public static synchronized void setGlobalSSLAuth( String keypath, String keypassword, String trustpath, String trustpassword) { // load the stores if defined try { if (trustpath != null && trustpassword != null) { truststore = KeyStore.getInstance(KeyStore.getDefaultType()); try (FileInputStream instream = new FileInputStream(new File(trustpath))) { truststore.load(instream, trustpassword.toCharArray()); } } else truststore = null; if (keypath != null && keypassword != null) { keystore = KeyStore.getInstance(KeyStore.getDefaultType()); try (FileInputStream instream = new FileInputStream(new File(keypath))) { keystore.load(instream, keypassword.toCharArray()); } } else keystore = null; } catch (IOException | NoSuchAlgorithmException | CertificateException | KeyStoreException ex) { log.error("Illegal -D keystore parameters: " + ex.getMessage()); truststore = null; keystore = null; } try { // set up the context SSLContext scxt = null; if (IGNORECERTS) { scxt = SSLContext.getInstance("TLS"); TrustManager[] trust_mgr = new TrustManager[] { new X509TrustManager() { public X509Certificate[] getAcceptedIssuers() { return null; } public void checkClientTrusted(X509Certificate[] certs, String t) {} public void checkServerTrusted(X509Certificate[] certs, String t) {} } }; scxt.init( null, // key manager trust_mgr, // trust manager new SecureRandom()); // random number generator } else { SSLContextBuilder sslbuilder = SSLContexts.custom(); TrustStrategy strat = new LooseTrustStrategy(); if (truststore != null) sslbuilder.loadTrustMaterial(truststore, strat); else sslbuilder.loadTrustMaterial(strat); sslbuilder.loadTrustMaterial(truststore, new LooseTrustStrategy()); if (keystore != null) sslbuilder.loadKeyMaterial(keystore, keypassword.toCharArray()); scxt = sslbuilder.build(); } globalsslfactory = new SSLConnectionSocketFactory(scxt, new NoopHostnameVerifier()); RegistryBuilder rb = RegistryBuilder.<ConnectionSocketFactory>create(); rb.register("https", globalsslfactory); sslregistry = rb.build(); } catch (KeyStoreException | NoSuchAlgorithmException | KeyManagementException | UnrecoverableEntryException e) { log.error("Failed to set key/trust store(s): " + e.getMessage()); sslregistry = null; globalsslfactory = null; } }