/** * Creates trust managers using the receiver's trust store configuration. * * @param context context for status messages * @return an array of trust managers or {@code null} if no trust store configuration was provided * @throws NoSuchProviderException if a provider specified for one of the trust manager components * is not known to the platform * @throws NoSuchAlgorithmException if an algorithm specified for one of the trust manager * components is not known to the relevant provider * @throws KeyStoreException if an error occurs in reading a key store containing trust anchors */ private TrustManager[] createTrustManagers(ContextAware context) throws NoSuchProviderException, NoSuchAlgorithmException, KeyStoreException { if (getTrustStore() == null) return null; KeyStore trustStore = getTrustStore().createKeyStore(); context.addInfo( "trust store of type '" + trustStore.getType() + "' provider '" + trustStore.getProvider() + "': " + getTrustStore().getLocation()); TrustManagerFactory tmf = getTrustManagerFactory().createTrustManagerFactory(); context.addInfo( "trust manager algorithm '" + tmf.getAlgorithm() + "' provider '" + tmf.getProvider() + "'"); tmf.init(trustStore); return tmf.getTrustManagers(); }
protected CamelContext createPropertiesPlaceholderAwareContext() throws Exception { Properties supplementalProperties = new Properties(); KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType()); KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); SecureRandom sr = null; try { sr = SecureRandom.getInstance("SHA1PRNG"); } catch (NoSuchAlgorithmException e) { // Ignore } SSLContext sslc = SSLContext.getInstance("TLS"); sslc.init(null, null, null); SSLSocket socket = (SSLSocket) sslc.getSocketFactory().createSocket(); supplementalProperties.setProperty("keyStoreParameters.type", KeyStore.getDefaultType()); supplementalProperties.setProperty("keyStoreParameters.provider", ks.getProvider().getName()); supplementalProperties.setProperty( "keyManagersParameters.algorithm", KeyManagerFactory.getDefaultAlgorithm()); supplementalProperties.setProperty( "keyManagersParameters.provider", kmf.getProvider().getName()); supplementalProperties.setProperty( "trustManagersParameters.algorithm", TrustManagerFactory.getDefaultAlgorithm()); supplementalProperties.setProperty( "trustManagersParameters.provider", tmf.getProvider().getName()); if (sr != null) { supplementalProperties.setProperty("secureRandomParameters.algorithm", "SHA1PRNG"); supplementalProperties.setProperty( "secureRandomParameters.provider", sr.getProvider().getName()); } supplementalProperties.setProperty( "sslContextParameters.provider", sslc.getProvider().getName()); supplementalProperties.setProperty("cipherSuite.0", socket.getSupportedCipherSuites()[0]); // Have to skip this guy because he doesn't work with TLS as the SSLContext protocol String ssp = ""; for (String protocol : socket.getSupportedProtocols()) { if (!"SSLv2Hello".equals(protocol)) { ssp = protocol; break; } } supplementalProperties.setProperty("secureSocketProtocol.0", ssp); return this.createPropertiesPlaceholderAwareContext(supplementalProperties); }