Examples with SSLContextBuilder org.apache.http.ssl.SSLContextBuilder used on opensource projects

Search in sources :

Example 16 with SSLContextBuilder

use of org.apache.http.ssl.SSLContextBuilder in project spring-boot by spring-projects.

the class AbstractServletWebServerFactoryTests method serverHeaderIsDisabledByDefaultWhenUsingSsl.

@Test
public void serverHeaderIsDisabledByDefaultWhenUsingSsl() throws Exception {
    AbstractServletWebServerFactory factory = getFactory();
    factory.setSsl(getSsl(null, "password", "src/test/resources/test.jks"));
    this.webServer = factory.getWebServer(new ServletRegistrationBean<>(new ExampleServlet(true, false), "/hello"));
    this.webServer.start();
    SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(new SSLContextBuilder().loadTrustMaterial(null, new TrustSelfSignedStrategy()).build());
    HttpClient httpClient = HttpClients.custom().setSSLSocketFactory(socketFactory).build();
    ClientHttpResponse response = getClientResponse(getLocalUrl("https", "/hello"), HttpMethod.GET, new HttpComponentsClientHttpRequestFactory(httpClient));
    assertThat(response.getHeaders().get("Server")).isNullOrEmpty();
}
Also used : ServletRegistrationBean(org.springframework.boot.web.servlet.ServletRegistrationBean) HttpClient(org.apache.http.client.HttpClient) HttpComponentsClientHttpRequestFactory(org.springframework.http.client.HttpComponentsClientHttpRequestFactory) SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory) SSLContextBuilder(org.apache.http.ssl.SSLContextBuilder) ClientHttpResponse(org.springframework.http.client.ClientHttpResponse) TrustSelfSignedStrategy(org.apache.http.conn.ssl.TrustSelfSignedStrategy) Test(org.junit.Test)

Example 17 with SSLContextBuilder

use of org.apache.http.ssl.SSLContextBuilder in project spring-boot by spring-projects.

the class AbstractServletWebServerFactoryTests method sslWantsClientAuthenticationSucceedsWithoutClientCertificate.

@Test
public void sslWantsClientAuthenticationSucceedsWithoutClientCertificate() throws Exception {
    AbstractServletWebServerFactory factory = getFactory();
    addTestTxtFile(factory);
    factory.setSsl(getSsl(ClientAuth.WANT, "password", "classpath:test.jks"));
    this.webServer = factory.getWebServer();
    this.webServer.start();
    SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(new SSLContextBuilder().loadTrustMaterial(null, new TrustSelfSignedStrategy()).build());
    HttpClient httpClient = HttpClients.custom().setSSLSocketFactory(socketFactory).build();
    HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory(httpClient);
    assertThat(getResponse(getLocalUrl("https", "/test.txt"), requestFactory)).isEqualTo("test");
}
Also used : HttpClient(org.apache.http.client.HttpClient) HttpComponentsClientHttpRequestFactory(org.springframework.http.client.HttpComponentsClientHttpRequestFactory) SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory) SSLContextBuilder(org.apache.http.ssl.SSLContextBuilder) TrustSelfSignedStrategy(org.apache.http.conn.ssl.TrustSelfSignedStrategy) Test(org.junit.Test)

Example 18 with SSLContextBuilder

use of org.apache.http.ssl.SSLContextBuilder in project spring-boot by spring-projects.

the class AbstractServletWebServerFactoryTests method sslNeedsClientAuthenticationSucceedsWithClientCertificate.

@Test
public void sslNeedsClientAuthenticationSucceedsWithClientCertificate() throws Exception {
    AbstractServletWebServerFactory factory = getFactory();
    addTestTxtFile(factory);
    factory.setSsl(getSsl(ClientAuth.NEED, "password", "classpath:test.jks", "classpath:test.jks", null, null));
    this.webServer = factory.getWebServer();
    this.webServer.start();
    KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
    keyStore.load(new FileInputStream(new File("src/test/resources/test.jks")), "secret".toCharArray());
    SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(new SSLContextBuilder().loadTrustMaterial(null, new TrustSelfSignedStrategy()).loadKeyMaterial(keyStore, "password".toCharArray()).build());
    HttpClient httpClient = HttpClients.custom().setSSLSocketFactory(socketFactory).build();
    HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory(httpClient);
    assertThat(getResponse(getLocalUrl("https", "/test.txt"), requestFactory)).isEqualTo("test");
}
Also used : HttpClient(org.apache.http.client.HttpClient) HttpComponentsClientHttpRequestFactory(org.springframework.http.client.HttpComponentsClientHttpRequestFactory) KeyStore(java.security.KeyStore) File(java.io.File) SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory) SSLContextBuilder(org.apache.http.ssl.SSLContextBuilder) FileInputStream(java.io.FileInputStream) TrustSelfSignedStrategy(org.apache.http.conn.ssl.TrustSelfSignedStrategy) Test(org.junit.Test)

Example 19 with SSLContextBuilder

use of org.apache.http.ssl.SSLContextBuilder in project ats-framework by Axway.

the class HttpClient method setupSSL.

