/** * Creates the key managers to be used by the factory from the associated key store and password. * * @return the newly created array of key managers * @throws ClientSslSocketFactoryException if an exception is detected in loading the key store */ private KeyManager[] createKeyManagers() throws ClientSslSocketFactoryException { final KeyManagerFactory factory; try { factory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); factory.init(this.keyStore, this.keyStorePassword.toCharArray()); } catch (NoSuchAlgorithmException e) { throw new ClientSslSocketFactoryException( String.format("Failed to create the key store because the algorithm %s is not supported. ", KeyManagerFactory.getDefaultAlgorithm()), e); } catch (UnrecoverableKeyException e) { throw new ClientSslSocketFactoryException("Unrecoverable Key Exception initializing key manager factory; this is probably fatal", e); } catch (KeyStoreException e) { throw new ClientSslSocketFactoryException("KeyStore exception initializing key manager factory; this is probably fatal", e); } KeyManager[] managers = factory.getKeyManagers(); LOGGER.debug("Key managers are initialized. Total {} managers. ", managers.length); return managers; }
/** * Creates the trust managers to be used by the factory from the specified trust store file and * password. * * @return the newly created array of trust managers * @throws ClientSslSocketFactoryException if an error is detected in loading the trust store */ private TrustManager[] createTrustManagers() throws ClientSslSocketFactoryException { final TrustManagerFactory factory; try { factory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); factory.init(this.trustStore); } catch (NoSuchAlgorithmException e) { throw new ClientSslSocketFactoryException(String.format("Failed to create the trust store because the algorithm %s is not supported. ", KeyManagerFactory.getDefaultAlgorithm()), e); } catch (KeyStoreException e) { throw new ClientSslSocketFactoryException("KeyStore exception initializing trust manager factory; this is probably fatal", e); } final TrustManager[] managers = factory.getTrustManagers(); LOGGER.debug("TrustManagers are initialized. Total {} managers: ", managers.length); return managers; }
/** * Creates the SSL context needed to create the socket factory used by this factory. The key and * trust store parameters are optional. If they are null then the JRE defaults will be used. * * @return the newly created SSL context * @throws ClientSslSocketFactoryException if an error is detected loading the specified key or * trust stores */ private SSLContext createSSLContext() throws ClientSslSocketFactoryException { final KeyManager[] keyManagers = this.keyStore != null ? createKeyManagers() : null; final TrustManager[] trustManagers = this.trustStore != null ? createTrustManagers() : null; try { final SSLContext sslcontext = SSLContext.getInstance(SOCKET_ALGORITHM); sslcontext.init(keyManagers, trustManagers, null); return sslcontext; } catch (NoSuchAlgorithmException e) { throw new ClientSslSocketFactoryException(String.format("Failed to create an SSL context that supports algorithm %s: %s", SOCKET_ALGORITHM, e.getMessage()), e); } catch (KeyManagementException e) { throw new ClientSslSocketFactoryException(String.format("Failed to initialize an SSL context: %s", e.getMessage()), e); } }
keyStore.load(is, password.toCharArray()); } catch (NoSuchAlgorithmException e) { throw new ClientSslSocketFactoryException(String.format("Failed to create a keystore that supports algorithm %s: %s", SOCKET_ALGORITHM, e.getMessage()), e); } catch (CertificateException e) { throw new ClientSslSocketFactoryException(String.format("Failed to create keystore with algorithm %s due to certificate exception: %s", SOCKET_ALGORITHM, e.getMessage()), e); } finally { try { throw new ClientSslSocketFactoryException(String.format("KeyStore exception creating keystore: %s", e.getMessage()), e); } catch (IOException e) { throw new ClientSslSocketFactoryException(String.format("IO exception creating keystore: %s", e.getMessage()), e);