@Override public SSLContextInitializer createSSLContextInitializer() throws GeneralSecurityException { final X509SSLContextInitializer sslInit = new X509SSLContextInitializer(); try { if (trustCertificates != null) { final X509CertificatesCredentialReader certsReader = new X509CertificatesCredentialReader(); final InputStream trustCertStream = new ByteArrayInputStream(LdapUtils.utf8Encode(trustCertificates)); sslInit.setTrustCertificates(certsReader.read(trustCertStream)); trustCertStream.close(); } } catch (IOException e) { throw new GeneralSecurityException(e); } return sslInit; } };
/** * Creates a X509CredentialConfig from PEM encoded certificate(s). * * @param trustCertificates to create credential config from * * @return credential config */ public static CredentialConfig createX509CredentialConfig(final String trustCertificates) { return () -> { final X509SSLContextInitializer sslInit = new X509SSLContextInitializer(); try { if (trustCertificates != null) { final X509CertificatesCredentialReader certsReader = new X509CertificatesCredentialReader(); final InputStream trustCertStream = new ByteArrayInputStream(LdapUtils.utf8Encode(trustCertificates)); sslInit.setTrustCertificates(certsReader.read(trustCertStream)); trustCertStream.close(); } } catch (IOException e) { throw new GeneralSecurityException(e); } return sslInit; }; } }
/** * Creates a X509CredentialConfig from PEM encoded certificate(s). * * @param trustCertificates to create credential config from * * @return credential config */ public static CredentialConfig createX509CredentialConfig(final String trustCertificates) { return () -> { final X509SSLContextInitializer sslInit = new X509SSLContextInitializer(); try { if (trustCertificates != null) { final X509CertificatesCredentialReader certsReader = new X509CertificatesCredentialReader(); final InputStream trustCertStream = new ByteArrayInputStream(LdapUtils.utf8Encode(trustCertificates)); sslInit.setTrustCertificates(certsReader.read(trustCertStream)); trustCertStream.close(); } } catch (IOException e) { throw new GeneralSecurityException(e); } return sslInit; }; } }
@Override public SSLContextInitializer createSSLContextInitializer() throws GeneralSecurityException { final X509SSLContextInitializer sslInit = new X509SSLContextInitializer(); if (trustCertificates != null) { sslInit.setTrustCertificates(trustCertificates); } if (authenticationCertificate != null) { sslInit.setAuthenticationCertificate(authenticationCertificate); } if (authenticationKey != null) { sslInit.setAuthenticationKey(authenticationKey); } return sslInit; } };
/** * Creates a X509CredentialConfig from the supplied trust certificates, authentication certificate and private key. * * @param trustCertificates to create credential config from * @param authenticationCertificate to create credential config from * @param authenticationKey that belongs to the certificate * * @return credential config */ public static CredentialConfig createX509CredentialConfig( final X509Certificate[] trustCertificates, final X509Certificate authenticationCertificate, final PrivateKey authenticationKey) { return () -> { final X509SSLContextInitializer sslInit = new X509SSLContextInitializer(); if (trustCertificates != null) { sslInit.setTrustCertificates(trustCertificates); } if (authenticationCertificate != null) { sslInit.setAuthenticationCertificate(authenticationCertificate); } if (authenticationKey != null) { sslInit.setAuthenticationKey(authenticationKey); } return sslInit; }; }
/** * Creates a X509CredentialConfig from the supplied trust certificates, authentication certificate and private key. * * @param trustCertificates to create credential config from * @param authenticationCertificate to create credential config from * @param authenticationKey that belongs to the certificate * * @return credential config */ public static CredentialConfig createX509CredentialConfig( final X509Certificate[] trustCertificates, final X509Certificate authenticationCertificate, final PrivateKey authenticationKey) { return () -> { final X509SSLContextInitializer sslInit = new X509SSLContextInitializer(); if (trustCertificates != null) { sslInit.setTrustCertificates(trustCertificates); } if (authenticationCertificate != null) { sslInit.setAuthenticationCertificate(authenticationCertificate); } if (authenticationKey != null) { sslInit.setAuthenticationKey(authenticationKey); } return sslInit; }; }
