Example 21 with SSLContextBuilder
use of org.apache.http.ssl.SSLContextBuilder in project dal by ctripcorp.
the class WebUtil method initWeakSSLClient.
private static HttpClient initWeakSSLClient() {
HttpClientBuilder b = HttpClientBuilder.create();
// setup a Trust Strategy that allows all certificates.
//
SSLContext sslContext = null;
try {
sslContext = new SSLContextBuilder().loadTrustMaterial(null, new TrustStrategy() {
public boolean isTrusted(X509Certificate[] arg0, String arg1) {
return true;
}
}).build();
} catch (NoSuchAlgorithmException | KeyManagementException | KeyStoreException e) {
// do nothing, has been handled outside
}
b.setSslcontext(sslContext);
// don't check Hostnames, either.
// -- use SSLConnectionSocketFactory.getDefaultHostnameVerifier(), if you don't want to weaken
X509HostnameVerifier hostnameVerifier = SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER;
// here's the special part:
// -- need to create an SSL Socket Factory, to use our weakened "trust strategy";
// -- and create a Registry, to register it.
//
SSLConnectionSocketFactory sslSocketFactory = new SSLConnectionSocketFactory(sslContext, hostnameVerifier);
Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create().register("http", PlainConnectionSocketFactory.getSocketFactory()).register("https", sslSocketFactory).build();
// now, we create connection-manager using our Registry.
// -- allows multi-threaded use
PoolingHttpClientConnectionManager connMgr = new PoolingHttpClientConnectionManager(socketFactoryRegistry);
b.setConnectionManager(connMgr);
/**
* Set timeout option
*/
RequestConfig.Builder configBuilder = RequestConfig.custom();
configBuilder.setConnectTimeout(TIMEOUT);
configBuilder.setSocketTimeout(TIMEOUT);
b.setDefaultRequestConfig(configBuilder.build());
// finally, build the HttpClient;
// -- done!
HttpClient sslClient = b.build();
return sslClient;
}
Also used :
RequestConfig(org.apache.http.client.config.RequestConfig)
TrustStrategy(org.apache.http.conn.ssl.TrustStrategy)
HttpClientBuilder(org.apache.http.impl.client.HttpClientBuilder)
SSLContext(javax.net.ssl.SSLContext)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
KeyStoreException(java.security.KeyStoreException)
SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory)
X509Certificate(java.security.cert.X509Certificate)
KeyManagementException(java.security.KeyManagementException)
PoolingHttpClientConnectionManager(org.apache.http.impl.conn.PoolingHttpClientConnectionManager)
PlainConnectionSocketFactory(org.apache.http.conn.socket.PlainConnectionSocketFactory)
SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory)
ConnectionSocketFactory(org.apache.http.conn.socket.ConnectionSocketFactory)
X509HostnameVerifier(org.apache.http.conn.ssl.X509HostnameVerifier)
HttpClient(org.apache.http.client.HttpClient)
SSLContextBuilder(org.apache.http.ssl.SSLContextBuilder)
Aggregations
SSLContextBuilder (org.apache.http.ssl.SSLContextBuilder)21
SSLConnectionSocketFactory (org.apache.http.conn.ssl.SSLConnectionSocketFactory)20
HttpClient (org.apache.http.client.HttpClient)15
TrustSelfSignedStrategy (org.apache.http.conn.ssl.TrustSelfSignedStrategy)15
HttpComponentsClientHttpRequestFactory (org.springframework.http.client.HttpComponentsClientHttpRequestFactory)14
Test (org.junit.Test)12
ServletRegistrationBean (org.springframework.boot.web.servlet.ServletRegistrationBean)6
File (java.io.File)5
FileInputStream (java.io.FileInputStream)5
KeyStore (java.security.KeyStore)5
SSLContext (javax.net.ssl.SSLContext)5
IOException (java.io.IOException)4
NoopHostnameVerifier (org.apache.http.conn.ssl.NoopHostnameVerifier)3
TrustStrategy (org.apache.http.conn.ssl.TrustStrategy)3
CloseableHttpClient (org.apache.http.impl.client.CloseableHttpClient)3
HttpClientBuilder (org.apache.http.impl.client.HttpClientBuilder)3
URI (java.net.URI)2
URISyntaxException (java.net.URISyntaxException)2
KeyManagementException (java.security.KeyManagementException)2
KeyStoreException (java.security.KeyStoreException)2
