use of org.apache.http.conn.socket.PlainConnectionSocketFactory in project fabric-sdk-java by hyperledger.
the class HFCAClient method setUpSSL.
private void setUpSSL() throws InvalidArgumentException {
if (cryptoPrimitives == null) {
try {
cryptoPrimitives = new CryptoPrimitives();
cryptoPrimitives.init();
} catch (Exception e) {
throw new InvalidArgumentException(e);
}
}
if (isSSL && null == registry) {
if (properties.containsKey("pemBytes") && properties.containsKey("pemFile")) {
throw new InvalidArgumentException("Properties can not have both \"pemBytes\" and \"pemFile\" specified. ");
}
try {
if (properties.containsKey("pemBytes")) {
byte[] pemBytes = (byte[]) properties.get("pemBytes");
cryptoPrimitives.addCACertificateToTrustStore(pemBytes, pemBytes.toString());
} else {
String pemFile = properties.getProperty("pemFile");
if (pemFile != null) {
cryptoPrimitives.addCACertificateToTrustStore(new File(pemFile), pemFile);
}
}
SSLContext sslContext = SSLContexts.custom().loadTrustMaterial(cryptoPrimitives.getTrustStore(), null).build();
ConnectionSocketFactory sf;
if (null != properties && "true".equals(properties.getProperty("allowAllHostNames"))) {
AllHostsSSLSocketFactory msf = new AllHostsSSLSocketFactory(cryptoPrimitives.getTrustStore());
msf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
sf = msf;
} else {
sf = new SSLConnectionSocketFactory(sslContext);
}
registry = RegistryBuilder.<ConnectionSocketFactory>create().register("https", sf).register("http", new PlainConnectionSocketFactory()).build();
} catch (Exception e) {
logger.error(e);
throw new InvalidArgumentException(e);
}
}
}
use of org.apache.http.conn.socket.PlainConnectionSocketFactory in project ovirt-engine by oVirt.
the class HttpClientBuilder method build.
public CloseableHttpClient build() throws IOException, GeneralSecurityException {
// Prepare the default configuration for all requests:
RequestConfig requestConfig = RequestConfig.custom().setConnectTimeout(connectTimeout != null ? connectTimeout : 0).setSocketTimeout(readTimeout != null ? readTimeout : 0).build();
// Configure the trust manager:
TrustManager[] trustManager = null;
if (verifyChain) {
if (trustStore != null) {
try (InputStream is = new FileInputStream(trustStore)) {
KeyStore ks = KeyStore.getInstance(trustStoreType);
ks.load(is, StringUtils.isEmpty(trustStorePassword) ? null : trustStorePassword.toCharArray());
TrustManagerFactory tmf = TrustManagerFactory.getInstance(trustManagerAlgorithm);
tmf.init(ks);
trustManager = tmf.getTrustManagers();
}
}
} else {
trustManager = new TrustManager[] { new X509TrustManager() {
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[] {};
}
public void checkClientTrusted(X509Certificate[] certs, String authType) {
}
public void checkServerTrusted(X509Certificate[] certs, String authType) {
}
} };
}
// Create the SSL context:
SSLContext sslContext = SSLContext.getInstance(tlsProtocol);
sslContext.init(null, trustManager, null);
// Create the SSL host name verifier:
HostnameVerifier sslHostnameVerifier = null;
if (!verifyHost) {
sslHostnameVerifier = (hostname, session) -> true;
}
// Create the socket factory for HTTP:
ConnectionSocketFactory httpSocketFactory = new PlainConnectionSocketFactory();
// Create the socket factory for HTTPS:
ConnectionSocketFactory httpsSocketFactory = new SSLConnectionSocketFactory(sslContext, sslHostnameVerifier);
// Create the socket factory registry:
Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create().register("http", httpSocketFactory).register("https", httpsSocketFactory).build();
// Create the connection manager:
HttpClientConnectionManager connectionManager;
if (poolSize != null) {
PoolingHttpClientConnectionManager poolManager = new PoolingHttpClientConnectionManager(socketFactoryRegistry);
poolManager.setDefaultMaxPerRoute(poolSize);
poolManager.setMaxTotal(poolSize);
poolManager.setValidateAfterInactivity(validateAfterInactivity == null ? 100 : validateAfterInactivity);
connectionManager = poolManager;
} else {
connectionManager = new BasicHttpClientConnectionManager(socketFactoryRegistry);
}
// Create the client:
return org.apache.http.impl.client.HttpClientBuilder.create().setDefaultRequestConfig(requestConfig).setSSLHostnameVerifier(sslHostnameVerifier).setConnectionManager(connectionManager).setRetryHandler(new StandardHttpRequestRetryHandler(retryCount == null ? 1 : retryCount, true)).build();
}
use of org.apache.http.conn.socket.PlainConnectionSocketFactory in project oxTrust by GluuFederation.
the class ShibbolethReloadService method create.
@PostConstruct
public void create() {
try {
log.info(">>>>> Initializing ShibbolethReloadService");
SSLContext sslContext = SSLContextBuilder.create().loadTrustMaterial(new TrustSelfSignedStrategy()).build();
HostnameVerifier hostnameVerifier = NoopHostnameVerifier.INSTANCE;
SSLConnectionSocketFactory sslConnSocketFactory = new SSLConnectionSocketFactory(sslContext, hostnameVerifier);
Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create().register("https", sslConnSocketFactory).register("http", new PlainConnectionSocketFactory()).build();
PoolingHttpClientConnectionManager poolingHttpConnMgr = new PoolingHttpClientConnectionManager(socketFactoryRegistry);
poolingHttpConnMgr.setMaxTotal(HTTP_DEFAULT_MAX_TOTAL_CONNECTIONS);
poolingHttpConnMgr.setDefaultMaxPerRoute(HTTP_DEFAULT_MAX_CONN_PER_ROUTE);
this.connectionManager = poolingHttpConnMgr;
log.info(">>>> ShibbolethReloadService Initialization complete");
} catch (Exception e) {
this.connectionManager = null;
log.info("Could not initialize ShibbolethReloadService", e);
}
}
use of org.apache.http.conn.socket.PlainConnectionSocketFactory in project metron by apache.
the class TaxiiHandler method buildClient.
private static HttpClient buildClient(URL proxy, String username, String password) throws Exception {
// Start with a default TAXII HTTP client.
HttpClient client = new HttpClient();
// Create an Apache HttpClientBuilder to be customized by the command line arguments.
HttpClientBuilder builder = HttpClientBuilder.create().useSystemProperties();
// Proxy
if (proxy != null) {
HttpHost proxyHost = new HttpHost(proxy.getHost(), proxy.getPort(), proxy.getProtocol());
builder.setProxy(proxyHost);
}
// Basic authentication. User & Password
if (username != null ^ password != null) {
throw new Exception("'username' and 'password' arguments are required to appear together.");
}
// from: http://stackoverflow.com/questions/19517538/ignoring-ssl-certificate-in-apache-httpclient-4-3
SSLContextBuilder ssbldr = new SSLContextBuilder();
ssbldr.loadTrustMaterial(null, new TrustSelfSignedStrategy());
SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(ssbldr.build(), SSLConnectionSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER);
Registry<ConnectionSocketFactory> registry = RegistryBuilder.<ConnectionSocketFactory>create().register("http", new PlainConnectionSocketFactory()).register("https", sslsf).build();
PoolingHttpClientConnectionManager cm = new PoolingHttpClientConnectionManager(registry);
// max connection
cm.setMaxTotal(20);
// ""
System.setProperty("jsse.enableSNIExtension", "false");
CloseableHttpClient httpClient = builder.setSSLSocketFactory(sslsf).setConnectionManager(cm).build();
client.setHttpclient(httpClient);
return client;
}
use of org.apache.http.conn.socket.PlainConnectionSocketFactory in project athenz by yahoo.
the class ZTSClient method createConnectionManager.
PoolingHttpClientConnectionManager createConnectionManager(SSLContext sslContext, HostnameVerifier hostnameVerifier) {
if (sslContext == null) {
return null;
}
SSLConnectionSocketFactory sslSocketFactory;
if (hostnameVerifier == null) {
sslSocketFactory = new SSLConnectionSocketFactory(sslContext);
} else {
sslSocketFactory = new SSLConnectionSocketFactory(sslContext, hostnameVerifier);
}
Registry<ConnectionSocketFactory> registry = RegistryBuilder.<ConnectionSocketFactory>create().register("https", sslSocketFactory).register("http", new PlainConnectionSocketFactory()).build();
PoolingHttpClientConnectionManager poolingHttpClientConnectionManager = new PoolingHttpClientConnectionManager(registry);
// we'll use the default values from apache http connector - max 20 and per route 2
int maxPerRoute = Integer.parseInt(System.getProperty(ZTS_CLIENT_PROP_POOL_MAX_PER_ROUTE, "2"));
int maxTotal = Integer.parseInt(System.getProperty(ZTS_CLIENT_PROP_POOL_MAX_TOTAL, "20"));
poolingHttpClientConnectionManager.setDefaultMaxPerRoute(maxPerRoute);
poolingHttpClientConnectionManager.setMaxTotal(maxTotal);
return poolingHttpClientConnectionManager;
}
Aggregations