Example 6 with SSLConnectionSocketFactory
use of org.apache.http.conn.ssl.SSLConnectionSocketFactory in project cas by apereo.
the class TrustedProxyAuthenticationTrustStoreSslSocketFactoryTests method prepareHttpClient.
@Before
public void prepareHttpClient() throws Exception {
final SimpleHttpClientFactoryBean clientFactory = new SimpleHttpClientFactoryBean();
clientFactory.setSslSocketFactory(new SSLConnectionSocketFactory(new DefaultCasSslContext(TRUST_STORE, TRUST_STORE_PSW, KeyStore.getDefaultType()).getSslContext()));
this.client = clientFactory.getObject();
}
Also used :
SimpleHttpClientFactoryBean(org.apereo.cas.util.http.SimpleHttpClientFactoryBean)
DefaultCasSslContext(org.apereo.cas.authentication.DefaultCasSslContext)
SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory)
Before(org.junit.Before)
Example 7 with SSLConnectionSocketFactory
use of org.apache.http.conn.ssl.SSLConnectionSocketFactory in project quickutil by quickutil.
the class HttpUtil method initHttpsClientMananger.
/**
* 生成https连接管理器
*
* @param clientCer-客户端证书
* @param clientPW-客户端证书密钥
* @param serverCer-服务端证书
* @param serverPW-服务端证书密钥
* @return
*/
public static HttpClientConnectionManager initHttpsClientMananger(InputStream clientCer, String clientPW, InputStream serverCer, String serverPW) {
try {
KeyManager[] keysManagers = null;
TrustManager[] trustManagers = null;
// 验证客户端证书
if (clientCer != null) {
KeyStore ks = KeyStore.getInstance("pkcs12");
ks.load(clientCer, clientPW.toCharArray());
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyManagerFactory.init(ks, clientPW.toCharArray());
keysManagers = keyManagerFactory.getKeyManagers();
}
// 验证服务端证书
if (serverCer != null) {
KeyStore ks2 = KeyStore.getInstance("pkcs12");
ks2.load(serverCer, serverPW.toCharArray());
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(ks2);
trustManagers = trustManagerFactory.getTrustManagers();
} else {
trustManagers = new TrustManager[] { tm };
}
// 生成ssl参数
SSLContext context = SSLContext.getInstance("TLS");
context.init(keysManagers, trustManagers, null);
SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(context);
Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create().register("http", PlainConnectionSocketFactory.INSTANCE).register("https", socketFactory).build();
return new PoolingHttpClientConnectionManager(socketFactoryRegistry);
} catch (Exception e) {
e.printStackTrace();
return null;
}
}
Also used :
SSLContext(javax.net.ssl.SSLContext)
KeyStore(java.security.KeyStore)
SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory)
CertificateException(java.security.cert.CertificateException)
TrustManager(javax.net.ssl.TrustManager)
X509TrustManager(javax.net.ssl.X509TrustManager)
KeyManagerFactory(javax.net.ssl.KeyManagerFactory)
PoolingHttpClientConnectionManager(org.apache.http.impl.conn.PoolingHttpClientConnectionManager)
PlainConnectionSocketFactory(org.apache.http.conn.socket.PlainConnectionSocketFactory)
SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory)
ConnectionSocketFactory(org.apache.http.conn.socket.ConnectionSocketFactory)
TrustManagerFactory(javax.net.ssl.TrustManagerFactory)
KeyManager(javax.net.ssl.KeyManager)
Example 8 with SSLConnectionSocketFactory
use of org.apache.http.conn.ssl.SSLConnectionSocketFactory in project dq-easy-cloud by dq-open-cloud.
the class DqHttpRequestTemplateBO method createSSL.
/**
* 创建ssl配置
*
* @param configStorage
* 请求配置
* @return SSLConnectionSocketFactory Layered socket factory for TLS/SSL
* connections.
*/
public SSLConnectionSocketFactory createSSL(DqHttpConfigStorageDTO configStorage) {
if (DqStringUtils.isEmpty(configStorage.getKeystore())) {
return null;
}
// 读取本机存放的PKCS12证书文件
try (InputStream instream = configStorage.isPath() ? new FileInputStream(new File(configStorage.getKeystore())) : new ByteArrayInputStream(configStorage.getKeystore().getBytes())) {
// 指定读取证书格式为PKCS12
KeyStore keyStore = KeyStore.getInstance("PKCS12");
char[] password = configStorage.getStorePassword().toCharArray();
// 指定PKCS12的密码
keyStore.load(instream, password);
SSLContext sslcontext = SSLContexts.custom().loadKeyMaterial(keyStore, password).build();
// 指定TLS版本
SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslcontext, new String[] { "TLSv1" }, null, new DefaultHostnameVerifier());
return sslsf;
} catch (IOException e) {
e.printStackTrace();
} catch (GeneralSecurityException e) {
e.printStackTrace();
}
return null;
}
Also used :
DefaultHostnameVerifier(org.apache.http.conn.ssl.DefaultHostnameVerifier)
GeneralSecurityException(java.security.GeneralSecurityException)
SSLContext(javax.net.ssl.SSLContext)
KeyStore(java.security.KeyStore)
SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory)
Example 9 with SSLConnectionSocketFactory
use of org.apache.http.conn.ssl.SSLConnectionSocketFactory in project dq-easy-cloud by dq-open-cloud.
the class DqWxPayService method wxPayRefund.
