private boolean validateIfTrusted(X509Certificate[] certificates, String authType) { if (trustManager == null) { trustManager = ServerX509TrustManager.init(null); } try { trustManager.checkServerTrusted(certificates, authType); return true; } catch (CertificateException e) { Utils.log(getClass(), CertificateException.class.getSimpleName(), Level.FINE, "%s", Utils.toString(e)); return false; } }
TrustManager[] trustManagers = new TrustManager[]{ServerX509TrustManager.init(null)};
@BeforeClass public static void setUp() throws Throwable { // Force a custom trust store... that shouldn't override the Java default cacerts. URI customStore = ServerX509TrustManagerTest.class .getResource("/certs/trusted_certificates.jks").toURI(); File f = new File(customStore.getPath()); originalTrustStoreProp = System.setProperty(JAVAX_NET_SSL_TRUST_STORE, f.getPath()); originalTrustStorePasswordProp = System.setProperty(JAVAX_NET_SSL_TRUST_STORE_PASSWORD, "changeit"); // Fake host, not really needed for the purpose of the trust manager test. ServiceHost host = new ServiceHost() { }; ServerX509TrustManager.invalidate(); trustManager = ServerX509TrustManager.init(host); }
@Override public ServiceHost start() throws Throwable { ServerX509TrustManager trustManager = ServerX509TrustManager.init(this); ServiceClient serviceClient = createServiceClient(CertificateUtil.createSSLContext( trustManager, null), 0);
@Test public void testCreateInstance() { try { PKSRemoteClientService.getInstance(); Assert.fail("should not reach here"); } catch (Exception e) { assertTrue(e instanceof IllegalStateException); } ServerX509TrustManager trustManager = ServerX509TrustManager.init(host); PKSRemoteClientService client = new PKSRemoteClientService(trustManager, host); assertNotNull(client); try { new PKSRemoteClientService(null, null); Assert.fail("should not reach here"); } catch (Exception e) { assertTrue(e instanceof IllegalStateException); } PKSRemoteClientService client2 = PKSRemoteClientService.getInstance(); assertSame(client, client2); }