/** * Returns an instance of this socket factory configured with a hostname verifying trust manager. If the supplied ssl * config does not contain trust managers, {@link HostnameVerifyingTrustManager} with {@link DefaultHostnameVerifier} * is set. See {@link #addHostnameVerifyingTrustManager(SslConfig, String[])}. * * @param config to set on the socket factory * @param names to use for hostname verification * * @return socket factory */ public static SSLSocketFactory getHostnameVerifierFactory(final SslConfig config, final String[] names) { final ThreadLocalTLSSocketFactory sf = new ThreadLocalTLSSocketFactory(); if (config != null && !config.isEmpty()) { sf.setSslConfig(SslConfig.newSslConfig(config)); } else { sf.setSslConfig(new SslConfig()); } addHostnameVerifyingTrustManager(sf.getSslConfig(), names); try { sf.initialize(); } catch (GeneralSecurityException e) { throw new IllegalArgumentException(e); } return sf; }
/** * Returns an instance of this socket factory configured with a hostname verifying trust manager. If the supplied ssl * config does not contain trust managers, {@link HostnameVerifyingTrustManager} with {@link DefaultHostnameVerifier} * is set. See {@link #addHostnameVerifyingTrustManager(SslConfig, String[])}. * * @param config to set on the socket factory * @param names to use for hostname verification * * @return socket factory */ @SuppressWarnings("RedundantArrayCreation") public static SSLSocketFactory getHostnameVerifierFactory(final SslConfig config, final String[] names) { final TLSSocketFactory sf = new TLSSocketFactory(); if (config != null && !config.isEmpty()) { sf.setSslConfig(SslConfig.newSslConfig(config)); } else { sf.setSslConfig(new SslConfig()); } addHostnameVerifyingTrustManager(sf.getSslConfig(), names); try { sf.initialize(); } catch (GeneralSecurityException e) { throw new IllegalArgumentException(e); } return sf; }
private void configureSSL(final Ldap ldap, final ConnectionConfig userConnectionConfig) { if (ldap.getX509() != null) { final X509CredentialConfig x509CredentialConfig = new X509CredentialConfig(); x509CredentialConfig.setTrustCertificates(ldap.getX509()); // file:/path/to/trust.pem final SslConfig config = new SslConfig(x509CredentialConfig); userConnectionConfig.setSslConfig(config); userConnectionConfig.setUseSSL(ldap.isSsl()); } else { userConnectionConfig.setUseSSL(ldap.isSsl()); } }
/** * Config test data. * * @return test data */ @DataProvider(name = "configs") public Object[][] createConfigs() { return new Object[][] { new Object[] {new ConnectionConfig(), }, new Object[] {new PoolConfig(), }, new Object[] {new ProviderConfig(), }, new Object[] {new SaslConfig(), }, new Object[] {new SslConfig(), }, new Object[] {new SocketConfig(), }, }; }
/** * Returns a ssl config initialized with the supplied config. * * @param config ssl config to read properties from * * @return ssl config */ public static SslConfig newSslConfig(final SslConfig config) { final SslConfig sc = new SslConfig(); sc.setCredentialConfig(config.getCredentialConfig()); sc.setTrustManagers(config.getTrustManagers()); sc.setEnabledCipherSuites(config.getEnabledCipherSuites()); sc.setEnabledProtocols(config.getEnabledProtocols()); sc.setHandshakeCompletedListeners(config.getHandshakeCompletedListeners()); return sc; }
sf.setSslConfig(SslConfig.newSslConfig(config)); } else { sf.setSslConfig(new SslConfig());
final X509CredentialConfig cfg = new X509CredentialConfig(); cfg.setTrustCertificates(l.getTrustCertificates()); cc.setSslConfig(new SslConfig(cfg)); } else if (l.getKeystore() != null) { final KeyStoreCredentialConfig cfg = new KeyStoreCredentialConfig(); cfg.setKeyStorePassword(l.getKeystorePassword()); cfg.setKeyStoreType(l.getKeystoreType()); cc.setSslConfig(new SslConfig(cfg)); } else { cc.setSslConfig(new SslConfig());
sf.setSslConfig(SslConfig.newSslConfig(config)); } else { sf.setSslConfig(new SslConfig());
sf.setSslConfig(SslConfig.newSslConfig(config)); } else { sf.setSslConfig(new SslConfig());
/** * Returns a ssl config initialized with the supplied config. * * @param config ssl config to read properties from * * @return ssl config */ public static SslConfig newSslConfig(final SslConfig config) { final SslConfig sc = new SslConfig(); sc.setCredentialConfig(config.getCredentialConfig()); sc.setTrustManagers(config.getTrustManagers()); sc.setHostnameVerifier(config.getHostnameVerifier()); sc.setHostnameVerifierConfig(config.getHostnameVerifierConfig()); sc.setEnabledCipherSuites(config.getEnabledCipherSuites()); sc.setEnabledProtocols(config.getEnabledProtocols()); sc.setHandshakeCompletedListeners(config.getHandshakeCompletedListeners()); return sc; }
/** * Returns a ssl config initialized with the supplied config. * * @param config ssl config to read properties from * * @return ssl config */ public static SslConfig newSslConfig(final SslConfig config) { final SslConfig sc = new SslConfig(); sc.setCredentialConfig(config.getCredentialConfig()); sc.setTrustManagers(config.getTrustManagers()); sc.setHostnameVerifier(config.getHostnameVerifier()); sc.setHostnameVerifierConfig(config.getHostnameVerifierConfig()); sc.setEnabledCipherSuites(config.getEnabledCipherSuites()); sc.setEnabledProtocols(config.getEnabledProtocols()); sc.setHandshakeCompletedListeners(config.getHandshakeCompletedListeners()); return sc; }
sf.setSslConfig(SslConfig.newSslConfig(config)); } else { sf.setSslConfig(new SslConfig());
sc = new SslConfig();
sc = new SslConfig();
sc = new SslConfig();