshakeCertificates)12 CertificateChainCleaner (okhttp3.internal.tls.CertificateChainCleaner)11 Call (okhttp3.Call)9 OkHttpClient (okhttp3.OkHttpClient)9 RecordingHostnameVerifier (okhttp3.RecordingHostnameVerifier)9 Request (okhttp3.Request)9 MockResponse (mockwebserver3.MockResponse)7 CertificatePinner (okhttp3.CertificatePinner)7 Response (okhttp3.Response)6 SSLPeerUnverifiedException (javax.net.ssl.SSLPeerUnverifiedException)5 SSLHandshakeException (javax.net.ssl.SSLHandshakeException)4 SSLSocketFactory (javax.net.ssl.SSLSocketFactory)3 BufferedReader (java.io.BufferedReader)2 InputStreamReader (java.io.InputStreamReader)2 Certificate (java.security.cert.Certificate)2 X509Certificate (java.security.cert.X509Certificate)2 ArrayList (java.util.ArrayList)2 HttpsURLConnection (javax.net.ssl.HttpsURLConnection)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial