public HttpsClient(String host, String project) { SslConfigurator sslConfig = SslConfigurator.newInstance(); SSLContext ssl = sslConfig.createSSLContext(); this.target = ClientBuilder.newBuilder().sslContext(ssl).build().target(UriBuilder.fromUri("https://" + host).build()); if (project != null) { this.target = this.target.path(project); } }
/** * Get a new instance of a {@link SSLContext} configured using default configuration settings. * * The default SSL configuration is initialized from system properties. This method is a shortcut * for {@link #getDefaultContext(boolean) getDefaultContext(true)}. * * @return new instance of a default SSL context initialized from system properties. */ public static SSLContext getDefaultContext() { return getDefaultContext(true); }
@Override public JerseyClientBuilder keyStore(KeyStore keyStore, char[] password) { if (keyStore == null) { throw new NullPointerException(LocalizationMessages.NULL_KEYSTORE()); } if (password == null) { throw new NullPointerException(LocalizationMessages.NULL_KEYSTORE_PASWORD()); } if (sslConfigurator == null) { sslConfigurator = SslConfigurator.newInstance(); } sslConfigurator.keyStore(keyStore); sslConfigurator.keyPassword(password); sslContext = null; return this; }
/** * Get a new instance of a {@link SSLContext} configured using default configuration settings. * * If {@code readSystemProperties} parameter is set to {@code true}, the default SSL configuration * is initialized from system properties. * * @param readSystemProperties if {@code true}, the default SSL context will be initialized using * system properties. * @return new instance of a default SSL context initialized from system properties. */ public static SSLContext getDefaultContext(boolean readSystemProperties) { if (readSystemProperties) { return new SslConfigurator(true).createSSLContext(); } else { return DEFAULT_CONFIG_NO_PROPS.createSSLContext(); } }
@Override public JerseyClientBuilder trustStore(KeyStore trustStore) { if (trustStore == null) { throw new NullPointerException(LocalizationMessages.NULL_TRUSTSTORE()); } if (sslConfigurator == null) { sslConfigurator = SslConfigurator.newInstance(); } sslConfigurator.trustStore(trustStore); sslContext = null; return this; }
protected SSLContext createSSLContext(Map<String, String> sslConfigurations) { SslConfigurator sslConfigurator = SslConfigurator.newInstance(); String keyPassword = "keyPassword"; sslConfigurator.keyStoreType(sslConfigurations.get("keyStoreType")) .keyStoreFile(sslConfigurations.get("keyStorePath")) .keyStorePassword(sslConfigurations.get("keyStorePassword")) .trustStoreType(sslConfigurations.get("trustStoreType")) .trustStoreFile(sslConfigurations.get("trustStorePath")) .trustStorePassword(sslConfigurations.get("trustStorePassword")) .keyStoreProvider(sslConfigurations.get("keyStoreProvider")) .trustStoreProvider(sslConfigurations.get("trustStoreProvider")) .keyManagerFactoryAlgorithm(sslConfigurations.get("keyManagerFactoryAlgorithm")) .keyManagerFactoryProvider(sslConfigurations.get("keyManagerFactoryProvider")) .trustManagerFactoryAlgorithm(sslConfigurations.get("trustManagerFactoryAlgorithm")) .trustManagerFactoryProvider(sslConfigurations.get("trustManagerFactoryProvider")) .securityProtocol(sslConfigurations.get("protocol")); if (sslConfigurations.containsKey(keyPassword)) sslConfigurator.keyPassword(sslConfigurations.get(keyPassword)); return sslConfigurator.createSSLContext(); }
@Override public void run() { SslConfigurator sslConfig = SslConfigurator.newInstance() .trustStoreFile("./truststore_client") .trustStorePassword("asdfgh") .keyStoreFile("./keystore_client") .keyPassword("asdfgh"); final Client client = ClientBuilder.newBuilder().sslContext(sslConfig.createSSLContext()).build(); client.property(ClientProperties.CONNECT_TIMEOUT, 2000) .register(new MoxyJsonFeature())
private static Client initializeClient(DirectoryServerConfiguration directoryServerConfiguration) throws CertificateException { KeyStore trustStore = initializeKeyStore(directoryServerConfiguration.getReplicationCaCertificate()); SSLContext sslContext = SslConfigurator.newInstance() .securityProtocol("TLSv1.2") .trustStore(trustStore) .createSSLContext(); return ClientBuilder.newBuilder() .register(HttpAuthenticationFeature.basic("signal", directoryServerConfiguration.getReplicationPassword().getBytes())) .sslContext(sslContext) .build(); }
sslConfig = SslConfigurator.newInstance() .trustStoreBytes(truststoreFile != null ? truststoreFile : keyStoreFile) .trustStorePassword(config.getTruststorePassword() != null ? String.valueOf(config.getTruststorePassword()) : String.valueOf(config.getKeystorePassword())) .trustStoreType(config.getTrustStoreType()) .keyStoreBytes(keyStoreFile != null ? keyStoreFile : truststoreFile) .keyStorePassword(config.getKeystorePassword()); } else { sslConfig = SslConfigurator.newInstance() .keyStoreFile(config.getKeystorePath() == null ? config.getTruststorePath() : config.getKeystorePath()) .keyStorePassword(config.getKeystorePassword() == null ? config.getTruststorePassword() : config.getKeystorePassword()) .trustStoreFile(config.getTruststorePath() == null ? config.getKeystorePath() : config.getTruststorePath()) .trustStorePassword(config.getTruststorePassword() == null ? String.valueOf(config.getKeystorePassword()) : String.valueOf(config.getTruststorePassword())) .trustStoreType(config.getTrustStoreType()); sslContext = sslConfig.createSSLContext(); } catch (Exception e) { log.error("ERROR creating CLient SSL Context. " + e.getMessage() + " Falling back to Jersey Client without SSL. Rest Integration with '" + config.getUrl()
@Override public SSLContext get() { return sslConfiguratorCopy.createSSLContext(); } }),
/** * Sets the SSL context on the builder. * <p> * Separate so subclasses can call if desired. * * @param builder * The client builder to use. */ protected void setSslContext(ClientBuilder builder) { JreVersion version = JavaRuntimeUtils.getRuntimeVersion(); if (version == JreVersion.Java_7) { LOG.info("Running on 1.7 VM, manually setting security protocol to TLSv1.2"); SSLContext sslContext = SslConfigurator.newInstance(true) .securityProtocol("TLSv1.2") .createSSLContext(); builder.sslContext(sslContext); } else if (version == JreVersion.Unsupported) { LOG.error("Using an unsupported runtime only 1.7+ is supported"); } else if (version == JreVersion.Unknown) { LOG.warn("Using an unknown runtime, calls may not work"); } }
@Override protected Client createJerseyClient() throws Exception { SslConfigurator sslConfig = SslConfigurator.newInstance() .trustStoreFile(getResourcePath("bookie.truststore.jks")); SSLContext sslContext = sslConfig.createSSLContext(); return ClientBuilder.newBuilder().sslContext(sslContext) .hostnameVerifier((s1, s2) -> true) .build(); }
sslConfig.securityProtocol( getPropertyValue(gsConfigProperties, GEOSERVER_SSL_SECURITY_PROTOCOL, "TLS")); if (trustStoreFile != null) { try { sslConfig.trustStoreFile(trustStoreFile.getCanonicalPath()); } catch (final IOException e) { LOGGER.error( sslConfig.trustStorePassword( getPropertyValue(gsConfigProperties, GEOSERVER_SSL_TRUSTSTORE_PASS)); sslConfig.trustStoreType( getPropertyValue(gsConfigProperties, GEOSERVER_SSL_TRUSTSTORE_TYPE)); sslConfig.trustStoreProvider( getPropertyValue(gsConfigProperties, GEOSERVER_SSL_TRUSTSTORE_PROVIDER)); sslConfig.trustManagerFactoryAlgorithm( getPropertyValue(gsConfigProperties, GEOSERVER_SSL_TRUSTMGR_ALG)); sslConfig.trustManagerFactoryProvider( getPropertyValue(gsConfigProperties, GEOSERVER_SSL_TRUSTMGR_PROVIDER)); if (keyStoreFile != null) { try { sslConfig.keyStoreFile(keyStoreFile.getCanonicalPath()); } catch (final IOException e) { LOGGER.error(
public static Client buildClient(RestClientConfig clientConfig) { Client client; if (clientConfig.isDisabledSecureConnection()) { client = ClientBuilder.newBuilder().build(); } else { SslConfigurator sslConfig = SslConfigurator.newInstance() .trustStore(getTrustStore()) .trustStorePassword(getTrustStorePassword()) .securityProtocol(TLSV1_2); SSLContext sslContext = sslConfig.createSSLContext(); client = ClientBuilder.newBuilder().sslContext(sslContext).build(); } client.register(RestClientLoggingFilter.class); return client; }
@Override public JerseyClientBuilder trustStore(KeyStore trustStore) { if (trustStore == null) { throw new NullPointerException(LocalizationMessages.NULL_TRUSTSTORE()); } if (sslConfigurator == null) { sslConfigurator = SslConfigurator.newInstance(); } sslConfigurator.trustStore(trustStore); sslContext = null; return this; }
/** * Get a new instance of a {@link SSLContext} configured using default configuration settings. * * If {@code readSystemProperties} parameter is set to {@code true}, the default SSL configuration * is initialized from system properties. * * @param readSystemProperties if {@code true}, the default SSL context will be initialized using * system properties. * @return new instance of a default SSL context initialized from system properties. */ public static SSLContext getDefaultContext(boolean readSystemProperties) { if (readSystemProperties) { return new SslConfigurator(true).createSSLContext(); } else { return DEFAULT_CONFIG_NO_PROPS.createSSLContext(); } }
@Override public SSLContext get() { return sslConfiguratorCopy.createSSLContext(); } }),
private WebTarget getWebTarget() { if (webTarget == null) { String url = getConfig().getUrl(); if (url != null) { url = url.trim().toLowerCase(Locale.ROOT); Client client = null; if (url.startsWith("http://")) { client = ClientBuilder.newClient(); } else if (url.startsWith("https://")) { final SslConfigurator sslConfig = SslConfigurator.newInstance(); if (getConfig().getGsConfigProperties() != null) { loadSSLConfigurations(sslConfig, getConfig().getGsConfigProperties()); } final SSLContext sslContext = sslConfig.createSSLContext(); HttpsURLConnection.setDefaultSSLSocketFactory(sslContext.getSocketFactory()); client = ClientBuilder.newBuilder().sslContext(sslContext).build(); } if (client != null) { client.register( HttpAuthenticationFeature.basic(getConfig().getUser(), getConfig().getPass())); try { webTarget = client.target(new URI(url)); } catch (final URISyntaxException e) { LOGGER.error("Unable to parse geoserver URL: " + url, e); } } } } return webTarget; }
@Override public JerseyClientBuilder keyStore(KeyStore keyStore, char[] password) { if (keyStore == null) { throw new NullPointerException(LocalizationMessages.NULL_KEYSTORE()); } if (password == null) { throw new NullPointerException(LocalizationMessages.NULL_KEYSTORE_PASWORD()); } if (sslConfigurator == null) { sslConfigurator = SslConfigurator.newInstance(); } sslConfigurator.keyStore(keyStore); sslConfigurator.keyPassword(password); sslContext = null; return this; }
@Override public JerseyClientBuilder trustStore(KeyStore trustStore) { if (trustStore == null) { throw new NullPointerException(LocalizationMessages.NULL_TRUSTSTORE()); } if (sslConfigurator == null) { sslConfigurator = SslConfigurator.newInstance(); } sslConfigurator.trustStore(trustStore); sslContext = null; return this; }