/**
     * Setup SSL. Pass the trusted certificates and client private key and certificate,
     * if applicable.
     *
     * @param httpClientBuilder The client builder
     * @throws HttpException
     */
private void setupSSL(HttpClientBuilder httpClientBuilder) throws HttpException {
    try {
        SSLContextBuilder sslContextBuilder = SSLContexts.custom();
        sslContextBuilder.loadTrustMaterial(convertToKeyStore(trustedServerCertificates), new TrustStrategy() {

            @Override
            public boolean isTrusted(X509Certificate[] chain, String authType) throws CertificateException {
                return checkIsTrusted(chain);
            }
        });
        if (clientSSLKeyStore != null) {
            sslContextBuilder.loadKeyMaterial(clientSSLKeyStore, "".toCharArray());
        }
        SSLContext sslContext = sslContextBuilder.build();
        // Allow all supported protocols
        SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslContext, supportedProtocols, supportedCipherSuites, new NoopHostnameVerifier());
        httpClientBuilder.setSSLSocketFactory(sslsf);
    } catch (Exception e) {
        throw new HttpException("Exception occurred when setting up SSL.", e);
    }
}
Also used : TrustStrategy(org.apache.http.conn.ssl.TrustStrategy) NoopHostnameVerifier(org.apache.http.conn.ssl.NoopHostnameVerifier) CertificateException(java.security.cert.CertificateException) SSLContext(javax.net.ssl.SSLContext) SSLContextBuilder(org.apache.http.ssl.SSLContextBuilder) SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory) X509Certificate(java.security.cert.X509Certificate) URISyntaxException(java.net.URISyntaxException) GeneralSecurityException(java.security.GeneralSecurityException) ClientProtocolException(org.apache.http.client.ClientProtocolException) MalformedURLException(java.net.MalformedURLException) IOException(java.io.IOException) CertificateException(java.security.cert.CertificateException)

Example 20 with SSLContextBuilder

use of org.apache.http.ssl.SSLContextBuilder in project geode by apache.

the class RestAPIsWithSSLDUnitTest method getSSLBasedHTTPClient.

private CloseableHttpClient getSSLBasedHTTPClient(Properties properties) throws Exception {
    KeyStore clientKeys = KeyStore.getInstance("JKS");
    File keystoreJKSForPath = findKeyStoreJKS(properties);
    clientKeys.load(new FileInputStream(keystoreJKSForPath), "password".toCharArray());
    KeyStore clientTrust = KeyStore.getInstance("JKS");
    File trustStoreJKSForPath = findTrustStoreJKSForPath(properties);
    clientTrust.load(new FileInputStream(trustStoreJKSForPath), "password".toCharArray());
    // this is needed
    SSLContextBuilder custom = SSLContexts.custom();
    SSLContextBuilder sslContextBuilder = custom.loadTrustMaterial(clientTrust, new TrustSelfSignedStrategy());
    SSLContext sslcontext = sslContextBuilder.loadKeyMaterial(clientKeys, "password".toCharArray(), (aliases, socket) -> {
        if (aliases.size() == 1) {
            return aliases.keySet().stream().findFirst().get();
        }
        if (!StringUtils.isEmpty(properties.getProperty(INVALID_CLIENT_ALIAS))) {
            return properties.getProperty(INVALID_CLIENT_ALIAS);
        } else {
            return properties.getProperty(SSL_WEB_ALIAS);
        }
    }).build();
    // Host checking is disabled here , as tests might run on multiple hosts and
    // host entries can not be assumed
    SSLConnectionSocketFactory sslConnectionSocketFactory = new SSLConnectionSocketFactory(sslcontext, SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
    return HttpClients.custom().setSSLSocketFactory(sslConnectionSocketFactory).build();
}
Also used : Arrays(java.util.Arrays) SSLContext(javax.net.ssl.SSLContext) StringUtils(org.apache.commons.lang.StringUtils) Date(java.util.Date) AvailablePort(org.apache.geode.internal.AvailablePort) AttributesFactory(org.apache.geode.cache.AttributesFactory) RegionAttributes(org.apache.geode.cache.RegionAttributes) Cache(org.apache.geode.cache.Cache) JSONObject(org.json.JSONObject) Map(java.util.Map) SSLContexts(org.apache.http.ssl.SSLContexts) CacheServer(org.apache.geode.cache.server.CacheServer) SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory) Parameterized(org.junit.runners.Parameterized) Collection(java.util.Collection) HttpEntity(org.apache.http.HttpEntity) KeyStore(java.security.KeyStore) ClientRegionShortcut(org.apache.geode.cache.client.ClientRegionShortcut) SecurableCommunicationChannel(org.apache.geode.internal.security.SecurableCommunicationChannel) ManagementException(org.apache.geode.management.ManagementException) Category(org.junit.experimental.categories.Category) GemFireCacheImpl(org.apache.geode.internal.cache.GemFireCacheImpl) HttpGet(org.apache.http.client.methods.HttpGet) ClientCache(org.apache.geode.cache.client.ClientCache) DistributedTest(org.apache.geode.test.junit.categories.DistributedTest) TrustSelfSignedStrategy(org.apache.http.conn.ssl.TrustSelfSignedStrategy) HttpClients(org.apache.http.impl.client.HttpClients) InternalDistributedSystem(org.apache.geode.distributed.internal.InternalDistributedSystem) IgnoredException(org.apache.geode.test.dunit.IgnoredException) ConfigurationProperties(org.apache.geode.distributed.ConfigurationProperties) InternalCache(org.apache.geode.internal.cache.InternalCache) CacheFactory(org.apache.geode.cache.CacheFactory) RunWith(org.junit.runner.RunWith) HashMap(java.util.HashMap) LocatorTestBase(org.apache.geode.cache.client.internal.LocatorTestBase) BindException(java.net.BindException) Host(org.apache.geode.test.dunit.Host) VM(org.apache.geode.test.dunit.VM) CloseableHttpResponse(org.apache.http.client.methods.CloseableHttpResponse) Region(org.apache.geode.cache.Region) RegionFactory(org.apache.geode.cache.RegionFactory) CategoryWithParameterizedRunnerFactory(org.apache.geode.test.junit.runners.CategoryWithParameterizedRunnerFactory) DistributedSystem(org.apache.geode.distributed.DistributedSystem) NetworkUtils(org.apache.geode.test.dunit.NetworkUtils) CloseableHttpClient(org.apache.http.impl.client.CloseableHttpClient) Properties(java.util.Properties) AvailablePortHelper(org.apache.geode.internal.AvailablePortHelper) RegionShortcut(org.apache.geode.cache.RegionShortcut) IOException(java.io.IOException) Test(org.junit.Test) FileInputStream(java.io.FileInputStream) InputStreamReader(java.io.InputStreamReader) SSLContextBuilder(org.apache.http.ssl.SSLContextBuilder) TestUtil(org.apache.geode.util.test.TestUtil) File(java.io.File) ClientCacheFactory(org.apache.geode.cache.client.ClientCacheFactory) DataPolicy(org.apache.geode.cache.DataPolicy) BufferedReader(java.io.BufferedReader) Assert(org.junit.Assert) InputStream(java.io.InputStream) SSLContext(javax.net.ssl.SSLContext) KeyStore(java.security.KeyStore) File(java.io.File) SSLContextBuilder(org.apache.http.ssl.SSLContextBuilder) SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory) FileInputStream(java.io.FileInputStream) TrustSelfSignedStrategy(org.apache.http.conn.ssl.TrustSelfSignedStrategy)

Aggregations

SSLContextBuilder (org.apache.http.ssl.SSLContextBuilder)21 SSLConnectionSocketFactory (org.apache.http.conn.ssl.SSLConnectionSocketFactory)20 HttpClient (org.apache.http.client.HttpClient)15 TrustSelfSignedStrategy (org.apache.http.conn.ssl.TrustSelfSignedStrategy)15 HttpComponentsClientHttpRequestFactory (org.springframework.http.client.HttpComponentsClientHttpRequestFactory)14 Test (org.junit.Test)12 ServletRegistrationBean (org.springframework.boot.web.servlet.ServletRegistrationBean)6 File (java.io.File)5 FileInputStream (java.io.FileInputStream)5 KeyStore (java.security.KeyStore)5 SSLContext (javax.net.ssl.SSLContext)5 IOException (java.io.IOException)4 NoopHostnameVerifier (org.apache.http.conn.ssl.NoopHostnameVerifier)3 TrustStrategy (org.apache.http.conn.ssl.TrustStrategy)3 CloseableHttpClient (org.apache.http.impl.client.CloseableHttpClient)3 HttpClientBuilder (org.apache.http.impl.client.HttpClientBuilder)3 URI (java.net.URI)2 URISyntaxException (java.net.URISyntaxException)2 KeyManagementException (java.security.KeyManagementException)2 KeyStoreException (java.security.KeyStoreException)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial