Search in sources :

Example 46 with TrustSelfSignedStrategy

use of org.apache.http.conn.ssl.TrustSelfSignedStrategy in project oxAuth by GluuFederation.

the class BaseTest method createAcceptSelfSignedSocketFactory.

private static SSLConnectionSocketFactory createAcceptSelfSignedSocketFactory() throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException {
    // Use the TrustSelfSignedStrategy to allow Self Signed Certificates
    SSLContext sslContext = SSLContextBuilder.create().loadTrustMaterial(new TrustSelfSignedStrategy()).build();
    // We can optionally disable hostname verification.
    // If you don't want to further weaken the security, you don't have to include this.
    HostnameVerifier allowAllHosts = new NoopHostnameVerifier();
    // Create an SSL Socket Factory to use the SSLContext with the trust self signed certificate strategy
    // and allow all hosts verifier.
    SSLConnectionSocketFactory connectionFactory = new SSLConnectionSocketFactory(sslContext, allowAllHosts);
    return connectionFactory;
}
Also used : NoopHostnameVerifier(org.apache.http.conn.ssl.NoopHostnameVerifier) SSLContext(javax.net.ssl.SSLContext) SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory) TrustSelfSignedStrategy(org.apache.http.conn.ssl.TrustSelfSignedStrategy) NoopHostnameVerifier(org.apache.http.conn.ssl.NoopHostnameVerifier) HostnameVerifier(javax.net.ssl.HostnameVerifier)

Example 47 with TrustSelfSignedStrategy

use of org.apache.http.conn.ssl.TrustSelfSignedStrategy in project drill by apache.

the class WebUtils method createHttpClient.

private static CloseableHttpAsyncClient createHttpClient(DrillConfig drillConfig) throws Exception {
    HttpAsyncClientBuilder clientBuilder = HttpAsyncClients.custom();
    if (drillConfig.getBoolean(ExecConstants.HTTP_ENABLE_SSL)) {
        SSLContext sslContext = SSLContexts.custom().loadTrustMaterial(new TrustSelfSignedStrategy()).build();
        SSLIOSessionStrategy sessionStrategy = new SSLIOSessionStrategy(sslContext, new String[] { drillConfig.getString(ExecConstants.SSL_PROTOCOL) }, null, SSLIOSessionStrategy.getDefaultHostnameVerifier());
        clientBuilder.setSSLStrategy(sessionStrategy);
    }
    RequestConfig requestConfig = RequestConfig.custom().setConnectTimeout(drillConfig.getInt(ExecConstants.HTTP_CLIENT_TIMEOUT)).build();
    clientBuilder.setDefaultRequestConfig(requestConfig);
    return clientBuilder.build();
}
Also used : RequestConfig(org.apache.http.client.config.RequestConfig) SSLIOSessionStrategy(org.apache.http.nio.conn.ssl.SSLIOSessionStrategy) SSLContext(javax.net.ssl.SSLContext) TrustSelfSignedStrategy(org.apache.http.conn.ssl.TrustSelfSignedStrategy) HttpAsyncClientBuilder(org.apache.http.impl.nio.client.HttpAsyncClientBuilder)

Example 48 with TrustSelfSignedStrategy

use of org.apache.http.conn.ssl.TrustSelfSignedStrategy in project spring-boot by spring-projects.

the class AbstractServletWebServerFactoryTests method serverHeaderIsDisabledByDefaultWhenUsingSsl.

@Test
void serverHeaderIsDisabledByDefaultWhenUsingSsl() throws Exception {
    AbstractServletWebServerFactory factory = getFactory();
    factory.setSsl(getSsl(null, "password", "src/test/resources/test.jks"));
    this.webServer = factory.getWebServer(new ServletRegistrationBean<>(new ExampleServlet(true, false), "/hello"));
    this.webServer.start();
    SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(new SSLContextBuilder().loadTrustMaterial(null, new TrustSelfSignedStrategy()).build());
    HttpClient httpClient = this.httpClientBuilder.get().setSSLSocketFactory(socketFactory).build();
    ClientHttpResponse response = getClientResponse(getLocalUrl("https", "/hello"), HttpMethod.GET, new HttpComponentsClientHttpRequestFactory(httpClient));
    assertThat(response.getHeaders().get("Server")).isNullOrEmpty();
}
Also used : ServletRegistrationBean(org.springframework.boot.web.servlet.ServletRegistrationBean) HttpClient(org.apache.http.client.HttpClient) HttpComponentsClientHttpRequestFactory(org.springframework.http.client.HttpComponentsClientHttpRequestFactory) SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory) SSLContextBuilder(org.apache.http.ssl.SSLContextBuilder) ClientHttpResponse(org.springframework.http.client.ClientHttpResponse) ExampleServlet(org.springframework.boot.testsupport.web.servlet.ExampleServlet) TrustSelfSignedStrategy(org.apache.http.conn.ssl.TrustSelfSignedStrategy) ParameterizedTest(org.junit.jupiter.params.ParameterizedTest) Test(org.junit.jupiter.api.Test)

Example 49 with TrustSelfSignedStrategy

use of org.apache.http.conn.ssl.TrustSelfSignedStrategy in project spring-boot by spring-projects.

the class AbstractServletWebServerFactoryTests method sslWantsClientAuthenticationSucceedsWithClientCertificate.

