Examples with X509HostnameVerifier org.apache.http.conn.ssl.X509HostnameVerifier used on opensource projects

Search in sources :

Example 1 with X509HostnameVerifier

use of org.apache.http.conn.ssl.X509HostnameVerifier in project OpenAttestation by OpenAttestation.

the class SslUtil method getServerCertificates.

public static X509Certificate[] getServerCertificates(URL url) throws NoSuchAlgorithmException, KeyManagementException, IOException {
    if (!"https".equals(url.getProtocol())) {
        throw new IllegalArgumentException("URL scheme must be https");
    }
    int port = url.getPort();
    if (port == -1) {
        port = 443;
    }
    X509HostnameVerifier hostnameVerifier = new NopX509HostnameVerifierApache();
    CertificateStoringX509TrustManager trustManager = new CertificateStoringX509TrustManager();
    SSLContext sslcontext = SSLContext.getInstance("TLS");
    sslcontext.init(null, new X509TrustManager[] { trustManager }, null);
    SSLSocketFactory sf = new SSLSocketFactory(sslcontext, hostnameVerifier);
    Scheme https = new Scheme("https", port, sf);
    SchemeRegistry sr = new SchemeRegistry();
    sr.register(https);
    BasicClientConnectionManager connectionManager = new BasicClientConnectionManager(sr);
    HttpParams httpParams = new BasicHttpParams();
    httpParams.setParameter(ClientPNames.HANDLE_REDIRECTS, false);
    HttpClient httpClient = new DefaultHttpClient(connectionManager, httpParams);
    log.debug("Saving certificates from server URL: {}", url.toExternalForm());
    HttpHead request = new HttpHead(url.toExternalForm());
    HttpResponse response = httpClient.execute(request);
    log.debug("Server status line: {} {} ({})", new String[] { response.getProtocolVersion().getProtocol(), response.getStatusLine().getReasonPhrase(), String.valueOf(response.getStatusLine().getStatusCode()) });
    httpClient.getConnectionManager().shutdown();
    return trustManager.getStoredCertificates();
}
Also used : Scheme(org.apache.http.conn.scheme.Scheme) HttpResponse(org.apache.http.HttpResponse) SSLContext(javax.net.ssl.SSLContext) DefaultHttpClient(org.apache.http.impl.client.DefaultHttpClient) HttpHead(org.apache.http.client.methods.HttpHead) BasicHttpParams(org.apache.http.params.BasicHttpParams) HttpParams(org.apache.http.params.HttpParams) X509HostnameVerifier(org.apache.http.conn.ssl.X509HostnameVerifier) SchemeRegistry(org.apache.http.conn.scheme.SchemeRegistry) DefaultHttpClient(org.apache.http.impl.client.DefaultHttpClient) HttpClient(org.apache.http.client.HttpClient) BasicClientConnectionManager(org.apache.http.impl.conn.BasicClientConnectionManager) SSLSocketFactory(org.apache.http.conn.ssl.SSLSocketFactory) BasicHttpParams(org.apache.http.params.BasicHttpParams)

Example 2 with X509HostnameVerifier

use of org.apache.http.conn.ssl.X509HostnameVerifier in project platformlayer by platformlayer.

the class MetricClientImpl method buildHttpClient.

private HttpClient buildHttpClient(CertificateAndKey certificateAndKey, List<String> trustKeys) {
    int port = metricBaseUrl.getPort();
    if (port == -1) {
        String scheme = metricBaseUrl.getScheme();
        if (scheme.equals("https")) {
            port = 443;
        } else if (scheme.equals("http")) {
            port = 80;
        } else {
            throw new IllegalArgumentException("Unknown scheme: " + scheme);
        }
    }
    SchemeSocketFactory schemeSocketFactory;
    try {
        KeyManager keyManager = new SimpleClientCertificateKeyManager(certificateAndKey);
        TrustManager trustManager;
        X509HostnameVerifier hostnameVerifier;
        if (trustKeys != null) {
            trustManager = new PublicKeyTrustManager(trustKeys);
            hostnameVerifier = SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER;
        } else {
            trustManager = null;
            hostnameVerifier = SSLSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER;
        }
        javax.net.ssl.SSLSocketFactory sslSocketFactory = SslHelpers.buildSslSocketFactory(keyManager, trustManager);
        schemeSocketFactory = new SSLSocketFactory(sslSocketFactory, hostnameVerifier);
    } catch (GeneralSecurityException e) {
        throw new IllegalArgumentException("Error building SSL client", e);
    }
    SchemeRegistry schemeRegistry = new SchemeRegistry();
    schemeRegistry.register(new Scheme("https", port, schemeSocketFactory));
    PoolingClientConnectionManager connectionManager = new PoolingClientConnectionManager(schemeRegistry);
    HttpClient httpClient = new DefaultHttpClient(connectionManager);
    httpClient = new DecompressingHttpClient(httpClient);
    return httpClient;
}
Also used : SimpleClientCertificateKeyManager(com.fathomdb.crypto.SimpleClientCertificateKeyManager) PoolingClientConnectionManager(org.apache.http.impl.conn.PoolingClientConnectionManager) Scheme(org.apache.http.conn.scheme.Scheme) PublicKeyTrustManager(com.fathomdb.crypto.ssl.PublicKeyTrustManager) SchemeSocketFactory(org.apache.http.conn.scheme.SchemeSocketFactory) GeneralSecurityException(java.security.GeneralSecurityException) DecompressingHttpClient(org.apache.http.impl.client.DecompressingHttpClient) DefaultHttpClient(org.apache.http.impl.client.DefaultHttpClient) TrustManager(javax.net.ssl.TrustManager) PublicKeyTrustManager(com.fathomdb.crypto.ssl.PublicKeyTrustManager) X509HostnameVerifier(org.apache.http.conn.ssl.X509HostnameVerifier) SchemeRegistry(org.apache.http.conn.scheme.SchemeRegistry) DefaultHttpClient(org.apache.http.impl.client.DefaultHttpClient) DecompressingHttpClient(org.apache.http.impl.client.DecompressingHttpClient) HttpClient(org.apache.http.client.HttpClient) SSLSocketFactory(org.apache.http.conn.ssl.SSLSocketFactory) SimpleClientCertificateKeyManager(com.fathomdb.crypto.SimpleClientCertificateKeyManager) KeyManager(javax.net.ssl.KeyManager)

