X509Certificate[] certs = socket.peerCertificateChain(); if (clientCert != Cert.NONE) { assertNotNull(certs); clientPeerCert = socket.peerCertificateChain()[0]; } catch (SSLPeerUnverifiedException ignore) { assertTrue(socket.isSsl()); try { clientPeerCert = socket.peerCertificateChain()[0]; } catch (SSLPeerUnverifiedException ignore) {
X509Certificate[] certs = socket.peerCertificateChain(); if (clientCert != Cert.NONE) { assertNotNull(certs); clientPeerCert = socket.peerCertificateChain()[0]; } catch (SSLPeerUnverifiedException ignore) { assertTrue(socket.isSsl()); try { clientPeerCert = socket.peerCertificateChain()[0]; } catch (SSLPeerUnverifiedException ignore) {
public CertInfo(NetSocket netSocket) { try { this.certs = netSocket.peerCertificateChain(); } catch(SSLPeerUnverifiedException e) { logger.error(e.getMessage(), e); } }
@Override public void init(final NetSocket socket, final ProtonConnection protonConnection, final Transport transport) { LOG.debug("initializing SASL authenticator"); this.protonConnection = protonConnection; this.sasl = transport.sasl(); // TODO determine supported mechanisms dynamically based on registered AuthenticationService implementations sasl.server(); sasl.allowSkip(false); sasl.setMechanisms(MECHANISM_EXTERNAL, MECHANISM_PLAIN); if (socket.isSsl()) { LOG.debug("client connected using TLS, extracting client certificate chain"); try { peerCertificateChain = socket.peerCertificateChain(); LOG.debug("found valid client certificate DN [{}]", peerCertificateChain[0].getSubjectDN()); } catch (final SSLPeerUnverifiedException e) { LOG.debug("could not extract client certificate chain, maybe TLS based client auth is not required"); } } }
@Override public void init(final NetSocket socket, final ProtonConnection protonConnection, final Transport transport) { LOG.debug("initializing SASL authenticator"); this.protonConnection = protonConnection; this.sasl = transport.sasl(); // TODO determine supported mechanisms dynamically based on registered AuthenticationService implementations sasl.server(); sasl.allowSkip(false); sasl.setMechanisms(MECHANISM_EXTERNAL, MECHANISM_PLAIN); if (socket.isSsl()) { LOG.debug("client connected using TLS, extracting client certificate chain"); try { peerCertificateChain = socket.peerCertificateChain(); LOG.debug("found valid client certificate DN [{}]", peerCertificateChain[0].getSubjectDN()); } catch (final SSLPeerUnverifiedException e) { LOG.debug("could not extract client certificate chain, maybe TLS based client auth is not required"); } } }
@Override public void init(final NetSocket socket, final ProtonConnection protonConnection, final Transport transport) { LOG.debug("initializing SASL authenticator"); this.protonConnection = protonConnection; this.sasl = transport.sasl(); // TODO determine supported mechanisms dynamically based on registered AuthenticationService implementations sasl.server(); sasl.allowSkip(false); sasl.setMechanisms(MECHANISM_EXTERNAL, MECHANISM_PLAIN); if (socket.isSsl()) { LOG.debug("client connected using TLS, extracting client certificate chain"); try { peerCertificateChain = socket.peerCertificateChain(); LOG.debug("found valid client certificate DN [{}]", peerCertificateChain[0].getSubjectDN()); } catch (SSLPeerUnverifiedException e) { LOG.debug("could not extract client certificate chain, maybe TLS based client auth is not required"); } } }
if (be.socket().isSsl()) { try { for (X509Certificate c : be.socket().peerCertificateChain()) { l.info(c.getSubjectDN().toString());
if (be.socket().isSsl()) { try { for (X509Certificate c : be.socket().peerCertificateChain()) { l.info(c.getSubjectDN().toString());