Examples with SSLConnectionSocketFactory org.apache.http.conn.ssl.SSLConnectionSocketFactory used on opensource projects

Search in sources :

Example 11 with SSLConnectionSocketFactory

use of org.apache.http.conn.ssl.SSLConnectionSocketFactory in project pact-jvm by DiUS.

the class InsecureHttpsRequest method setupInsecureSSL.

private void setupInsecureSSL() throws KeyStoreException, NoSuchAlgorithmException, KeyManagementException {
    HttpClientBuilder b = HttpClientBuilder.create();
    // setup a Trust Strategy that allows all certificates.
    //
    TrustStrategy trustStrategy = (chain, authType) -> true;
    SSLContext sslContext = new SSLContextBuilder().loadTrustMaterial(null, trustStrategy).build();
    b.setSSLContext(sslContext);
    // don't check Hostnames, either.
    //      -- use SSLConnectionSocketFactory.getDefaultHostnameVerifier(), if you don't want to weaken
    HostnameVerifier hostnameVerifier = new NoopHostnameVerifier();
    // here's the special part:
    //      -- need to create an SSL Socket Factory, to use our weakened "trust strategy";
    //      -- and create a Registry, to register it.
    //
    SSLConnectionSocketFactory sslSocketFactory = new SSLConnectionSocketFactory(sslContext, hostnameVerifier);
    Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create().register("http", PlainConnectionSocketFactory.getSocketFactory()).register("https", sslSocketFactory).build();
    // now, we create connection-manager using our Registry.
    //      -- allows multi-threaded use
    PoolingHttpClientConnectionManager connMgr = new PoolingHttpClientConnectionManager(socketFactoryRegistry);
    b.setConnectionManager(connMgr);
    // finally, build the HttpClient;
    //      -- done!
    this.httpclient = b.build();
}
Also used : HttpPost(org.apache.http.client.methods.HttpPost) CloseableHttpClient(org.apache.http.impl.client.CloseableHttpClient) TrustStrategy(org.apache.http.ssl.TrustStrategy) SSLContext(javax.net.ssl.SSLContext) RegistryBuilder(org.apache.http.config.RegistryBuilder) HttpOptions(org.apache.http.client.methods.HttpOptions) IOException(java.io.IOException) KeyManagementException(java.security.KeyManagementException) KeyStoreException(java.security.KeyStoreException) SSLContextBuilder(org.apache.http.ssl.SSLContextBuilder) HttpPut(org.apache.http.client.methods.HttpPut) Registry(org.apache.http.config.Registry) HttpGet(org.apache.http.client.methods.HttpGet) ConnectionSocketFactory(org.apache.http.conn.socket.ConnectionSocketFactory) PlainConnectionSocketFactory(org.apache.http.conn.socket.PlainConnectionSocketFactory) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) PoolingHttpClientConnectionManager(org.apache.http.impl.conn.PoolingHttpClientConnectionManager) NoopHostnameVerifier(org.apache.http.conn.ssl.NoopHostnameVerifier) HttpClientBuilder(org.apache.http.impl.client.HttpClientBuilder) URI(java.net.URI) HostnameVerifier(javax.net.ssl.HostnameVerifier) SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory) TrustStrategy(org.apache.http.ssl.TrustStrategy) ConnectionSocketFactory(org.apache.http.conn.socket.ConnectionSocketFactory) PlainConnectionSocketFactory(org.apache.http.conn.socket.PlainConnectionSocketFactory) SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory) NoopHostnameVerifier(org.apache.http.conn.ssl.NoopHostnameVerifier) HttpClientBuilder(org.apache.http.impl.client.HttpClientBuilder) SSLContext(javax.net.ssl.SSLContext) SSLContextBuilder(org.apache.http.ssl.SSLContextBuilder) SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory) NoopHostnameVerifier(org.apache.http.conn.ssl.NoopHostnameVerifier) HostnameVerifier(javax.net.ssl.HostnameVerifier) PoolingHttpClientConnectionManager(org.apache.http.impl.conn.PoolingHttpClientConnectionManager)

Example 12 with SSLConnectionSocketFactory

use of org.apache.http.conn.ssl.SSLConnectionSocketFactory in project opennms by OpenNMS.

the class HttpClientWrapper method configureSSLContext.

