use of org.apache.hc.client5.http.socket.LayeredConnectionSocketFactory in project spring-cloud-openfeign by spring-cloud.
the class HttpClient5FeignConfiguration method httpsSSLConnectionSocketFactory.
private LayeredConnectionSocketFactory httpsSSLConnectionSocketFactory(boolean isDisableSslValidation) {
final SSLConnectionSocketFactoryBuilder sslConnectionSocketFactoryBuilder = SSLConnectionSocketFactoryBuilder.create().setTlsVersions(TLS.V_1_3, TLS.V_1_2);
if (isDisableSslValidation) {
try {
final SSLContext sslContext = SSLContext.getInstance("SSL");
sslContext.init(null, new TrustManager[] { new DisabledValidationTrustManager() }, new SecureRandom());
sslConnectionSocketFactoryBuilder.setSslContext(sslContext);
} catch (NoSuchAlgorithmException e) {
LOG.warn("Error creating SSLContext", e);
} catch (KeyManagementException e) {
LOG.warn("Error creating SSLContext", e);
}
} else {
sslConnectionSocketFactoryBuilder.setSslContext(SSLContexts.createSystemDefault());
}
return sslConnectionSocketFactoryBuilder.build();
}
use of org.apache.hc.client5.http.socket.LayeredConnectionSocketFactory in project sslcontext-kickstart by Hakky54.
the class Apache5SslUtilsShould method createLayeredConnectionSocketFactoryWithIdentityMaterialAndTrustMaterial.
@Test
void createLayeredConnectionSocketFactoryWithIdentityMaterialAndTrustMaterial() {
KeyStore identity = KeyStoreUtils.loadKeyStore(KEYSTORE_LOCATION + IDENTITY_FILE_NAME, IDENTITY_PASSWORD);
KeyStore trustStore = KeyStoreUtils.loadKeyStore(KEYSTORE_LOCATION + TRUSTSTORE_FILE_NAME, TRUSTSTORE_PASSWORD);
SSLFactory sslFactory = SSLFactory.builder().withIdentityMaterial(identity, IDENTITY_PASSWORD).withTrustMaterial(trustStore).build();
assertThat(sslFactory.getSslContext()).isNotNull();
assertThat(sslFactory.getKeyManager()).isPresent();
assertThat(sslFactory.getTrustManager()).isNotNull();
assertThat(sslFactory.getTrustedCertificates()).isNotEmpty();
assertThat(sslFactory.getTrustManager()).isNotNull();
assertThat(sslFactory.getHostnameVerifier()).isNotNull();
LayeredConnectionSocketFactory socketFactory = Apache5SslUtils.toSocketFactory(sslFactory);
assertThat(socketFactory).isNotNull();
}
use of org.apache.hc.client5.http.socket.LayeredConnectionSocketFactory in project sslcontext-kickstart by Hakky54.
the class Apache5SslUtilsShould method createLayeredConnectionSocketFactoryWithTrustMaterial.
@Test
void createLayeredConnectionSocketFactoryWithTrustMaterial() {
KeyStore trustStore = KeyStoreUtils.loadKeyStore(KEYSTORE_LOCATION + TRUSTSTORE_FILE_NAME, TRUSTSTORE_PASSWORD);
SSLFactory sslFactory = SSLFactory.builder().withTrustMaterial(trustStore).build();
assertThat(sslFactory.getSslContext()).isNotNull();
assertThat(sslFactory.getKeyManager()).isNotPresent();
assertThat(sslFactory.getTrustManager()).isNotNull();
assertThat(sslFactory.getTrustedCertificates()).isNotEmpty();
assertThat(sslFactory.getTrustManager()).isNotNull();
assertThat(sslFactory.getHostnameVerifier()).isNotNull();
LayeredConnectionSocketFactory socketFactory = Apache5SslUtils.toSocketFactory(sslFactory);
assertThat(socketFactory).isNotNull();
}
use of org.apache.hc.client5.http.socket.LayeredConnectionSocketFactory in project wiremock by wiremock.
the class HttpClientFactory method createClient.
public static CloseableHttpClient createClient(int maxConnections, int timeoutMilliseconds, ProxySettings proxySettings, KeyStoreSettings trustStoreSettings, boolean trustSelfSignedCertificates, final List<String> trustedHosts, boolean useSystemProperties) {
HttpClientBuilder builder = HttpClientBuilder.create().disableAuthCaching().disableAutomaticRetries().disableCookieManagement().disableRedirectHandling().disableContentCompression().setConnectionManager(PoolingHttpClientConnectionManagerBuilder.create().setMaxConnPerRoute(maxConnections).setMaxConnTotal(maxConnections).setValidateAfterInactivity(// TODO Verify duration
TimeValue.ofSeconds(5)).setConnectionFactory(new ManagedHttpClientConnectionFactory(null, CharCodingConfig.custom().setCharset(UTF_8).build(), null)).build()).setDefaultRequestConfig(RequestConfig.custom().setResponseTimeout(Timeout.ofMilliseconds(timeoutMilliseconds)).build()).setConnectionReuseStrategy((request, response, context) -> false).setKeepAliveStrategy((response, context) -> TimeValue.ZERO_MILLISECONDS);
if (useSystemProperties) {
builder.useSystemProperties();
}
if (proxySettings != NO_PROXY) {
HttpHost proxyHost = new HttpHost(proxySettings.host(), proxySettings.port());
builder.setProxy(proxyHost);
if (!isEmpty(proxySettings.getUsername()) && !isEmpty(proxySettings.getPassword())) {
// TODO Verify
builder.setProxyAuthenticationStrategy(new DefaultAuthenticationStrategy());
BasicCredentialsProvider credentialsProvider = new BasicCredentialsProvider();
credentialsProvider.setCredentials(new AuthScope(proxySettings.host(), proxySettings.port()), new UsernamePasswordCredentials(proxySettings.getUsername(), proxySettings.getPassword().toCharArray()));
builder.setDefaultCredentialsProvider(credentialsProvider);
}
}
final SSLContext sslContext = buildSslContext(trustStoreSettings, trustSelfSignedCertificates, trustedHosts);
LayeredConnectionSocketFactory sslSocketFactory = buildSslConnectionSocketFactory(sslContext);
PoolingHttpClientConnectionManager connectionManager = PoolingHttpClientConnectionManagerBuilder.create().setSSLSocketFactory(sslSocketFactory).build();
builder.setConnectionManager(connectionManager);
return builder.build();
}
use of org.apache.hc.client5.http.socket.LayeredConnectionSocketFactory in project wiremock by wiremock.
the class HttpClientFactory method buildSslConnectionSocketFactory.
private static LayeredConnectionSocketFactory buildSslConnectionSocketFactory(final SSLContext sslContext) {
final String[] supportedProtocols = split(System.getProperty("https.protocols"));
final String[] supportedCipherSuites = split(System.getProperty("https.cipherSuites"));
return new SSLConnectionSocketFactory(new HostVerifyingSSLSocketFactory(sslContext.getSocketFactory()), supportedProtocols, supportedCipherSuites, // using Java's hostname verification
new NoopHostnameVerifier());
}
Aggregations