Search in sources :

Example 11 with SSLContextBuilder

use of org.apache.http.ssl.SSLContextBuilder in project spring-boot by spring-projects.

the class AbstractServletWebServerFactoryTests method sslWithCustomSslStoreProvider.

@Test
public void sslWithCustomSslStoreProvider() throws Exception {
    AbstractServletWebServerFactory factory = getFactory();
    addTestTxtFile(factory);
    Ssl ssl = new Ssl();
    ssl.setClientAuth(ClientAuth.NEED);
    ssl.setKeyPassword("password");
    factory.setSsl(ssl);
    SslStoreProvider sslStoreProvider = mock(SslStoreProvider.class);
    given(sslStoreProvider.getKeyStore()).willReturn(loadStore());
    given(sslStoreProvider.getTrustStore()).willReturn(loadStore());
    factory.setSslStoreProvider(sslStoreProvider);
    this.webServer = factory.getWebServer();
    this.webServer.start();
    KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
    keyStore.load(new FileInputStream(new File("src/test/resources/test.jks")), "secret".toCharArray());
    SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(new SSLContextBuilder().loadTrustMaterial(null, new TrustSelfSignedStrategy()).loadKeyMaterial(keyStore, "password".toCharArray()).build());
    HttpClient httpClient = HttpClients.custom().setSSLSocketFactory(socketFactory).build();
    HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory(httpClient);
    assertThat(getResponse(getLocalUrl("https", "/test.txt"), requestFactory)).isEqualTo("test");
    verify(sslStoreProvider).getKeyStore();
    verify(sslStoreProvider).getTrustStore();
}
Also used : SslStoreProvider(org.springframework.boot.web.server.SslStoreProvider) HttpClient(org.apache.http.client.HttpClient) HttpComponentsClientHttpRequestFactory(org.springframework.http.client.HttpComponentsClientHttpRequestFactory) Ssl(org.springframework.boot.web.server.Ssl) KeyStore(java.security.KeyStore) File(java.io.File) SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory) SSLContextBuilder(org.apache.http.ssl.SSLContextBuilder) FileInputStream(java.io.FileInputStream) TrustSelfSignedStrategy(org.apache.http.conn.ssl.TrustSelfSignedStrategy) Test(org.junit.Test)

Example 12 with SSLContextBuilder

use of org.apache.http.ssl.SSLContextBuilder in project spring-boot by spring-projects.

the class AbstractServletWebServerFactoryTests method sslKeyAlias.

@Test
public void sslKeyAlias() throws Exception {
    AbstractServletWebServerFactory factory = getFactory();
    factory.setSsl(getSsl(null, "password", "test-alias", "src/test/resources/test.jks"));
    this.webServer = factory.getWebServer(new ServletRegistrationBean<>(new ExampleServlet(true, false), "/hello"));
    this.webServer.start();
    SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(new SSLContextBuilder().loadTrustMaterial(null, new SerialNumberValidatingTrustSelfSignedStrategy("77e7c302")).build());
    HttpClient httpClient = HttpClients.custom().setSSLSocketFactory(socketFactory).build();
    HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory(httpClient);
    assertThat(getResponse(getLocalUrl("https", "/hello"), requestFactory)).contains("scheme=https");
}
Also used : ServletRegistrationBean(org.springframework.boot.web.servlet.ServletRegistrationBean) HttpClient(org.apache.http.client.HttpClient) HttpComponentsClientHttpRequestFactory(org.springframework.http.client.HttpComponentsClientHttpRequestFactory) SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory) SSLContextBuilder(org.apache.http.ssl.SSLContextBuilder) Test(org.junit.Test)

Example 13 with SSLContextBuilder

use of org.apache.http.ssl.SSLContextBuilder in project spring-boot by spring-projects.

the class AbstractServletWebServerFactoryTests method testBasicSslWithKeyStore.

protected final void testBasicSslWithKeyStore(String keyStore) throws Exception {
    AbstractServletWebServerFactory factory = getFactory();
    addTestTxtFile(factory);
    factory.setSsl(getSsl(null, "password", keyStore));
    this.webServer = factory.getWebServer();
    this.webServer.start();
    SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(new SSLContextBuilder().loadTrustMaterial(null, new TrustSelfSignedStrategy()).build());
    HttpClient httpClient = HttpClients.custom().setSSLSocketFactory(socketFactory).build();
    HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory(httpClient);
    assertThat(getResponse(getLocalUrl("https", "/test.txt"), requestFactory)).isEqualTo("test");
}
Also used : HttpClient(org.apache.http.client.HttpClient) HttpComponentsClientHttpRequestFactory(org.springframework.http.client.HttpComponentsClientHttpRequestFactory) SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory) SSLContextBuilder(org.apache.http.ssl.SSLContextBuilder) TrustSelfSignedStrategy(org.apache.http.conn.ssl.TrustSelfSignedStrategy)

Example 14 with SSLContextBuilder

use of org.apache.http.ssl.SSLContextBuilder in project spring-boot by spring-projects.

the class AbstractServletWebServerFactoryTests method pkcs12KeyStoreAndTrustStore.

@Test
public void pkcs12KeyStoreAndTrustStore() throws Exception {
    AbstractServletWebServerFactory factory = getFactory();
    addTestTxtFile(factory);
    factory.setSsl(getSsl(ClientAuth.NEED, null, "classpath:test.p12", "classpath:test.p12", null, null));
    this.webServer = factory.getWebServer();
    this.webServer.start();
    KeyStore keyStore = KeyStore.getInstance("pkcs12");
    keyStore.load(new FileInputStream(new File("src/test/resources/test.p12")), "secret".toCharArray());
    SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(new SSLContextBuilder().loadTrustMaterial(null, new TrustSelfSignedStrategy()).loadKeyMaterial(keyStore, "secret".toCharArray()).build());
    HttpClient httpClient = HttpClients.custom().setSSLSocketFactory(socketFactory).build();
    HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory(httpClient);
    assertThat(getResponse(getLocalUrl("https", "/test.txt"), requestFactory)).isEqualTo("test");
}
Also used : HttpClient(org.apache.http.client.HttpClient) HttpComponentsClientHttpRequestFactory(org.springframework.http.client.HttpComponentsClientHttpRequestFactory) KeyStore(java.security.KeyStore) File(java.io.File) SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory) SSLContextBuilder(org.apache.http.ssl.SSLContextBuilder) FileInputStream(java.io.FileInputStream) TrustSelfSignedStrategy(org.apache.http.conn.ssl.TrustSelfSignedStrategy) Test(org.junit.Test)

Example 15 with SSLContextBuilder

use of org.apache.http.ssl.SSLContextBuilder in project spring-boot by spring-projects.

the class AbstractServletWebServerFactoryTests method sslGetScheme.

@Test
public void sslGetScheme() throws Exception {
    // gh-2232
    AbstractServletWebServerFactory factory = getFactory();
    factory.setSsl(getSsl(null, "password", "src/test/resources/test.jks"));
    this.webServer = factory.getWebServer(new ServletRegistrationBean<>(new ExampleServlet(true, false), "/hello"));
    this.webServer.start();
    SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(new SSLContextBuilder().loadTrustMaterial(null, new TrustSelfSignedStrategy()).build());
    HttpClient httpClient = HttpClients.custom().setSSLSocketFactory(socketFactory).build();
    HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory(httpClient);
    assertThat(getResponse(getLocalUrl("https", "/hello"), requestFactory)).contains("scheme=https");
}
Also used : ServletRegistrationBean(org.springframework.boot.web.servlet.ServletRegistrationBean) HttpClient(org.apache.http.client.HttpClient) HttpComponentsClientHttpRequestFactory(org.springframework.http.client.HttpComponentsClientHttpRequestFactory) SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory) SSLContextBuilder(org.apache.http.ssl.SSLContextBuilder) TrustSelfSignedStrategy(org.apache.http.conn.ssl.TrustSelfSignedStrategy) Test(org.junit.Test)

Aggregations

SSLContextBuilder (org.apache.http.ssl.SSLContextBuilder)21 SSLConnectionSocketFactory (org.apache.http.conn.ssl.SSLConnectionSocketFactory)20 HttpClient (org.apache.http.client.HttpClient)15 TrustSelfSignedStrategy (org.apache.http.conn.ssl.TrustSelfSignedStrategy)15 HttpComponentsClientHttpRequestFactory (org.springframework.http.client.HttpComponentsClientHttpRequestFactory)14 Test (org.junit.Test)12 ServletRegistrationBean (org.springframework.boot.web.servlet.ServletRegistrationBean)6 File (java.io.File)5 FileInputStream (java.io.FileInputStream)5 KeyStore (java.security.KeyStore)5 SSLContext (javax.net.ssl.SSLContext)5 IOException (java.io.IOException)4 NoopHostnameVerifier (org.apache.http.conn.ssl.NoopHostnameVerifier)3 TrustStrategy (org.apache.http.conn.ssl.TrustStrategy)3 CloseableHttpClient (org.apache.http.impl.client.CloseableHttpClient)3 HttpClientBuilder (org.apache.http.impl.client.HttpClientBuilder)3 URI (java.net.URI)2 URISyntaxException (java.net.URISyntaxException)2 KeyManagementException (java.security.KeyManagementException)2 KeyStoreException (java.security.KeyStoreException)2