protected void configureSSLContext(final HttpClientBuilder builder) {
    final RegistryBuilder<ConnectionSocketFactory> registryBuilder = RegistryBuilder.<ConnectionSocketFactory>create();
    for (final Map.Entry<String, SSLContext> entry : m_sslContext.entrySet()) {
        final SSLConnectionSocketFactory sslConnectionFactory = new SSLConnectionSocketFactory(entry.getValue(), SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
        registryBuilder.register(entry.getKey(), sslConnectionFactory);
    }
    if (!m_sslContext.containsKey("http")) {
        registryBuilder.register("http", PlainConnectionSocketFactory.INSTANCE);
    }
    if (!m_sslContext.containsKey("https")) {
        registryBuilder.register("https", SSLConnectionSocketFactory.getSystemSocketFactory());
    }
    final HttpClientConnectionManager ccm = new BasicHttpClientConnectionManager(registryBuilder.build());
    builder.setConnectionManager(ccm);
}
Also used : SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory) ConnectionSocketFactory(org.apache.http.conn.socket.ConnectionSocketFactory) PlainConnectionSocketFactory(org.apache.http.conn.socket.PlainConnectionSocketFactory) SSLContext(javax.net.ssl.SSLContext) HttpClientConnectionManager(org.apache.http.conn.HttpClientConnectionManager) BasicHttpClientConnectionManager(org.apache.http.impl.conn.BasicHttpClientConnectionManager) Map(java.util.Map) HashMap(java.util.HashMap) SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory) BasicHttpClientConnectionManager(org.apache.http.impl.conn.BasicHttpClientConnectionManager)

Example 13 with SSLConnectionSocketFactory

use of org.apache.http.conn.ssl.SSLConnectionSocketFactory in project portal by ixinportal.

the class RestTemplateUtils method acceptsUntrustedCertsHttpClient.

public static CloseableHttpClient acceptsUntrustedCertsHttpClient() throws KeyStoreException, NoSuchAlgorithmException, KeyManagementException {
    HttpClientBuilder b = HttpClientBuilder.create();
    // setup a Trust Strategy that allows all certificates.
    // 
    SSLContext sslContext = new SSLContextBuilder().loadTrustMaterial(null, new TrustStrategy() {

        public boolean isTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {
            return true;
        }
    }).build();
    b.setSslcontext(sslContext);
    // don't check Hostnames, either.
    // -- use SSLConnectionSocketFactory.getDefaultHostnameVerifier(), if you don't want to weaken
    HostnameVerifier hostnameVerifier = NoopHostnameVerifier.INSTANCE;
    // here's the special part:
    // -- need to create an SSL Socket Factory, to use our weakened "trust strategy";
    // -- and create a Registry, to register it.
    // 
    SSLConnectionSocketFactory sslSocketFactory = new SSLConnectionSocketFactory(sslContext, hostnameVerifier);
    Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create().register("http", PlainConnectionSocketFactory.getSocketFactory()).register("https", sslSocketFactory).build();
    // now, we create connection-manager using our Registry.
    // -- allows multi-threaded use
    PoolingHttpClientConnectionManager connMgr = new PoolingHttpClientConnectionManager(socketFactoryRegistry);
    connMgr.setMaxTotal(200);
    connMgr.setDefaultMaxPerRoute(100);
    b.setConnectionManager(connMgr);
    // finally, build the HttpClient;
    // -- done!
    CloseableHttpClient client = b.build();
    return client;
}
Also used : CloseableHttpClient(org.apache.http.impl.client.CloseableHttpClient) TrustStrategy(org.apache.http.ssl.TrustStrategy) ConnectionSocketFactory(org.apache.http.conn.socket.ConnectionSocketFactory) PlainConnectionSocketFactory(org.apache.http.conn.socket.PlainConnectionSocketFactory) SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory) HttpClientBuilder(org.apache.http.impl.client.HttpClientBuilder) SSLContext(javax.net.ssl.SSLContext) SSLContextBuilder(org.apache.http.ssl.SSLContextBuilder) SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory) NoopHostnameVerifier(org.apache.http.conn.ssl.NoopHostnameVerifier) HostnameVerifier(javax.net.ssl.HostnameVerifier) PoolingHttpClientConnectionManager(org.apache.http.impl.conn.PoolingHttpClientConnectionManager)

Example 14 with SSLConnectionSocketFactory

use of org.apache.http.conn.ssl.SSLConnectionSocketFactory in project fabric8 by jboss-fuse.

the class HttpClients method createConnManager.

