org.apache.http.conn.ssl.SSLContextBuilder Java Examples

The following examples show how to use org.apache.http.conn.ssl.SSLContextBuilder. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source Project: localization_nifi   Author: wangrenlei   File: PostHTTP.java    License: Apache License 2.0 7 votes vote down vote up
private SSLContext createSSLContext(final SSLContextService service)
        throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, KeyManagementException, UnrecoverableKeyException {
    SSLContextBuilder builder = SSLContexts.custom();
    final String trustFilename = service.getTrustStoreFile();
    if (trustFilename != null) {
        final KeyStore truststore = KeyStoreUtils.getTrustStore(service.getTrustStoreType());
        try (final InputStream in = new FileInputStream(new File(service.getTrustStoreFile()))) {
            truststore.load(in, service.getTrustStorePassword().toCharArray());
        }
        builder = builder.loadTrustMaterial(truststore, new TrustSelfSignedStrategy());
    }

    final String keyFilename = service.getKeyStoreFile();
    if (keyFilename != null) {
        final KeyStore keystore = KeyStoreUtils.getKeyStore(service.getKeyStoreType());
        try (final InputStream in = new FileInputStream(new File(service.getKeyStoreFile()))) {
            keystore.load(in, service.getKeyStorePassword().toCharArray());
        }
        builder = builder.loadKeyMaterial(keystore, service.getKeyStorePassword().toCharArray());
    }

    builder = builder.useProtocol(service.getSslAlgorithm());

    final SSLContext sslContext = builder.build();
    return sslContext;
}
 
Example #2
Source Project: zerocode-hello-world   Author: authorjapps   File: CustomHttpClient.java    License: MIT License 6 votes vote down vote up
/**
 * This method has been overridden here simply to show how a custom/project-specific http client
 * can be plugged into the framework.
 *
 * e.g. You can create your own project specific http client needed for http/https/tls connections or
 * a Corporate proxy based Http client here.
 * Sometimes you may need a simple default http client
 * e.g. HttpClients.createDefault() provided by Apache lib.
 *
 * Note:
 * If you do not override this method, the framework anyways creates a http client suitable for both http/https.
 */
@Override
public CloseableHttpClient createHttpClient() throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException {
    LOGGER.info("###Used SSL Enabled Http Client for http/https/TLS connections");

    SSLContext sslContext = new SSLContextBuilder()
            .loadTrustMaterial(null, (certificate, authType) -> true).build();

    CookieStore cookieStore = new BasicCookieStore();

    return HttpClients.custom()
            .setSSLContext(sslContext)
            .setSSLHostnameVerifier(new NoopHostnameVerifier())
            .setDefaultCookieStore(cookieStore)
            .build();
}
 
Example #3
Source Project: anchore-container-scanner-plugin   Author: jenkinsci   File: BuildWorker.java    License: Apache License 2.0 6 votes vote down vote up
private static CloseableHttpClient makeHttpClient(boolean verify) {
  CloseableHttpClient httpclient = null;
  if (verify) {
    httpclient = HttpClients.createDefault();
  } else {
    //SSLContextBuilder builder;

    //SSLConnectionSocketFactory sslsf=null;

    try {
      SSLContextBuilder builder = new SSLContextBuilder();
      builder.loadTrustMaterial(null, new TrustSelfSignedStrategy());
      SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(builder.build(),
          SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
      httpclient = HttpClients.custom().setSSLSocketFactory(sslsf).build();
    } catch (Exception e) {
      System.out.println(e);
    }
  }
  return (httpclient);
}
 
Example #4
Source Project: documentum-rest-client-java   Author: Enterprise-Content-Management   File: AbstractRestTemplateClient.java    License: Apache License 2.0 6 votes vote down vote up
public AbstractRestTemplateClient ignoreAuthenticateServer() {
    //backward compatible with android httpclient 4.3.x
    if(restTemplate.getRequestFactory() instanceof HttpComponentsClientHttpRequestFactory) {
        try {
            SSLContext sslContext = new SSLContextBuilder().loadTrustMaterial(null, new TrustSelfSignedStrategy()).build();
            X509HostnameVerifier verifier = ignoreSslWarning ? new AllowAllHostnameVerifier() : new BrowserCompatHostnameVerifier();
            SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(sslContext, verifier);
            HttpClient httpClient = HttpClients.custom().setSSLSocketFactory(socketFactory).build();
            ((HttpComponentsClientHttpRequestFactory)restTemplate.getRequestFactory()).setHttpClient(httpClient);
        } catch (Exception e) {
            e.printStackTrace();
        }
    } else {
        Debug.error("the request factory " + restTemplate.getRequestFactory().getClass().getName() + " does not support ignoreAuthenticateServer");
    }
    return this;
}
 
Example #5
Source Project: intellij-demandware   Author: nek4life   File: DWServerConnection.java    License: MIT License 6 votes vote down vote up
public DWServerConnection(DWSettingsProvider settingsProvider) throws UnrecoverableKeyException, NoSuchAlgorithmException, KeyStoreException, KeyManagementException {
    this.settingsProvider = settingsProvider;

    // SSLContextFactory to allow all hosts. Without this an SSLException is thrown with self signed certs
    SSLContext sslContext = new SSLContextBuilder().loadTrustMaterial(null, (arg0, arg1) -> true).build();
    SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(sslContext, SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
    Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create().register("https", socketFactory).build();

    PoolingHttpClientConnectionManager connectionManager = new PoolingHttpClientConnectionManager(socketFactoryRegistry);
    connectionManager.setMaxTotal(200);
    connectionManager.setDefaultMaxPerRoute(20);

    client = HttpClients.custom()
            .setConnectionManager(connectionManager)
            .build();

    context = new HttpClientContext();
    context.setCredentialsProvider(getCredientials());
}
 
Example #6
Source Project: document-management-software   Author: logicaldoc   File: HttpUtil.java    License: GNU Lesser General Public License v3.0 5 votes vote down vote up
public static CloseableHttpClient getNotValidatingClient(int timeout, String proxyServer, Integer proxyPort,
		String proxyUser, String proxyPassword) {
	try {
		HttpClientBuilder clientBuilder = HttpClients.custom();

		RequestConfig.Builder requestBuilder = RequestConfig.custom().setConnectTimeout(timeout * 1000)
				.setSocketTimeout(timeout * 1000).setConnectionRequestTimeout(timeout * 1000)
				.setRedirectsEnabled(true);

		if (StringUtils.isNotEmpty(proxyServer)) {
			HttpHost proxyHost = new HttpHost(proxyServer, proxyPort);
			requestBuilder.setProxy(proxyHost);

			DefaultProxyRoutePlanner routePlanner = new DefaultProxyRoutePlanner(proxyHost);
			clientBuilder.setRoutePlanner(routePlanner);

			if (StringUtils.isNotEmpty(proxyUser)) {
				CredentialsProvider credentialProvider = new BasicCredentialsProvider();
				credentialProvider.setCredentials(AuthScope.ANY,
						new UsernamePasswordCredentials(proxyUser, proxyPassword));
				clientBuilder.setRoutePlanner(routePlanner);
			}
		}

		RequestConfig requestConfig = requestBuilder.build();

		CloseableHttpClient httpclient = clientBuilder.setHostnameVerifier(new AllowAllHostnameVerifier())
				.setSslcontext(new SSLContextBuilder().loadTrustMaterial(null, new TrustStrategy() {
					public boolean isTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {
						return true;
					}
				}).build()).setDefaultRequestConfig(requestConfig).build();
		return httpclient;
	} catch (Throwable t) {
		return null;
	}
}
 
Example #7
Source Project: cf-java-client-sap   Author: SAP   File: RestUtil.java    License: Apache License 2.0 5 votes vote down vote up
private javax.net.ssl.SSLContext buildSslContext() {
    try {
        return new SSLContextBuilder().useSSL()
                                      .loadTrustMaterial(null, new TrustSelfSignedStrategy())
                                      .build();
    } catch (GeneralSecurityException gse) {
        throw new RuntimeException("An error occurred setting up the SSLContext", gse);
    }
}
 
Example #8
Source Project: 07kit   Author: 07kit   File: HttpUtil.java    License: GNU General Public License v3.0 5 votes vote down vote up
public static HttpClient getClient() {
    try {
        SSLContext context = new SSLContextBuilder()
                .loadTrustMaterial(null, (arg0, arg1) -> true)
                .build();

        return HttpClients.custom()
                .setHostnameVerifier(new AllowAllHostnameVerifier())
                .setSslcontext(context)
                .build();
    } catch (Exception e) {
        e.printStackTrace();
        return HttpClients.createDefault();
    }
}
 
Example #9
Source Project: carbon-device-mgt   Author: wso2   File: JWTClientUtil.java    License: Apache License 2.0 5 votes vote down vote up
/**
 * Return a http client instance
 *
 * @param protocol- service endpoint protocol http/https
 * @return
 */
public static HttpClient getHttpClient(String protocol)
		throws IOException, KeyStoreException, NoSuchAlgorithmException, KeyManagementException {
	HttpClient httpclient;
	if (HTTPS_PROTOCOL.equals(protocol)) {
		SSLContextBuilder builder = new SSLContextBuilder();
		builder.loadTrustMaterial(null, new TrustSelfSignedStrategy());
		SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(builder.build());
		httpclient = HttpClients.custom().setSSLSocketFactory(sslsf).useSystemProperties().build();
	} else {
		httpclient = HttpClients.createDefault();
	}
	return httpclient;
}
 
Example #10
Source Project: zeppelin   Author: apache   File: BaseLivyInterpreter.java    License: Apache License 2.0 5 votes vote down vote up
private SSLContext getSslContext() {
  try {
    // Build truststore
    String trustStoreFile = getProperty("zeppelin.livy.ssl.trustStore");
    String trustStorePassword = getProperty("zeppelin.livy.ssl.trustStorePassword");
    String trustStoreType = getProperty("zeppelin.livy.ssl.trustStoreType",
            KeyStore.getDefaultType());
    if (StringUtils.isBlank(trustStoreFile)) {
      throw new RuntimeException("No zeppelin.livy.ssl.trustStore specified for livy ssl");
    }
    if (StringUtils.isBlank(trustStorePassword)) {
      throw new RuntimeException("No zeppelin.livy.ssl.trustStorePassword specified " +
              "for livy ssl");
    }
    KeyStore trustStore = getStore(trustStoreFile, trustStoreType, trustStorePassword);
    SSLContextBuilder builder = SSLContexts.custom();
    builder.loadTrustMaterial(trustStore);

    // Build keystore
    String keyStoreFile = getProperty("zeppelin.livy.ssl.keyStore");
    String keyStorePassword = getProperty("zeppelin.livy.ssl.keyStorePassword");
    String keyPassword = getProperty("zeppelin.livy.ssl.keyPassword", keyStorePassword);
    String keyStoreType = getProperty("zeppelin.livy.ssl.keyStoreType",
            KeyStore.getDefaultType());
    if (StringUtils.isNotBlank(keyStoreFile)) {
      KeyStore keyStore = getStore(keyStoreFile, keyStoreType, keyStorePassword);
      builder.loadKeyMaterial(keyStore, keyPassword.toCharArray()).useTLS();
    }
    return builder.build();
  } catch (Exception e) {
    throw new RuntimeException("Failed to create SSL Context", e);
  }
}
 
Example #11
Source Project: scheduling   Author: ow2-proactive   File: CommonHttpClientBuilder.java    License: GNU Affero General Public License v3.0 5 votes vote down vote up
protected SSLContext createSslContext() {
    try {
        SSLContextBuilder sslContextBuilder = new SSLContextBuilder();
        sslContextBuilder.loadTrustMaterial(null, ACCEPT_ANY_CERTIFICATE_TRUST_STRATEGY);
        return sslContextBuilder.build();
    } catch (KeyManagementException | KeyStoreException | NoSuchAlgorithmException e) {
        throw new IllegalStateException(e);
    }
}
 
Example #12
Source Project: mobilecloud-15   Author: juleswhite   File: UnsafeHttpsClient.java    License: Apache License 2.0 5 votes vote down vote up
public static HttpClient createUnsafeClient() {
	try {
		SSLContextBuilder builder = new SSLContextBuilder();
		builder.loadTrustMaterial(null, new TrustSelfSignedStrategy());
		SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(
				builder.build());
		CloseableHttpClient httpclient = HttpClients.custom()
				.setSSLSocketFactory(sslsf).build();

		return httpclient;
	} catch (Exception e) {
		throw new RuntimeException(e);
	}
}
 
Example #13
Source Project: mobilecloud-15   Author: juleswhite   File: UnsafeHttpsClient.java    License: Apache License 2.0 5 votes vote down vote up
public static HttpClient createUnsafeClient() {
	try {
		SSLContextBuilder builder = new SSLContextBuilder();
		builder.loadTrustMaterial(null, new TrustSelfSignedStrategy());
		SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(
				builder.build());
		CloseableHttpClient httpclient = HttpClients.custom()
				.setSSLSocketFactory(sslsf).build();

		return httpclient;
	} catch (Exception e) {
		throw new RuntimeException(e);
	}
}
 
Example #14
Source Project: mobilecloud-15   Author: juleswhite   File: UnsafeHttpsClient.java    License: Apache License 2.0 5 votes vote down vote up
public static HttpClient createUnsafeClient() {
	try {
		SSLContextBuilder builder = new SSLContextBuilder();
		builder.loadTrustMaterial(null, new TrustSelfSignedStrategy());
		SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(
				builder.build());
		CloseableHttpClient httpclient = HttpClients.custom()
				.setSSLSocketFactory(sslsf).build();

		return httpclient;
	} catch (Exception e) {
		throw new RuntimeException(e);
	}
}
 
Example #15
Source Project: cs-actions   Author: CloudSlang   File: SSLConnectionSocketFactoryBuilder.java    License: Apache License 2.0 5 votes vote down vote up
protected void createKeystore(SSLContextBuilder sslContextBuilder, boolean useClientCert) {
    if (useClientCert) {
        KeyStore clientKeyStore;
        try {
            clientKeyStore = createKeyStore(new URL(keystore), keystorePassword);
            sslContextBuilder.loadKeyMaterial(clientKeyStore, keystorePassword.toCharArray());
        } catch (UnrecoverableKeyException | IOException ue) {
            throw new IllegalArgumentException(ue.getMessage() + ". " + BAD_KEYSTORE_ERROR, ue);
        } catch (GeneralSecurityException gse) {
            throw new IllegalArgumentException(gse.getMessage() + ". " + INVALID_KEYSTORE_ERROR, gse);
        }
    }
}
 
Example #16
Source Project: cs-actions   Author: CloudSlang   File: SSLConnectionSocketFactoryBuilder.java    License: Apache License 2.0 5 votes vote down vote up
protected void createTrustKeystore(SSLContextBuilder sslContextBuilder, boolean useTrustCert) {
    if (useTrustCert) {
        KeyStore trustKeyStore;
        try {
            //todo should we do this 'create' in each and every step?
            trustKeyStore = createKeyStore(new URL(trustKeystore), trustPassword);
            sslContextBuilder.loadTrustMaterial(trustKeyStore);
        } catch (IOException ioe) {
            throw new IllegalArgumentException(ioe.getMessage() + ". " + BAD_TRUST_KEYSTORE_ERROR, ioe);
        } catch (GeneralSecurityException gse) {
            throw new IllegalArgumentException(gse.getMessage() + ". " + INVALID_TRUST_KEYSTORE_ERROR, gse);
        }
    }
}
 
Example #17
Source Project: codehelper.generator   Author: zhengjunbase   File: HttpUtil.java    License: Apache License 2.0 4 votes vote down vote up
public static void init() throws RuntimeException {
        try {
            logger.warn(NOTICELINE + " httpUtil init begin " + NOTICELINE);
            SSLContextBuilder sslContextBuilder = new SSLContextBuilder();
//            sslContextBuilder.loadTrustMaterial(null, new TrustSelfSignedStrategy());
            sslContextBuilder.loadTrustMaterial(null,new TrustAnyTrustManager());
            SSLConnectionSocketFactory sslConnectionSocketFactory =
                    new SSLConnectionSocketFactory(
                            sslContextBuilder.build(), SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);

            Registry<ConnectionSocketFactory> registry = RegistryBuilder.<ConnectionSocketFactory>create().
                    register("http", new PlainConnectionSocketFactory()).
                    register("https", sslConnectionSocketFactory).
                    build();


            logger.warn(NOTICELINE + " SSL context init done " + NOTICELINE);

            //init connectionManager , ThreadSafe pooled conMgr
            PoolingHttpClientConnectionManager poolingHttpClientConnectionManager = new PoolingHttpClientConnectionManager(registry);
            poolingHttpClientConnectionManager.setMaxTotal(30);
            poolingHttpClientConnectionManager.setDefaultMaxPerRoute(3);
            //init request config. pooltimeout,sotime,contimeout
            RequestConfig requestConfig = RequestConfig.custom().setConnectionRequestTimeout(POOL_TIMECOUT).setConnectTimeout(CON_TIMEOUT).setSocketTimeout(SO_TIMEOUT).build();
            // begin construct httpclient
            HttpClientBuilder httpClientBuilder = HttpClients.custom();
            httpClientBuilder.setConnectionManager(poolingHttpClientConnectionManager);
            httpClientBuilder.setDefaultRequestConfig(requestConfig);
            httpClientBuilder.setRetryHandler(new HttpRequestRetryHandler() {
                @Override
                public boolean retryRequest(IOException exception, int executionCount, HttpContext context) {
                    if (executionCount >= HTTP_RETRY_COUNT) {
                        return false;
                    }
                    if (exception instanceof InterruptedIOException) {
                        // Timeout
                        logger.warn("httpUtil retry for InterruptIOException");
                        return true;
                    }
                    if (exception instanceof UnknownHostException) {
                        // Unknown host
                        return false;
                    }
                    if (exception instanceof SSLException) {
                        // SSL handshake exception
                        return false;
                    }
                    HttpClientContext clientContext = HttpClientContext.adapt(context);
                    HttpRequest request = clientContext.getRequest();
                    boolean idempotent = !(request instanceof HttpEntityEnclosingRequest);
                    if (idempotent) {
                        // Retry if the request is considered idempotent
                        logger.warn("httpUtil retry for idempotent");
                        return true;
                    }
                    return false;
                }
            });
            logger.warn(NOTICELINE + " poolManager , requestconfig init done " + NOTICELINE);

            httpclient = httpClientBuilder.build();
            logger.warn(NOTICELINE + " httpUtil init done " + NOTICELINE);
        } catch (Exception e) {
            logger.error(NOTICELINE + "httpclient init fail" + NOTICELINE, e);
            throw new RuntimeException(e);
        }
    }
 
Example #18
Source Project: metron   Author: apache   File: TaxiiHandler.java    License: Apache License 2.0 4 votes vote down vote up
private static HttpClient buildClient(URL proxy, String username, String password) throws Exception
{
  HttpClient client = new HttpClient(); // Start with a default TAXII HTTP client.

  // Create an Apache HttpClientBuilder to be customized by the command line arguments.
  HttpClientBuilder builder = HttpClientBuilder.create().useSystemProperties();

  // Proxy
  if (proxy != null) {
    HttpHost proxyHost = new HttpHost(proxy.getHost(), proxy.getPort(), proxy.getProtocol());
    builder.setProxy(proxyHost);
  }

  // Basic authentication. User & Password
  if (username != null ^ password != null) {
    throw new Exception("'username' and 'password' arguments are required to appear together.");
  }


  // from:  http://stackoverflow.com/questions/19517538/ignoring-ssl-certificate-in-apache-httpclient-4-3
  SSLContextBuilder ssbldr = new SSLContextBuilder();
  ssbldr.loadTrustMaterial(null, new TrustSelfSignedStrategy());
  SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(ssbldr.build(),SSLConnectionSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER);


  Registry<ConnectionSocketFactory> registry = RegistryBuilder.<ConnectionSocketFactory>create()
      .register("http", new PlainConnectionSocketFactory())
      .register("https", sslsf)
      .build();


  PoolingHttpClientConnectionManager cm = new PoolingHttpClientConnectionManager(registry);
  cm.setMaxTotal(20);//max connection

  System.setProperty("jsse.enableSNIExtension", "false"); //""
  CloseableHttpClient httpClient = builder
      .setSSLSocketFactory(sslsf)
      .setConnectionManager(cm)
      .build();

  client.setHttpclient(httpClient);
  return client;
}