@Test
void sslWantsClientAuthenticationSucceedsWithClientCertificate() throws Exception {
    AbstractServletWebServerFactory factory = getFactory();
    addTestTxtFile(factory);
    factory.setSsl(getSsl(ClientAuth.WANT, "password", "classpath:test.jks", null, new String[] { "TLSv1.2" }, null));
    this.webServer = factory.getWebServer();
    this.webServer.start();
    KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
    loadStore(keyStore, new FileSystemResource("src/test/resources/test.jks"));
    SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(new SSLContextBuilder().loadTrustMaterial(null, new TrustSelfSignedStrategy()).loadKeyMaterial(keyStore, "password".toCharArray()).build());
    HttpClient httpClient = this.httpClientBuilder.get().setSSLSocketFactory(socketFactory).build();
    HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory(httpClient);
    assertThat(getResponse(getLocalUrl("https", "/test.txt"), requestFactory)).isEqualTo("test");
}
Also used : HttpClient(org.apache.http.client.HttpClient) FileSystemResource(org.springframework.core.io.FileSystemResource) HttpComponentsClientHttpRequestFactory(org.springframework.http.client.HttpComponentsClientHttpRequestFactory) KeyStore(java.security.KeyStore) SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory) SSLContextBuilder(org.apache.http.ssl.SSLContextBuilder) TrustSelfSignedStrategy(org.apache.http.conn.ssl.TrustSelfSignedStrategy) ParameterizedTest(org.junit.jupiter.params.ParameterizedTest) Test(org.junit.jupiter.api.Test)

Example 50 with TrustSelfSignedStrategy

use of org.apache.http.conn.ssl.TrustSelfSignedStrategy in project spring-boot by spring-projects.

the class AbstractServletWebServerFactoryTests method pkcs12KeyStoreAndTrustStore.

@Test
void pkcs12KeyStoreAndTrustStore() throws Exception {
    AbstractServletWebServerFactory factory = getFactory();
    addTestTxtFile(factory);
    factory.setSsl(getSsl(ClientAuth.NEED, null, "classpath:test.p12", "classpath:test.p12", null, null));
    this.webServer = factory.getWebServer();
    this.webServer.start();
    KeyStore keyStore = KeyStore.getInstance("pkcs12");
    loadStore(keyStore, new FileSystemResource("src/test/resources/test.p12"));
    SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(new SSLContextBuilder().loadTrustMaterial(null, new TrustSelfSignedStrategy()).loadKeyMaterial(keyStore, "secret".toCharArray()).build());
    HttpClient httpClient = this.httpClientBuilder.get().setSSLSocketFactory(socketFactory).build();
    HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory(httpClient);
    assertThat(getResponse(getLocalUrl("https", "/test.txt"), requestFactory)).isEqualTo("test");
}
Also used : HttpClient(org.apache.http.client.HttpClient) FileSystemResource(org.springframework.core.io.FileSystemResource) HttpComponentsClientHttpRequestFactory(org.springframework.http.client.HttpComponentsClientHttpRequestFactory) KeyStore(java.security.KeyStore) SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory) SSLContextBuilder(org.apache.http.ssl.SSLContextBuilder) TrustSelfSignedStrategy(org.apache.http.conn.ssl.TrustSelfSignedStrategy) ParameterizedTest(org.junit.jupiter.params.ParameterizedTest) Test(org.junit.jupiter.api.Test)

Aggregations

TrustSelfSignedStrategy (org.apache.http.conn.ssl.TrustSelfSignedStrategy)56 SSLConnectionSocketFactory (org.apache.http.conn.ssl.SSLConnectionSocketFactory)41 SSLContextBuilder (org.apache.http.ssl.SSLContextBuilder)28 SSLContext (javax.net.ssl.SSLContext)20 IOException (java.io.IOException)15 HttpClient (org.apache.http.client.HttpClient)15 KeyStore (java.security.KeyStore)14 HttpComponentsClientHttpRequestFactory (org.springframework.http.client.HttpComponentsClientHttpRequestFactory)14 CloseableHttpClient (org.apache.http.impl.client.CloseableHttpClient)13 Test (org.junit.jupiter.api.Test)10 ParameterizedTest (org.junit.jupiter.params.ParameterizedTest)10 File (java.io.File)9 SSLContextBuilder (org.apache.http.conn.ssl.SSLContextBuilder)9 KeyManagementException (java.security.KeyManagementException)8 KeyStoreException (java.security.KeyStoreException)8 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)8 FileInputStream (java.io.FileInputStream)6 RequestConfig (org.apache.http.client.config.RequestConfig)6 ConnectionSocketFactory (org.apache.http.conn.socket.ConnectionSocketFactory)6 NoopHostnameVerifier (org.apache.http.conn.ssl.NoopHostnameVerifier)6