private static PoolingHttpClientConnectionManager createConnManager(PropertyResolver resolver, String pid) {
    boolean SSL_INSECURE = getBoolean(resolver, "maven.wagon.http.ssl.insecure", !getBoolean(resolver, pid + "certificateCheck", false));
    boolean IGNORE_SSL_VALIDITY_DATES = getBoolean(resolver, "maven.wagon.http.ssl.ignore.validity.dates", false);
    boolean SSL_ALLOW_ALL = getBoolean(resolver, "maven.wagon.http.ssl.allowall", !getBoolean(resolver, pid + "certificateCheck", false));
    boolean PERSISTENT_POOL = getBoolean(resolver, "maven.wagon.http.pool", true);
    int MAX_CONN_PER_ROUTE = getInteger(resolver, "maven.wagon.httpconnectionManager.maxPerRoute", 20);
    int MAX_CONN_TOTAL = getInteger(resolver, "maven.wagon.httpconnectionManager.maxTotal", 40);
    String sslProtocolsStr = getProperty(resolver, "https.protocols", null);
    String cipherSuitesStr = getProperty(resolver, "https.cipherSuites", null);
    String[] sslProtocols = sslProtocolsStr != null ? sslProtocolsStr.split(" *, *") : null;
    String[] cipherSuites = cipherSuitesStr != null ? cipherSuitesStr.split(" *, *") : null;
    SSLConnectionSocketFactory sslConnectionSocketFactory;
    if (SSL_INSECURE) {
        try {
            SSLContext sslContext = new SSLContextBuilder().loadTrustMaterial(null, new RelaxedTrustStrategy(IGNORE_SSL_VALIDITY_DATES)).build();
            sslConnectionSocketFactory = new SSLConnectionSocketFactory(sslContext, sslProtocols, cipherSuites, SSL_ALLOW_ALL ? NoopHostnameVerifier.INSTANCE : new DefaultHostnameVerifier());
        } catch (Exception ex) {
            throw new SSLInitializationException(ex.getMessage(), ex);
        }
    } else {
        sslConnectionSocketFactory = new SSLConnectionSocketFactory(HttpsURLConnection.getDefaultSSLSocketFactory(), sslProtocols, cipherSuites, new DefaultHostnameVerifier());
    }
    Registry<ConnectionSocketFactory> registry = RegistryBuilder.<ConnectionSocketFactory>create().register("http", PlainConnectionSocketFactory.INSTANCE).register("https", sslConnectionSocketFactory).build();
    PoolingHttpClientConnectionManager connManager = new PoolingHttpClientConnectionManager(registry);
    if (PERSISTENT_POOL) {
        connManager.setDefaultMaxPerRoute(MAX_CONN_PER_ROUTE);
        connManager.setMaxTotal(MAX_CONN_TOTAL);
    } else {
        connManager.setMaxTotal(1);
    }
    boolean soKeepAlive = getBoolean(resolver, pid + ServiceConstants.PROPERTY_SOCKET_SO_KEEPALIVE, false);
    int soLinger = getInteger(resolver, pid + ServiceConstants.PROPERTY_SOCKET_SO_LINGER, -1);
    boolean soReuseAddress = getBoolean(resolver, pid + ServiceConstants.PROPERTY_SOCKET_SO_REUSEADDRESS, false);
    boolean soTcpNoDelay = getBoolean(resolver, pid + ServiceConstants.PROPERTY_SOCKET_TCP_NODELAY, true);
    // int soTimeout = getInteger( resolver, pid + ServiceConstants.PROPERTY_SOCKET_SO_TIMEOUT, 0 );
    SocketConfig socketConfig = SocketConfig.custom().setSoKeepAlive(// default false
    soKeepAlive).setSoLinger(// default -1
    soLinger).setSoReuseAddress(// default false
    soReuseAddress).setTcpNoDelay(// default true
    soTcpNoDelay).setSoTimeout(// default 0, but set in org.apache.http.impl.conn.CPoolProxy.setSocketTimeout()
    0).build();
    connManager.setDefaultSocketConfig(socketConfig);
    int bufferSize = getInteger(resolver, pid + ServiceConstants.PROPERTY_CONNECTION_BUFFER_SIZE, 8192);
    ConnectionConfig connectionConfig = ConnectionConfig.custom().setBufferSize(// default 8192
    bufferSize).setFragmentSizeHint(// default 'buffer size'
    bufferSize).build();
    connManager.setDefaultConnectionConfig(connectionConfig);
    return connManager;
}
Also used : SocketConfig(org.apache.http.config.SocketConfig) RelaxedTrustStrategy(org.apache.maven.wagon.providers.http.RelaxedTrustStrategy) SSLContext(javax.net.ssl.SSLContext) SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory) SSLInitializationException(org.apache.http.conn.ssl.SSLInitializationException) PoolingHttpClientConnectionManager(org.apache.http.impl.conn.PoolingHttpClientConnectionManager) ConnectionSocketFactory(org.apache.http.conn.socket.ConnectionSocketFactory) PlainConnectionSocketFactory(org.apache.http.conn.socket.PlainConnectionSocketFactory) SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory) DefaultHostnameVerifier(org.apache.http.conn.ssl.DefaultHostnameVerifier) SSLInitializationException(org.apache.http.conn.ssl.SSLInitializationException) SSLContextBuilder(org.apache.http.ssl.SSLContextBuilder) ConnectionConfig(org.apache.http.config.ConnectionConfig)

Example 15 with SSLConnectionSocketFactory

use of org.apache.http.conn.ssl.SSLConnectionSocketFactory in project mxisd by kamax-io.

the class InvitationManager method postConstruct.