Example 3 with X509HostnameVerifier

use of org.apache.http.conn.ssl.X509HostnameVerifier in project platformlayer by platformlayer.

the class ApacheCommonsHttpConfiguration method buildHttpClient.

HttpClient buildHttpClient(SslConfiguration sslConfiguration) {
    HttpParams httpParams = null;
    if (sslConfiguration == null || sslConfiguration.isEmpty()) {
        sslConfiguration = null;
    }
    ClientConnectionManager connectionManager;
    if (sslConfiguration != null) {
        SchemeSocketFactory schemeSocketFactory;
        try {
            javax.net.ssl.SSLSocketFactory sslSocketFactory = sslConfiguration.getSslSocketFactory();
            X509HostnameVerifier apacheHostnameVerifier = null;
            if (sslConfiguration.getHostnameVerifier() != null) {
                apacheHostnameVerifier = new ApacheHostnameVerifierAdapter(sslConfiguration.getHostnameVerifier());
            } else {
                apacheHostnameVerifier = new ApacheHostnameVerifierAdapter(SSLSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER);
            }
            schemeSocketFactory = new SSLSocketFactory(sslSocketFactory, apacheHostnameVerifier);
        } catch (GeneralSecurityException e) {
            throw new IllegalArgumentException("Error building SSL client", e);
        }
        SchemeRegistry schemeRegistry = new SchemeRegistry();
        schemeRegistry.register(new Scheme("https", 443, schemeSocketFactory));
        connectionManager = buildConnectionManager(schemeRegistry);
    } else {
        SchemeRegistry schemeRegistry = SchemeRegistryFactory.createDefault();
        connectionManager = buildConnectionManager(schemeRegistry);
    }
    HttpClient httpClient = buildDefaultHttpClient(connectionManager, httpParams);
    httpClient = wrapHttpClient(httpClient);
    return httpClient;
}
Also used : Scheme(org.apache.http.conn.scheme.Scheme) SchemeSocketFactory(org.apache.http.conn.scheme.SchemeSocketFactory) GeneralSecurityException(java.security.GeneralSecurityException) ClientConnectionManager(org.apache.http.conn.ClientConnectionManager) PoolingClientConnectionManager(org.apache.http.impl.conn.PoolingClientConnectionManager) HttpParams(org.apache.http.params.HttpParams) X509HostnameVerifier(org.apache.http.conn.ssl.X509HostnameVerifier) SchemeRegistry(org.apache.http.conn.scheme.SchemeRegistry) DefaultHttpClient(org.apache.http.impl.client.DefaultHttpClient) DecompressingHttpClient(org.apache.http.impl.client.DecompressingHttpClient) HttpClient(org.apache.http.client.HttpClient) SSLSocketFactory(org.apache.http.conn.ssl.SSLSocketFactory)

Example 4 with X509HostnameVerifier

use of org.apache.http.conn.ssl.X509HostnameVerifier in project cloudstack by apache.

the class HttpClientWrapper method wrapClient.

public static HttpClient wrapClient(HttpClient base) {
    try {
        SSLContext ctx = SSLUtils.getSSLContext();
        X509TrustManager tm = new X509TrustManager() {

            @Override
            public void checkClientTrusted(X509Certificate[] xcs, String string) throws CertificateException {
            }

            @Override
            public void checkServerTrusted(X509Certificate[] xcs, String string) throws CertificateException {
            }

            @Override
            public X509Certificate[] getAcceptedIssuers() {
                return null;
            }
        };
        X509HostnameVerifier verifier = new X509HostnameVerifier() {

            @Override
            public void verify(String string, SSLSocket ssls) throws IOException {
            }

            @Override
            public void verify(String string, X509Certificate xc) throws SSLException {
            }

            @Override
            public void verify(String string, String[] strings, String[] strings1) throws SSLException {
            }

            @Override
            public boolean verify(String string, SSLSession ssls) {
                return true;
            }
        };
        ctx.init(null, new TrustManager[] { tm }, null);
        SSLSocketFactory ssf = new SSLSocketFactory(ctx);
        ssf.setHostnameVerifier(verifier);
        ClientConnectionManager ccm = base.getConnectionManager();
        SchemeRegistry sr = ccm.getSchemeRegistry();
        sr.register(new Scheme("https", ssf, 443));
        return new DefaultHttpClient(ccm, base.getParams());
    } catch (Exception ex) {
        ex.printStackTrace();
        return null;
    }
}
Also used : Scheme(org.apache.http.conn.scheme.Scheme) SSLSocket(javax.net.ssl.SSLSocket) SSLSession(javax.net.ssl.SSLSession) SSLContext(javax.net.ssl.SSLContext) ClientConnectionManager(org.apache.http.conn.ClientConnectionManager) X509Certificate(java.security.cert.X509Certificate) DefaultHttpClient(org.apache.http.impl.client.DefaultHttpClient) IOException(java.io.IOException) CertificateException(java.security.cert.CertificateException) SSLException(javax.net.ssl.SSLException) X509HostnameVerifier(org.apache.http.conn.ssl.X509HostnameVerifier) X509TrustManager(javax.net.ssl.X509TrustManager) SchemeRegistry(org.apache.http.conn.scheme.SchemeRegistry) SSLSocketFactory(org.apache.http.conn.ssl.SSLSocketFactory)

Example 5 with X509HostnameVerifier

use of org.apache.http.conn.ssl.X509HostnameVerifier in project oxAuth by GluuFederation.

the class BaseTest method createHttpClient.

public static DefaultHttpClient createHttpClient(HostnameVerifierType p_verifierType) {
    if (p_verifierType != null && p_verifierType != HostnameVerifierType.DEFAULT) {
        switch(p_verifierType) {
            case ALLOW_ALL:
                HostnameVerifier hostnameVerifier = org.apache.http.conn.ssl.SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER;
                DefaultHttpClient client = new DefaultHttpClient();
                SchemeRegistry registry = new SchemeRegistry();
                SSLSocketFactory socketFactory = SSLSocketFactory.getSocketFactory();
                socketFactory.setHostnameVerifier((X509HostnameVerifier) hostnameVerifier);
                registry.register(new Scheme("https", socketFactory, 443));
                SingleClientConnManager mgr = new SingleClientConnManager(client.getParams(), registry);
                // Set verifier
                HttpsURLConnection.setDefaultHostnameVerifier(hostnameVerifier);
                return new DefaultHttpClient(mgr, client.getParams());
            case DEFAULT:
                return new DefaultHttpClient();
        }
    }
    return new DefaultHttpClient();
}
Also used : Scheme(org.apache.http.conn.scheme.Scheme) SingleClientConnManager(org.apache.http.impl.conn.SingleClientConnManager) SchemeRegistry(org.apache.http.conn.scheme.SchemeRegistry) SSLSocketFactory(org.apache.http.conn.ssl.SSLSocketFactory) DefaultHttpClient(org.apache.http.impl.client.DefaultHttpClient) X509HostnameVerifier(org.apache.http.conn.ssl.X509HostnameVerifier) HostnameVerifier(javax.net.ssl.HostnameVerifier) AllowAllHostnameVerifier(org.apache.http.conn.ssl.AllowAllHostnameVerifier)

Aggregations

X509HostnameVerifier (org.apache.http.conn.ssl.X509HostnameVerifier)11 SSLContext (javax.net.ssl.SSLContext)7 IOException (java.io.IOException)5 X509Certificate (java.security.cert.X509Certificate)5 HttpClient (org.apache.http.client.HttpClient)5 Scheme (org.apache.http.conn.scheme.Scheme)5 SchemeRegistry (org.apache.http.conn.scheme.SchemeRegistry)5 SSLSocketFactory (org.apache.http.conn.ssl.SSLSocketFactory)5 TrustStrategy (org.apache.http.conn.ssl.TrustStrategy)5 DefaultHttpClient (org.apache.http.impl.client.DefaultHttpClient)5 CertificateException (java.security.cert.CertificateException)4 SSLException (javax.net.ssl.SSLException)4 SSLSession (javax.net.ssl.SSLSession)4 SSLSocket (javax.net.ssl.SSLSocket)4 ConnectionSocketFactory (org.apache.http.conn.socket.ConnectionSocketFactory)4 PlainConnectionSocketFactory (org.apache.http.conn.socket.PlainConnectionSocketFactory)4 SSLConnectionSocketFactory (org.apache.http.conn.ssl.SSLConnectionSocketFactory)4 PoolingHttpClientConnectionManager (org.apache.http.impl.conn.PoolingHttpClientConnectionManager)4 SSLContextBuilder (org.apache.http.conn.ssl.SSLContextBuilder)3 ServiceError (com.kixeye.chassis.transport.dto.ServiceError)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial