/** * Creates an SSLContext that will present an impersonated certificate for the specified hostname to the client. * This is a convenience method for {@link #createImpersonatingSslContext(CertificateInfo)} that generates the * {@link CertificateInfo} from the specified hostname using the {@link #certificateInfoGenerator}. * * @param sslSession sslSession between the proxy and the upstream server * @param hostnameToImpersonate hostname (supplied by the client's HTTP CONNECT) that will be impersonated * @return an SSLContext presenting a certificate matching the hostnameToImpersonate */ private SslContext createImpersonatingSslContext(SSLSession sslSession, String hostnameToImpersonate) { // get the upstream server's certificate so the certificateInfoGenerator can (optionally) use it to construct a forged certificate X509Certificate originalCertificate = SslUtil.getServerCertificate(sslSession); // get the CertificateInfo that will be used to populate the impersonated X509Certificate CertificateInfo certificateInfo = certificateInfoGenerator.generate(Collections.singletonList(hostnameToImpersonate), originalCertificate); SslContext sslContext = createImpersonatingSslContext(certificateInfo); return sslContext; }
/** * Creates an SSLContext that will present an impersonated certificate for the specified hostname to the client. * This is a convenience method for {@link #createImpersonatingSslContext(CertificateInfo)} that generates the * {@link CertificateInfo} from the specified hostname using the {@link #certificateInfoGenerator}. * * @param sslSession sslSession between the proxy and the upstream server * @param hostnameToImpersonate hostname (supplied by the client's HTTP CONNECT) that will be impersonated * @return an SSLContext presenting a certificate matching the hostnameToImpersonate */ private SslContext createImpersonatingSslContext(SSLSession sslSession, String hostnameToImpersonate) { // get the upstream server's certificate so the certificateInfoGenerator can (optionally) use it to construct a forged certificate X509Certificate originalCertificate = SslUtil.getServerCertificate(sslSession); // get the CertificateInfo that will be used to populate the impersonated X509Certificate CertificateInfo certificateInfo = certificateInfoGenerator.generate(Collections.singletonList(hostnameToImpersonate), originalCertificate); SslContext sslContext = createImpersonatingSslContext(certificateInfo); return sslContext; }
/** * Creates an SSLContext that will present an impersonated certificate for the specified hostname to the client. * This is a convenience method for {@link #createImpersonatingSslContext(CertificateInfo)} that generates the * {@link CertificateInfo} from the specified hostname using the {@link #certificateInfoGenerator}. * * @param sslSession sslSession between the proxy and the upstream server * @param hostnameToImpersonate hostname (supplied by the client's HTTP CONNECT) that will be impersonated * @return an SSLContext presenting a certificate matching the hostnameToImpersonate */ private SslContext createImpersonatingSslContext(SSLSession sslSession, String hostnameToImpersonate) { // get the upstream server's certificate so the certificateInfoGenerator can (optionally) use it to construct a forged certificate X509Certificate originalCertificate = SslUtil.getServerCertificate(sslSession); // get the CertificateInfo that will be used to populate the impersonated X509Certificate CertificateInfo certificateInfo = certificateInfoGenerator.generate(Collections.singletonList(hostnameToImpersonate), originalCertificate); SslContext sslContext = createImpersonatingSslContext(certificateInfo); return sslContext; }