@PostConstruct
private void postConstruct() {
    gson = new Gson();
    log.info("Loading saved invites");
    Collection<ThreePidInviteIO> ioList = storage.getInvites();
    ioList.forEach(io -> {
        log.info("Processing invite {}", gson.toJson(io));
        ThreePidInvite invite = new ThreePidInvite(new MatrixID(io.getSender()), io.getMedium(), io.getAddress(), io.getRoomId(), io.getProperties());
        ThreePidInviteReply reply = new ThreePidInviteReply(getId(invite), invite, io.getToken(), "");
        invitations.put(reply.getId(), reply);
    });
    // FIXME export such madness into matrix-java-sdk with a nice wrapper to talk to a homeserver
    try {
        SSLContext sslContext = SSLContextBuilder.create().loadTrustMaterial(new TrustSelfSignedStrategy()).build();
        HostnameVerifier hostnameVerifier = new NoopHostnameVerifier();
        SSLConnectionSocketFactory sslSocketFactory = new SSLConnectionSocketFactory(sslContext, hostnameVerifier);
        client = HttpClients.custom().setSSLSocketFactory(sslSocketFactory).build();
    } catch (Exception e) {
        // FIXME do better...
        throw new RuntimeException(e);
    }
    log.info("Setting up invitation mapping refresh timer");
    refreshTimer = new Timer();
    refreshTimer.scheduleAtFixedRate(new TimerTask() {

        @Override
        public void run() {
            try {
                lookupMappingsForInvites();
            } catch (Throwable t) {
                log.error("Error when running background mapping refresh", t);
            }
        }
    }, 5000L, TimeUnit.MILLISECONDS.convert(cfg.getResolution().getTimer(), TimeUnit.MINUTES));
}
Also used : NoopHostnameVerifier(org.apache.http.conn.ssl.NoopHostnameVerifier) ThreePidInviteIO(io.kamax.mxisd.storage.ormlite.ThreePidInviteIO) Gson(com.google.gson.Gson) SSLContext(javax.net.ssl.SSLContext) SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory) MappingAlreadyExistsException(io.kamax.mxisd.exception.MappingAlreadyExistsException) BadRequestException(io.kamax.mxisd.exception.BadRequestException) MalformedURLException(java.net.MalformedURLException) IOException(java.io.IOException) NoopHostnameVerifier(org.apache.http.conn.ssl.NoopHostnameVerifier) HostnameVerifier(javax.net.ssl.HostnameVerifier) MatrixID(io.kamax.matrix.MatrixID) TrustSelfSignedStrategy(org.apache.http.conn.ssl.TrustSelfSignedStrategy) PostConstruct(javax.annotation.PostConstruct)

Aggregations

SSLConnectionSocketFactory (org.apache.http.conn.ssl.SSLConnectionSocketFactory)179 SSLContext (javax.net.ssl.SSLContext)109 ConnectionSocketFactory (org.apache.http.conn.socket.ConnectionSocketFactory)72 PlainConnectionSocketFactory (org.apache.http.conn.socket.PlainConnectionSocketFactory)61 PoolingHttpClientConnectionManager (org.apache.http.impl.conn.PoolingHttpClientConnectionManager)58 SSLContextBuilder (org.apache.http.ssl.SSLContextBuilder)58 IOException (java.io.IOException)49 TrustSelfSignedStrategy (org.apache.http.conn.ssl.TrustSelfSignedStrategy)45 CloseableHttpClient (org.apache.http.impl.client.CloseableHttpClient)44 HttpClientBuilder (org.apache.http.impl.client.HttpClientBuilder)41 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)35 KeyManagementException (java.security.KeyManagementException)34 NoopHostnameVerifier (org.apache.http.conn.ssl.NoopHostnameVerifier)33 HttpClient (org.apache.http.client.HttpClient)28 RequestConfig (org.apache.http.client.config.RequestConfig)28 KeyStoreException (java.security.KeyStoreException)27 KeyStore (java.security.KeyStore)26 HostnameVerifier (javax.net.ssl.HostnameVerifier)26 CertificateException (java.security.cert.CertificateException)24 HttpComponentsClientHttpRequestFactory (org.springframework.http.client.HttpComponentsClientHttpRequestFactory)24
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial