/** * Returns the SSLContext we are using. This is either a context per thread, * or, for backwards compatibility, a single shared context. * * @return The Context value * @throws GeneralSecurityException * when constructing the context fails */ public SSLContext getContext() throws GeneralSecurityException { if (SHARED_SESSION_CONTEXT) { if (log.isDebugEnabled()){ log.debug("Using shared SSL context for: {}", Thread.currentThread().getName()); } return this.defaultContext; } SSLContext sslContext = this.threadlocal.get(); if (sslContext == null) { if (log.isDebugEnabled()){ log.debug("Creating threadLocal SSL context for: {}", Thread.currentThread().getName()); } sslContext = createContext(); this.threadlocal.set(sslContext); } if (log.isDebugEnabled()){ log.debug("Using threadLocal SSL context for: {}", Thread.currentThread().getName()); } return sslContext; }
/** * Create the SSLContext, and wrap all the X509KeyManagers with * our X509KeyManager so that we can choose our alias. * * @param provider * Description of Parameter */ public JsseSSLManager(Provider provider) { log.debug("ssl Provider = {}", provider); setProvider(provider); if (null == this.rand) { // Surely this is always null in the constructor? this.rand = new SecureRandom(); } try { if (SHARED_SESSION_CONTEXT) { log.debug("Creating shared context"); this.defaultContext = createContext(); } else { this.threadlocal = new ThreadLocal<>(); } HttpsURLConnection.setDefaultSSLSocketFactory(new HttpSSLProtocolSocketFactory(CPS)); HttpsURLConnection.setDefaultHostnameVerifier((hostname, session) -> true); log.debug("SSL stuff all set"); } catch (GeneralSecurityException ex) { log.error("Could not set up SSLContext", ex); } log.debug("JsseSSLManager installed"); }