/**
* @Author: HONGLINCHEN
* @Description:微信退款 注意::微信金额的单位是分 所以这里要X100 转成int是因为 退款的时候不能有小数点
* @param merchantNumber 商户这边的订单号
* @param wxTransactionNumber 微信那边的交易单号
* @param totalFee 订单的金额
* @Date: 2017-9-12 11:18
*/
@SuppressWarnings("deprecation")
public Object wxPayRefund(DqRefundOrderAbstractDTO refundOrder) {
try {
KeyStore keyStore = KeyStore.getInstance("PKCS12");
FileInputStream instream = new FileInputStream(new File("E:/tools/wx_pay/cert/apiclient_cert.p12"));
try {
keyStore.load(instream, payConfigStorage.getPid().toCharArray());
} finally {
instream.close();
}
// Trust own CA and all self-signed certs
SSLContext sslcontext = SSLContexts.custom().loadKeyMaterial(keyStore, payConfigStorage.getPid().toCharArray()).build();
// Allow TLSv1 protocol only
SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslcontext, new String[] { "TLSv1" }, null, SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
CloseableHttpClient httpclient = HttpClients.custom().setSSLSocketFactory(sslsf).build();
// HttpGet httpget = new
// HttpGet("https://api.mch.weixin.qq.com/secapi/pay/refund");
HttpPost httppost = new HttpPost("https://api.mch.weixin.qq.com/secapi/pay/refund");
// 微信金额的单位是分 所以这里要X100 转成int是因为 退款的时候不能有小数点
// String xml = WXPayUtil.wxPayRefund(merchantNumber,wxTransactionNumber,String.valueOf((int)(totalFee*100)));
// 获取公共参数
Map<String, Object> parameters = getPublicParameters();
if (DqStringUtils.isNotEmpty(refundOrder.getTradeNo())) {
parameters.put(DqWxPayKey.TRANSACTION__ID_KEY, refundOrder.getTradeNo());
} else {
parameters.put(DqWxPayKey.OUT__TRADE__NO_KEY, refundOrder.getOutTradeNo());
}
parameters.put(DqWxPayKey.OUT__REFUND__NO_KEY, refundOrder.getRefundNo());
parameters.put(DqWxPayKey.TOTAL__FEE_KEY, refundOrder.getTotalAmountOfCent());
parameters.put(DqWxPayKey.REFUND__FEE_KEY, refundOrder.getRefundAmount());
parameters.put(DqWxPayKey.OP__USER__ID_KEY, payConfigStorage.getPid());
parameters.put(DqWxPayKey.NONCE__STR_KEY, String.valueOf(System.currentTimeMillis()));
// 设置签名
setSign(parameters);
String xml = DqXMLUtils.getXmlStrFromMap(parameters);
try {
StringEntity se = new StringEntity(xml);
httppost.setEntity(se);
System.out.println("executing request" + httppost.getRequestLine());
CloseableHttpResponse responseEntry = httpclient.execute(httppost);
try {
HttpEntity entity = responseEntry.getEntity();
System.out.println(responseEntry.getStatusLine());
if (entity != null) {
return DqXMLUtils.getMapFromInputStream(entity.getContent());
}
EntityUtils.consume(entity);
} finally {
responseEntry.close();
}
} finally {
httpclient.close();
}
return null;
} catch (Exception e) {
e.printStackTrace();
JSONObject result = new JSONObject();
result.put("status", "error");
result.put("msg", e.getMessage());
return result;
}
}
Also used :
CloseableHttpClient(org.apache.http.impl.client.CloseableHttpClient)
HttpPost(org.apache.http.client.methods.HttpPost)
HttpEntity(org.apache.http.HttpEntity)
SSLContext(javax.net.ssl.SSLContext)
KeyStore(java.security.KeyStore)
SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory)
FileInputStream(java.io.FileInputStream)
IOException(java.io.IOException)
DqBaseBusinessException(com.dq.easy.cloud.module.exception.bo.DqBaseBusinessException)
StringEntity(org.apache.http.entity.StringEntity)
JSONObject(com.alibaba.fastjson.JSONObject)
CloseableHttpResponse(org.apache.http.client.methods.CloseableHttpResponse)
JSONObject(com.alibaba.fastjson.JSONObject)
File(java.io.File)
Example 10 with SSLConnectionSocketFactory
use of org.apache.http.conn.ssl.SSLConnectionSocketFactory in project questdb by bluestreak01.
the class HttpTestUtils method createHttpClient_AcceptsUntrustedCerts.
private static HttpClientBuilder createHttpClient_AcceptsUntrustedCerts() throws Exception {
HttpClientBuilder b = HttpClientBuilder.create();
// setup a Trust Strategy that allows all certificates.
