public SunSSLTransportFactory(Properties properties) throws GeneralSecurityException {
    X509TrustManager trustManager;
    HostnameVerifier hostnameVerifier;
    SSLContext sslContext;

    Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());

    url = (URL) properties.get(XmlRpcTransportFactory.TRANSPORT_URL);
    auth = properties.getProperty(XmlRpcTransportFactory.TRANSPORT_AUTH);

    trustManager = (X509TrustManager) properties.get(TRANSPORT_TRUSTMANAGER);
    if (trustManager == null) {
      trustManager = openTrustManager;
    }

    hostnameVerifier = (HostnameVerifier) properties.get(TRANSPORT_HOSTNAMEVERIFIER);
    if (hostnameVerifier == null) {
      hostnameVerifier = openHostnameVerifier;
    }

    sslContext = SSLContext.getInstance(SecurityTool.getSecurityProtocol());
    X509TrustManager[] tmArray = new X509TrustManager[] {trustManager};
    sslContext.init(null, tmArray, new SecureRandom());

    // Set the default SocketFactory and HostnameVerifier
    // for javax.net.ssl.HttpsURLConnection
    if (sslContext != null) {
      HttpsURLConnection.setDefaultSSLSocketFactory(sslContext.getSocketFactory());
    }
    HttpsURLConnection.setDefaultHostnameVerifier(hostnameVerifier);
  }
Beispiel #2
0
  public static void main(String[] args) throws Exception {

    System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
    /**
     * This test does not establish any connection to the specified URL, hence a dummy URL is used.
     */
    URL foobar = new URL("https://example.com/");

    HttpsURLConnection urlc = (HttpsURLConnection) foobar.openConnection();

    try {
      urlc.getCipherSuite();
    } catch (IllegalStateException e) {
      System.out.print("Caught proper exception: ");
      System.out.println(e.getMessage());
    }

    try {
      urlc.getServerCertificateChain();
    } catch (IllegalStateException e) {
      System.out.print("Caught proper exception: ");
      System.out.println(e.getMessage());
    }

    try {
      urlc.setDefaultHostnameVerifier(null);
    } catch (IllegalArgumentException e) {
      System.out.print("Caught proper exception: ");
      System.out.println(e.getMessage());
    }

    try {
      urlc.setHostnameVerifier(null);
    } catch (IllegalArgumentException e) {
      System.out.print("Caught proper exception: ");
      System.out.println(e.getMessage());
    }

    try {
      urlc.setDefaultSSLSocketFactory(null);
    } catch (IllegalArgumentException e) {
      System.out.print("Caught proper exception: ");
      System.out.println(e.getMessage());
    }

    try {
      urlc.setSSLSocketFactory(null);
    } catch (IllegalArgumentException e) {
      System.out.print("Caught proper exception");
      System.out.println(e.getMessage());
    }
    System.out.println("TESTS PASSED");
  }
  /**
   * Set the default X509 Trust Manager to an instance of a fake class that trust all certificates,
   * even the self-signed ones. This method uses the old deprecated API from the <code>com.sun.ssl
   * </code> package.
   *
   * @deprecated see {@link #_trustAllHttpsCertificates()}.
   */
  private static void __trustAllHttpsCertificates() {
    com.sun.net.ssl.SSLContext context;

    // Create a trust manager that does not validate certificate chains
    if (__trustManagers == null) {
      __trustManagers = new com.sun.net.ssl.TrustManager[] {new _FakeX509TrustManager()};
    } // if
    // Install the all-trusting trust manager
    try {
      context = com.sun.net.ssl.SSLContext.getInstance("SSL");
      context.init(null, __trustManagers, new SecureRandom());
    } catch (GeneralSecurityException gse) {
      throw new IllegalStateException(gse.getMessage());
    } // catch
    com.sun.net.ssl.HttpsURLConnection.setDefaultSSLSocketFactory(context.getSocketFactory());
  } // __trustAllHttpsCertificates