builder = builder.setHttpClientConfigCallback(httpAsyncClientBuilder -> httpAsyncClientBuilder .setSSLContext(sslContext).setSSLHostnameVerifier(new NoopHostnameVerifier())
private void setupAsyncClient() { final HttpAsyncClientBuilder clientBuilder = HttpAsyncClients.custom(); if (sslContext != null) { clientBuilder.setSSLContext(sslContext); clientBuilder.addInterceptorFirst(new HttpsResponseInterceptor()); } httpAsyncClient = clientBuilder.setDefaultCredentialsProvider(getCredentialsProvider()).build(); httpAsyncClient.start(); }
.setHttpClientConfigCallback(httpClientBuilder -> { if (sslContext != null) { httpClientBuilder = httpClientBuilder.setSSLContext(sslContext);
builder.setSSLContext(TLSUtil.createTrustingContext()); builder.setSSLHostnameVerifier(new AllowAllHostnameVerifier());
.setSSLContext(sslContext) .setSSLHostnameVerifier(SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
@Override public HttpAsyncClientBuilder customizeHttpClient(HttpAsyncClientBuilder httpClientBuilder) { return httpClientBuilder.setSSLContext(sslContext); } });
/** * Creates an Elasticsearch client from settings provided via the global config. * * @return new client */ public static ElasticsearchClient create(Map<String, Object> globalConfig) { ElasticsearchClientConfig esClientConfig = new ElasticsearchClientConfig( getEsSettings(globalConfig)); HttpHost[] httpHosts = getHttpHosts(globalConfig, esClientConfig.getConnectionScheme()); RestClientBuilder builder = RestClient.builder(httpHosts); builder.setRequestConfigCallback(reqConfigBuilder -> { // Modifies request config builder with connection and socket timeouts. // https://www.elastic.co/guide/en/elasticsearch/client/java-rest/5.6/_timeouts.html reqConfigBuilder.setConnectTimeout(esClientConfig.getConnectTimeoutMillis()); reqConfigBuilder.setSocketTimeout(esClientConfig.getSocketTimeoutMillis()); return reqConfigBuilder; }); builder.setMaxRetryTimeoutMillis(esClientConfig.getMaxRetryTimeoutMillis()); builder.setHttpClientConfigCallback(clientBuilder -> { clientBuilder.setDefaultIOReactorConfig(getIOReactorConfig(esClientConfig)); clientBuilder.setDefaultCredentialsProvider(getCredentialsProvider(esClientConfig)); clientBuilder.setSSLContext(getSSLContext(esClientConfig)); return clientBuilder; }); RestClient lowLevelClient = builder.build(); RestHighLevelClient client = new RestHighLevelClient(lowLevelClient); return new ElasticsearchClient(lowLevelClient, client); }
@Override public HttpAsyncClientBuilder customizeHttpClient(HttpAsyncClientBuilder httpClientBuilder) { httpClientBuilder.useSystemProperties(); if (!sslRejectUnauthorized) { httpClientBuilder.setSSLHostnameVerifier((host,session) -> true); try { httpClientBuilder.setSSLContext(SSLContextBuilder.create().loadTrustMaterial((chain,authType) -> true).build()); } catch (KeyManagementException | NoSuchAlgorithmException | KeyStoreException e) { throw new UncheckedIOException(new IOException("Unable to create SSLContext", e)); } } return httpClientBuilder; } });
private static CloseableHttpAsyncClient createNoSSLClient() { final TrustStrategy acceptingTrustStrategy = (X509Certificate[] chain, String authType) -> true; try { final SSLContext sslContext = SSLContexts.custom().loadTrustMaterial(null, acceptingTrustStrategy).build(); return HttpAsyncClients.custom() .setSSLHostnameVerifier(NoopHostnameVerifier.INSTANCE) .setSSLContext(sslContext).build(); } catch (Exception e) { logger.error("Could not create SSLContext",e); return null; } }
httpClientBuilder.setSSLContext(sslcontext);
public static RestHighLevelClient newElasticsearchClient(List<HttpHost> hosts, String username, String password, boolean secureConnection, Supplier<KeyStore> trustStore) throws KeyStoreException, NoSuchAlgorithmException, KeyManagementException { final CredentialsProvider credentialsProvider = new BasicCredentialsProvider(); credentialsProvider.setCredentials(AuthScope.ANY, new UsernamePasswordCredentials(username, password)); final SSLContext sslContext = !secureConnection ? null : SSLContexts.custom().loadTrustMaterial(trustStore.get(), null).build(); final RestClientBuilder builder = RestClient.builder(Iterables.toArray(hosts, HttpHost.class)) .setHttpClientConfigCallback(httpClientBuilder -> httpClientBuilder .setSSLContext(sslContext) .setDefaultCredentialsProvider(credentialsProvider)) .setFailureListener(new RestClient.FailureListener() { @Override public void onFailure(HttpHost host) { Metrics.elasticsearchHostOffline().mark(); } }); return new RestHighLevelClient(builder); }
