Example 21 with SSLConnectionSocketFactory
use of org.apache.http.conn.ssl.SSLConnectionSocketFactory in project csb-sdk by aliyun.
the class HttpClientFactory method createConnManager.
/**
* Create a connection pool which supports http and https socket
* @return
* @throws HttpCallerException
*/
public static PoolingHttpClientConnectionManager createConnManager() throws HttpCallerException {
try {
// ignore SSL certificate info with the below two setting:
// 1. trust https server certificate always.
SSLContext sslContext = new SSLContextBuilder().loadTrustMaterial(null, new TrustStrategy() {
@Override
public boolean isTrusted(java.security.cert.X509Certificate[] chain, String authType) throws java.security.cert.CertificateException {
return true;
}
}).build();
// 2. hostname verifier pass
HostnameVerifier hostnameVerifier = NoopHostnameVerifier.INSTANCE;
SSLConnectionSocketFactory sslSocketFactory = new SSLConnectionSocketFactory(sslContext, hostnameVerifier);
Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create().register("http", PlainConnectionSocketFactory.getSocketFactory()).register("https", sslSocketFactory).build();
return new PoolingHttpClientConnectionManager(socketFactoryRegistry);
} catch (Exception e) {
throw new HttpCallerException("Failed to create httpclient: " + e.getMessage(), e);
}
}
Also used :
TrustStrategy(org.apache.http.conn.ssl.TrustStrategy)
SSLContext(javax.net.ssl.SSLContext)
SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory)
HttpCallerException(com.alibaba.csb.sdk.HttpCallerException)
NoopHostnameVerifier(org.apache.http.conn.ssl.NoopHostnameVerifier)
HostnameVerifier(javax.net.ssl.HostnameVerifier)
PoolingHttpClientConnectionManager(org.apache.http.impl.conn.PoolingHttpClientConnectionManager)
ConnectionSocketFactory(org.apache.http.conn.socket.ConnectionSocketFactory)
PlainConnectionSocketFactory(org.apache.http.conn.socket.PlainConnectionSocketFactory)
SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory)
HttpCallerException(com.alibaba.csb.sdk.HttpCallerException)
SSLContextBuilder(org.apache.http.ssl.SSLContextBuilder)
Example 22 with SSLConnectionSocketFactory
use of org.apache.http.conn.ssl.SSLConnectionSocketFactory in project tephra by heisedebaise.
the class HttpImpl method onContextRefreshed.
@Override
public void onContextRefreshed() {
try {
SSLContext sslContext = SSLContext.getInstance("SSLv3");
sslContext.init(null, new TrustManager[] { new X509TrustManager() {
public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
}
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
}
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}
} }, null);
SSLConnectionSocketFactory sslConnectionSocketFactory = new SSLConnectionSocketFactory(sslContext, NoopHostnameVerifier.INSTANCE);
Registry<ConnectionSocketFactory> registry = RegistryBuilder.<ConnectionSocketFactory>create().register("http", PlainConnectionSocketFactory.INSTANCE).register("https", sslConnectionSocketFactory).build();
manager = new PoolingHttpClientConnectionManager(registry);
manager.setMaxTotal(max);
manager.setDefaultMaxPerRoute(max >> 3);
} catch (Exception e) {
logger.warn(e, "初始化HTTP/S客户端时发生异常!");
}
}
Also used :
PlainConnectionSocketFactory(org.apache.http.conn.socket.PlainConnectionSocketFactory)
SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory)
ConnectionSocketFactory(org.apache.http.conn.socket.ConnectionSocketFactory)
X509TrustManager(javax.net.ssl.X509TrustManager)
CertificateException(java.security.cert.CertificateException)
SSLContext(javax.net.ssl.SSLContext)
SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory)
X509Certificate(java.security.cert.X509Certificate)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
UnsupportedEncodingException(java.io.UnsupportedEncodingException)
PoolingHttpClientConnectionManager(org.apache.http.impl.conn.PoolingHttpClientConnectionManager)
Example 23 with SSLConnectionSocketFactory
use of org.apache.http.conn.ssl.SSLConnectionSocketFactory in project tutorials by eugenp.
the class HttpsClientSslLiveTest method givenHttpClientAfter4_3_whenAcceptingAllCertificates_thenCanConsumeHttpsUriWithSelfSignedCertificate.
@Test
public final void givenHttpClientAfter4_3_whenAcceptingAllCertificates_thenCanConsumeHttpsUriWithSelfSignedCertificate() throws IOException, GeneralSecurityException {
final TrustStrategy acceptingTrustStrategy = (certificate, authType) -> true;
final SSLContext sslContext = SSLContexts.custom().loadTrustMaterial(null, acceptingTrustStrategy).build();
final SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslContext, SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
final CloseableHttpClient httpClient = HttpClients.custom().setHostnameVerifier(SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER).setSSLSocketFactory(sslsf).build();
final HttpGet getMethod = new HttpGet(HOST_WITH_SSL);
final HttpResponse response = httpClient.execute(getMethod);
assertThat(response.getStatusLine().getStatusCode(), equalTo(200));
httpClient.close();
}
Also used :
DefaultHttpClient(org.apache.http.impl.client.DefaultHttpClient)
SchemeRegistry(org.apache.http.conn.scheme.SchemeRegistry)
CloseableHttpClient(org.apache.http.impl.client.CloseableHttpClient)
SSLContext(javax.net.ssl.SSLContext)
ClientConnectionManager(org.apache.http.conn.ClientConnectionManager)
TrustStrategy(org.apache.http.conn.ssl.TrustStrategy)
SSLHandshakeException(javax.net.ssl.SSLHandshakeException)
CoreMatchers.equalTo(org.hamcrest.CoreMatchers.equalTo)
Test(org.junit.Test)
IOException(java.io.IOException)
SSLContextBuilder(org.apache.http.ssl.SSLContextBuilder)
Assert.assertThat(org.junit.Assert.assertThat)
Scheme(org.apache.http.conn.scheme.Scheme)
GeneralSecurityException(java.security.GeneralSecurityException)
HttpGet(org.apache.http.client.methods.HttpGet)
SSLContexts(org.apache.http.ssl.SSLContexts)
HttpResponse(org.apache.http.HttpResponse)
SSLSocketFactory(org.apache.http.conn.ssl.SSLSocketFactory)
NoopHostnameVerifier(org.apache.http.conn.ssl.NoopHostnameVerifier)
HttpClientBuilder(org.apache.http.impl.client.HttpClientBuilder)
PoolingClientConnectionManager(org.apache.http.impl.conn.PoolingClientConnectionManager)
SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory)
TrustSelfSignedStrategy(org.apache.http.conn.ssl.TrustSelfSignedStrategy)
HttpClients(org.apache.http.impl.client.HttpClients)
CloseableHttpClient(org.apache.http.impl.client.CloseableHttpClient)
TrustStrategy(org.apache.http.conn.ssl.TrustStrategy)
HttpGet(org.apache.http.client.methods.HttpGet)
HttpResponse(org.apache.http.HttpResponse)
SSLContext(javax.net.ssl.SSLContext)
SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory)
Test(org.junit.Test)
Example 24 with SSLConnectionSocketFactory
use of org.apache.http.conn.ssl.SSLConnectionSocketFactory in project fabric-sdk-java by hyperledger.
the class HFCAClient method setUpSSL.
private void setUpSSL() throws InvalidArgumentException {
if (cryptoPrimitives == null) {
try {
cryptoPrimitives = new CryptoPrimitives();
cryptoPrimitives.init();
} catch (Exception e) {
throw new InvalidArgumentException(e);
}
}
if (isSSL && null == registry) {
if (properties.containsKey("pemBytes") && properties.containsKey("pemFile")) {
throw new InvalidArgumentException("Properties can not have both \"pemBytes\" and \"pemFile\" specified. ");
}
try {
if (properties.containsKey("pemBytes")) {
byte[] pemBytes = (byte[]) properties.get("pemBytes");
cryptoPrimitives.addCACertificateToTrustStore(pemBytes, pemBytes.toString());
} else {
String pemFile = properties.getProperty("pemFile");
if (pemFile != null) {
cryptoPrimitives.addCACertificateToTrustStore(new File(pemFile), pemFile);
}
}
SSLContext sslContext = SSLContexts.custom().loadTrustMaterial(cryptoPrimitives.getTrustStore(), null).build();
ConnectionSocketFactory sf;
if (null != properties && "true".equals(properties.getProperty("allowAllHostNames"))) {
AllHostsSSLSocketFactory msf = new AllHostsSSLSocketFactory(cryptoPrimitives.getTrustStore());
msf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
sf = msf;
} else {
sf = new SSLConnectionSocketFactory(sslContext);
}
registry = RegistryBuilder.<ConnectionSocketFactory>create().register("https", sf).register("http", new PlainConnectionSocketFactory()).build();
} catch (Exception e) {
logger.error(e);
throw new InvalidArgumentException(e);
}
}
}
Also used :
SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory)
ConnectionSocketFactory(org.apache.http.conn.socket.ConnectionSocketFactory)
PlainConnectionSocketFactory(org.apache.http.conn.socket.PlainConnectionSocketFactory)
InvalidArgumentException(org.hyperledger.fabric_ca.sdk.exception.InvalidArgumentException)
ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString)
SSLContext(javax.net.ssl.SSLContext)
PlainConnectionSocketFactory(org.apache.http.conn.socket.PlainConnectionSocketFactory)
File(java.io.File)
SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory)
InvalidArgumentException(org.hyperledger.fabric_ca.sdk.exception.InvalidArgumentException)
URISyntaxException(java.net.URISyntaxException)
RegistrationException(org.hyperledger.fabric_ca.sdk.exception.RegistrationException)
KeyStoreException(java.security.KeyStoreException)
AffiliationException(org.hyperledger.fabric_ca.sdk.exception.AffiliationException)
GenerateCRLException(org.hyperledger.fabric_ca.sdk.exception.GenerateCRLException)
KeyManagementException(java.security.KeyManagementException)
IdentityException(org.hyperledger.fabric_ca.sdk.exception.IdentityException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
EnrollmentException(org.hyperledger.fabric_ca.sdk.exception.EnrollmentException)
UnrecoverableKeyException(java.security.UnrecoverableKeyException)
RevocationException(org.hyperledger.fabric_ca.sdk.exception.RevocationException)
ParseException(org.apache.http.ParseException)
MalformedURLException(java.net.MalformedURLException)
InfoException(org.hyperledger.fabric_ca.sdk.exception.InfoException)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
HTTPException(org.hyperledger.fabric_ca.sdk.exception.HTTPException)
CryptoPrimitives(org.hyperledger.fabric.sdk.security.CryptoPrimitives)
Example 25 with SSLConnectionSocketFactory
use of org.apache.http.conn.ssl.SSLConnectionSocketFactory in project cosmic by MissionCriticalCloud.
the class HttpClientHelper method createSocketFactoryConfigration.
private static Registry<ConnectionSocketFactory> createSocketFactoryConfigration() throws KeyManagementException, NoSuchAlgorithmException, KeyStoreException {
final Registry<ConnectionSocketFactory> socketFactoryRegistry;
final SSLContext sslContext = SSLContexts.custom().loadTrustMaterial(new TrustSelfSignedStrategy()).build();
final SSLConnectionSocketFactory cnnectionSocketFactory = new SSLConnectionSocketFactory(sslContext, NoopHostnameVerifier.INSTANCE);
socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create().register(HTTPS, cnnectionSocketFactory).build();
return socketFactoryRegistry;
}
Also used :
ConnectionSocketFactory(org.apache.http.conn.socket.ConnectionSocketFactory)
SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory)
SSLContext(javax.net.ssl.SSLContext)
SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory)
TrustSelfSignedStrategy(org.apache.http.conn.ssl.TrustSelfSignedStrategy)
Aggregations
SSLConnectionSocketFactory (org.apache.http.conn.ssl.SSLConnectionSocketFactory)179
SSLContext (javax.net.ssl.SSLContext)109
ConnectionSocketFactory (org.apache.http.conn.socket.ConnectionSocketFactory)72
PlainConnectionSocketFactory (org.apache.http.conn.socket.PlainConnectionSocketFactory)61
PoolingHttpClientConnectionManager (org.apache.http.impl.conn.PoolingHttpClientConnectionManager)58
SSLContextBuilder (org.apache.http.ssl.SSLContextBuilder)58
IOException (java.io.IOException)49
TrustSelfSignedStrategy (org.apache.http.conn.ssl.TrustSelfSignedStrategy)45
CloseableHttpClient (org.apache.http.impl.client.CloseableHttpClient)44
HttpClientBuilder (org.apache.http.impl.client.HttpClientBuilder)41
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)35
KeyManagementException (java.security.KeyManagementException)34
NoopHostnameVerifier (org.apache.http.conn.ssl.NoopHostnameVerifier)33
HttpClient (org.apache.http.client.HttpClient)28
RequestConfig (org.apache.http.client.config.RequestConfig)28
KeyStoreException (java.security.KeyStoreException)27
KeyStore (java.security.KeyStore)26
HostnameVerifier (javax.net.ssl.HostnameVerifier)26
CertificateException (java.security.cert.CertificateException)24
HttpComponentsClientHttpRequestFactory (org.springframework.http.client.HttpComponentsClientHttpRequestFactory)24
