Search in sources :

Example 21 with SSLContextBuilder

use of org.apache.http.ssl.SSLContextBuilder in project dal by ctripcorp.

the class WebUtil method initWeakSSLClient.

private static HttpClient initWeakSSLClient() {
    HttpClientBuilder b = HttpClientBuilder.create();
    // setup a Trust Strategy that allows all certificates.
    //
    SSLContext sslContext = null;
    try {
        sslContext = new SSLContextBuilder().loadTrustMaterial(null, new TrustStrategy() {

            public boolean isTrusted(X509Certificate[] arg0, String arg1) {
                return true;
            }
        }).build();
    } catch (NoSuchAlgorithmException | KeyManagementException | KeyStoreException e) {
    // do nothing, has been handled outside
    }
    b.setSslcontext(sslContext);
    // don't check Hostnames, either.
    //      -- use SSLConnectionSocketFactory.getDefaultHostnameVerifier(), if you don't want to weaken
    X509HostnameVerifier hostnameVerifier = SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER;
    // here's the special part:
    //      -- need to create an SSL Socket Factory, to use our weakened "trust strategy";
    //      -- and create a Registry, to register it.
    //
    SSLConnectionSocketFactory sslSocketFactory = new SSLConnectionSocketFactory(sslContext, hostnameVerifier);
    Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create().register("http", PlainConnectionSocketFactory.getSocketFactory()).register("https", sslSocketFactory).build();
    // now, we create connection-manager using our Registry.
    //      -- allows multi-threaded use
    PoolingHttpClientConnectionManager connMgr = new PoolingHttpClientConnectionManager(socketFactoryRegistry);
    b.setConnectionManager(connMgr);
    /**
         * Set timeout option
         */
    RequestConfig.Builder configBuilder = RequestConfig.custom();
    configBuilder.setConnectTimeout(TIMEOUT);
    configBuilder.setSocketTimeout(TIMEOUT);
    b.setDefaultRequestConfig(configBuilder.build());
    // finally, build the HttpClient;
    //      -- done!
    HttpClient sslClient = b.build();
    return sslClient;
}
Also used : RequestConfig(org.apache.http.client.config.RequestConfig) TrustStrategy(org.apache.http.conn.ssl.TrustStrategy) HttpClientBuilder(org.apache.http.impl.client.HttpClientBuilder) SSLContext(javax.net.ssl.SSLContext) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) KeyStoreException(java.security.KeyStoreException) SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory) X509Certificate(java.security.cert.X509Certificate) KeyManagementException(java.security.KeyManagementException) PoolingHttpClientConnectionManager(org.apache.http.impl.conn.PoolingHttpClientConnectionManager) PlainConnectionSocketFactory(org.apache.http.conn.socket.PlainConnectionSocketFactory) SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory) ConnectionSocketFactory(org.apache.http.conn.socket.ConnectionSocketFactory) X509HostnameVerifier(org.apache.http.conn.ssl.X509HostnameVerifier) HttpClient(org.apache.http.client.HttpClient) SSLContextBuilder(org.apache.http.ssl.SSLContextBuilder)

Aggregations

SSLContextBuilder (org.apache.http.ssl.SSLContextBuilder)21 SSLConnectionSocketFactory (org.apache.http.conn.ssl.SSLConnectionSocketFactory)20 HttpClient (org.apache.http.client.HttpClient)15 TrustSelfSignedStrategy (org.apache.http.conn.ssl.TrustSelfSignedStrategy)15 HttpComponentsClientHttpRequestFactory (org.springframework.http.client.HttpComponentsClientHttpRequestFactory)14 Test (org.junit.Test)12 ServletRegistrationBean (org.springframework.boot.web.servlet.ServletRegistrationBean)6 File (java.io.File)5 FileInputStream (java.io.FileInputStream)5 KeyStore (java.security.KeyStore)5 SSLContext (javax.net.ssl.SSLContext)5 IOException (java.io.IOException)4 NoopHostnameVerifier (org.apache.http.conn.ssl.NoopHostnameVerifier)3 TrustStrategy (org.apache.http.conn.ssl.TrustStrategy)3 CloseableHttpClient (org.apache.http.impl.client.CloseableHttpClient)3 HttpClientBuilder (org.apache.http.impl.client.HttpClientBuilder)3 URI (java.net.URI)2 URISyntaxException (java.net.URISyntaxException)2 KeyManagementException (java.security.KeyManagementException)2 KeyStoreException (java.security.KeyStoreException)2