private CloseableHttpAsyncClient createHttpClient() { //default timeouts are all infinite RequestConfig.Builder requestConfigBuilder = RequestConfig.custom() .setConnectTimeout(DEFAULT_CONNECT_TIMEOUT_MILLIS) .setSocketTimeout(DEFAULT_SOCKET_TIMEOUT_MILLIS) .setConnectionRequestTimeout(DEFAULT_CONNECTION_REQUEST_TIMEOUT_MILLIS); if (requestConfigCallback != null) { requestConfigBuilder = requestConfigCallback.customizeRequestConfig(requestConfigBuilder); } try { HttpAsyncClientBuilder httpClientBuilder = HttpAsyncClientBuilder.create().setDefaultRequestConfig(requestConfigBuilder.build()) //default settings for connection pooling may be too constraining .setMaxConnPerRoute(DEFAULT_MAX_CONN_PER_ROUTE).setMaxConnTotal(DEFAULT_MAX_CONN_TOTAL) .setSSLContext(SSLContext.getDefault()); if (httpClientConfigCallback != null) { httpClientBuilder = httpClientConfigCallback.customizeHttpClient(httpClientBuilder); } final HttpAsyncClientBuilder finalBuilder = httpClientBuilder; return AccessController.doPrivileged(new PrivilegedAction<CloseableHttpAsyncClient>() { @Override public CloseableHttpAsyncClient run() { return finalBuilder.build(); } }); } catch (NoSuchAlgorithmException e) { throw new IllegalStateException("could not create the default ssl context", e); } }
private void addClientCallback(ElasticSearchClientConfig config, RestClientBuilder builder) { BasicCredentialsProvider credentialProvider = getCredentialProvider(config); SSLContext sslContext = getSslContext(config); if (sslContext == null && credentialProvider == null) { return; } builder.setHttpClientConfigCallback(httpClientBuilder -> { httpClientBuilder.setSSLContext(sslContext); httpClientBuilder.setDefaultCredentialsProvider(credentialProvider); return httpClientBuilder; }); }
restClientBuilder.setHttpClientConfigCallback( httpClientBuilder -> httpClientBuilder.setSSLContext(sslContext).setSSLStrategy(sessionStrategy)); } catch (Exception e) { throw new IOException("Can't load the client certificate from the keystore", e);
private void addSslContext(HttpAsyncClientBuilder builder, String tenantDomain) { try { SSLContext sslContext = SSLContexts.custom() .loadTrustMaterial(AnalyticsFunctionsServiceHolder.getInstance().getTrustStore()) .build(); String hostnameVerifierConfig = CommonUtils.getConnectorConfig(AnalyticsEngineConfigImpl .HOSTNAME_VERIFIER, tenantDomain); X509HostnameVerifier hostnameVerifier; if (AnalyticsEngineConfigImpl.HOSTNAME_VERIFIER_STRICT.equalsIgnoreCase(hostnameVerifierConfig)) { hostnameVerifier = SSLConnectionSocketFactory.STRICT_HOSTNAME_VERIFIER; } else if (AnalyticsEngineConfigImpl.HOSTNAME_VERIFIER_ALLOW_ALL.equalsIgnoreCase(hostnameVerifierConfig)) { hostnameVerifier = SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER; } else { hostnameVerifier = SSLConnectionSocketFactory.STRICT_HOSTNAME_VERIFIER; } builder.setSSLContext(sslContext); builder.setHostnameVerifier(hostnameVerifier); } catch (Exception e) { LOG.error("Error while creating ssl context for analytics endpoint invocation in tenant domain: " + tenantDomain, e); } }
builder = builder.setHttpClientConfigCallback(httpAsyncClientBuilder -> httpAsyncClientBuilder .setSSLContext(sslContext).setSSLHostnameVerifier(new NoopHostnameVerifier())
private CloseableHttpAsyncClient createHttpClient() { //default timeouts are all infinite RequestConfig.Builder requestConfigBuilder = RequestConfig.custom() .setConnectTimeout(DEFAULT_CONNECT_TIMEOUT_MILLIS) .setSocketTimeout(DEFAULT_SOCKET_TIMEOUT_MILLIS); if (requestConfigCallback != null) { requestConfigBuilder = requestConfigCallback.customizeRequestConfig(requestConfigBuilder); } try { HttpAsyncClientBuilder httpClientBuilder = HttpAsyncClientBuilder.create().setDefaultRequestConfig(requestConfigBuilder.build()) //default settings for connection pooling may be too constraining .setMaxConnPerRoute(DEFAULT_MAX_CONN_PER_ROUTE).setMaxConnTotal(DEFAULT_MAX_CONN_TOTAL) .setSSLContext(SSLContext.getDefault()) .setTargetAuthenticationStrategy(new PersistentCredentialsAuthenticationStrategy()); if (httpClientConfigCallback != null) { httpClientBuilder = httpClientConfigCallback.customizeHttpClient(httpClientBuilder); } final HttpAsyncClientBuilder finalBuilder = httpClientBuilder; return AccessController.doPrivileged(new PrivilegedAction<CloseableHttpAsyncClient>() { @Override public CloseableHttpAsyncClient run() { return finalBuilder.build(); } }); } catch (NoSuchAlgorithmException e) { throw new IllegalStateException("could not create the default ssl context", e); } }
private CloseableHttpAsyncClient createAsyncClient(RequestConfig clientConfig, PoolingNHttpClientConnectionManager manager) { HttpAsyncClientBuilder asyncBuilder = HttpAsyncClientBuilder.create() .setDefaultRequestConfig(clientConfig) .setDefaultCookieStore(cookieStore) .setSSLContext(sslContext) .setConnectionManager(manager); return addInterceptors(asyncBuilder).build(); }
clientBuilder.setSSLContext(sslContextParameters.createSSLContext()); } catch (GeneralSecurityException e) { throw ObjectHelper.wrapRuntimeCamelException(e);
asyncClientBuilder.setSSLContext(sslContextParameters.createSSLContext(getCamelContext())); } catch (GeneralSecurityException e) { throw ObjectHelper.wrapRuntimeCamelException(e);