//
SSLContext sslContext = new SSLContextBuilder().loadTrustMaterial(null, (arg0, arg1) -> true).build();
b.setSSLContext(sslContext);
// here's the special part:
// -- need to create an SSL Socket Factory, to use our weakened "trust strategy";
// -- and create a Registry, to register it.
//
SSLConnectionSocketFactory sslSocketFactory = new SSLConnectionSocketFactory(sslContext, (s, sslSession) -> true);
Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create().register("http", PlainConnectionSocketFactory.getSocketFactory()).register("https", sslSocketFactory).build();
// now, we create connection-manager using our Registry.
// -- allows multi-threaded use
b.setConnectionManager(new PoolingHttpClientConnectionManager(socketFactoryRegistry));
return b;
}
Also used :
HttpPost(org.apache.http.client.methods.HttpPost)
CloseableHttpClient(org.apache.http.impl.client.CloseableHttpClient)
SSLContext(javax.net.ssl.SSLContext)
RegistryBuilder(org.apache.http.config.RegistryBuilder)
MultipartEntityBuilder(org.apache.http.entity.mime.MultipartEntityBuilder)
ContentType(org.apache.http.entity.ContentType)
Header(org.apache.http.Header)
SSLContextBuilder(org.apache.http.ssl.SSLContextBuilder)
Registry(org.apache.http.config.Registry)
java.io(java.io)
HttpGet(org.apache.http.client.methods.HttpGet)
CloseableHttpResponse(org.apache.http.client.methods.CloseableHttpResponse)
ConnectionSocketFactory(org.apache.http.conn.socket.ConnectionSocketFactory)
PlainConnectionSocketFactory(org.apache.http.conn.socket.PlainConnectionSocketFactory)
PoolingHttpClientConnectionManager(org.apache.http.impl.conn.PoolingHttpClientConnectionManager)
HttpResponse(org.apache.http.HttpResponse)
StringBody(org.apache.http.entity.mime.content.StringBody)
HttpClientBuilder(org.apache.http.impl.client.HttpClientBuilder)
SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory)
HttpClients(org.apache.http.impl.client.HttpClients)
FileBody(org.apache.http.entity.mime.content.FileBody)
ConnectionSocketFactory(org.apache.http.conn.socket.ConnectionSocketFactory)
PlainConnectionSocketFactory(org.apache.http.conn.socket.PlainConnectionSocketFactory)
SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory)
HttpClientBuilder(org.apache.http.impl.client.HttpClientBuilder)
SSLContext(javax.net.ssl.SSLContext)
SSLContextBuilder(org.apache.http.ssl.SSLContextBuilder)
SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory)
PoolingHttpClientConnectionManager(org.apache.http.impl.conn.PoolingHttpClientConnectionManager)
Aggregations
SSLConnectionSocketFactory (org.apache.http.conn.ssl.SSLConnectionSocketFactory)179
SSLContext (javax.net.ssl.SSLContext)109
ConnectionSocketFactory (org.apache.http.conn.socket.ConnectionSocketFactory)72
PlainConnectionSocketFactory (org.apache.http.conn.socket.PlainConnectionSocketFactory)61
PoolingHttpClientConnectionManager (org.apache.http.impl.conn.PoolingHttpClientConnectionManager)58
SSLContextBuilder (org.apache.http.ssl.SSLContextBuilder)58
IOException (java.io.IOException)49
TrustSelfSignedStrategy (org.apache.http.conn.ssl.TrustSelfSignedStrategy)45
CloseableHttpClient (org.apache.http.impl.client.CloseableHttpClient)44
HttpClientBuilder (org.apache.http.impl.client.HttpClientBuilder)41
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)35
KeyManagementException (java.security.KeyManagementException)34
NoopHostnameVerifier (org.apache.http.conn.ssl.NoopHostnameVerifier)33
HttpClient (org.apache.http.client.HttpClient)28
RequestConfig (org.apache.http.client.config.RequestConfig)28
KeyStoreException (java.security.KeyStoreException)27
KeyStore (java.security.KeyStore)26
HostnameVerifier (javax.net.ssl.HostnameVerifier)26
CertificateException (java.security.cert.CertificateException)24
HttpComponentsClientHttpRequestFactory (org.springframework.http.client.HttpComponentsClientHttpRequestFactory)24