@Override public SSLContextInitializer createSSLContextInitializer() throws GeneralSecurityException { final X509SSLContextInitializer sslInit = new X509SSLContextInitializer(); try { if (trustCertificates != null) { sslInit.setTrustCertificates(certsReader.read(trustCertificates)); } if (authenticationCertificate != null) { sslInit.setAuthenticationCertificate(certReader.read(authenticationCertificate)); } if (authenticationKey != null) { sslInit.setAuthenticationKey(keyReader.read(authenticationKey)); } } catch (IOException e) { throw new GeneralSecurityException(e); } return sslInit; }
@Override public SSLContextInitializer createSSLContextInitializer() throws GeneralSecurityException { final X509SSLContextInitializer sslInit = new X509SSLContextInitializer(); try { if (trustCertificates != null) { sslInit.setTrustCertificates(certsReader.read(trustCertificates)); } if (authenticationCertificate != null) { sslInit.setAuthenticationCertificate(certReader.read(authenticationCertificate)); } if (authenticationKey != null) { sslInit.setAuthenticationKey(keyReader.read(authenticationKey)); } } catch (IOException e) { throw new GeneralSecurityException(e); } return sslInit; }
@Override public SSLContextInitializer createSSLContextInitializer() throws GeneralSecurityException { final X509SSLContextInitializer sslInit = new X509SSLContextInitializer(); try { if (trustCertificates != null) { sslInit.setTrustCertificates(certsReader.read(trustCertificates)); } if (authenticationCertificate != null) { sslInit.setAuthenticationCertificate(certReader.read(authenticationCertificate)); } if (authenticationKey != null) { sslInit.setAuthenticationKey(keyReader.read(authenticationKey)); } } catch (IOException e) { throw new GeneralSecurityException(e); } return sslInit; }
/** {@inheritDoc} */ @Override public SSLContextInitializer createSSLContextInitializer() throws GeneralSecurityException { final X509SSLContextInitializer sslInit = new X509SSLContextInitializer(); try { if (trustCertificates != null) { sslInit.setTrustCertificates(X509Support.decodeCertificates(trustCertificates.getFile()).toArray( new X509Certificate[0])); } if (authenticationCertificate != null) { sslInit.setAuthenticationCertificate( X509Support.decodeCertificate(authenticationCertificate.getFile())); } if (authenticationKey != null) { sslInit.setAuthenticationKey(KeySupport.decodePrivateKey(authenticationKey.getFile(), authenticationKeyPassword != null ? authenticationKeyPassword.toCharArray() : null)); } } catch (final IOException e) { throw new GeneralSecurityException(e); } return sslInit; } }
final X509SSLContextInitializer x509 = new X509SSLContextInitializer(); x509.setTrustCertificates(testCert); final X509SSLContextInitializer x509WithTM = new X509SSLContextInitializer(); x509WithTM.setTrustCertificates(testCert); x509WithTM.setTrustManagers(new AllowAnyTrustManager()); final X509SSLContextInitializer x509WithHV = new X509SSLContextInitializer(); x509WithHV.setTrustCertificates(testCert); x509WithHV.setHostnameVerifierConfig(new HostnameVerifierConfig(new DefaultHostnameVerifier(), "test")); final X509SSLContextInitializer x509WithTMHV = new X509SSLContextInitializer(); x509WithTMHV.setTrustCertificates(testCert); x509WithTMHV.setTrustManagers(new AllowAnyTrustManager()); x509WithTMHV.setHostnameVerifierConfig(new HostnameVerifierConfig(new DefaultHostnameVerifier(), "test")); final X509SSLContextInitializer x509NoTrustWithTM = new X509SSLContextInitializer(); x509NoTrustWithTM.setTrustManagers(new AllowAnyTrustManager()); final X509SSLContextInitializer x509NoTrustWithHV = new X509SSLContextInitializer(); x509NoTrustWithHV.setHostnameVerifierConfig(new HostnameVerifierConfig(new DefaultHostnameVerifier(), "test")); final X509SSLContextInitializer x509NoTrustWithTMHV = new X509SSLContextInitializer(); x509NoTrustWithTMHV.setTrustManagers(new AllowAnyTrustManager()); x509NoTrustWithTMHV.setHostnameVerifierConfig(new HostnameVerifierConfig(new DefaultHostnameVerifier(), "test"));