Examples of SSLSocketFactory

javax.net.ssl.SSLSocketFactory
org.apache.http.conn.ssl.SSLSocketFactory
Layered socket factory for TLS/SSL connections.
SSLSocketFactory can be used to validate the identity of the HTTPS server against a list of trusted certificates and to authenticate to the HTTPS server using a private key.
SSLSocketFactory will enable server authentication when supplied with a {@link KeyStore trust-store} file containing one or several trusted certificates. The clientsecure socket will reject the connection during the SSL session handshake if the target HTTPS server attempts to authenticate itself with a non-trusted certificate.
Use JDK keytool utility to import a trusted certificate and generate a trust-store file:
```
 keytool -import -alias "my server cert" -file server.crt -keystore my.truststore 
```
In special cases the standard trust verification process can be bypassed by using a custom {@link TrustStrategy}. This interface is primarily intended for allowing self-signed certificates to be accepted as trusted without having to add them to the trust-store file.
The following parameters can be used to customize the behavior of this class:
- {@link org.apache.http.params.CoreConnectionPNames#CONNECTION_TIMEOUT}
- {@link org.apache.http.params.CoreConnectionPNames#SO_TIMEOUT}
- {@link org.apache.http.params.CoreConnectionPNames#SO_REUSEADDR}
SSLSocketFactory will enable client authentication when supplied with a {@link KeyStore key-store} file containing a private key/public certificatepair. The client secure socket will use the private key to authenticate itself to the target HTTPS server during the SSL session handshake if requested to do so by the server. The target HTTPS server will in its turn verify the certificate presented by the client in order to establish client's authenticity
Use the following sequence of actions to generate a key-store file
- Use JDK keytool utility to generate a new key
```
keytool -genkey -v -alias "my client key" -validity 365 -keystore my.keystore
```
  For simplicity use the same password for the key as that of the key-store
- Issue a certificate signing request (CSR)
```
keytool -certreq -alias "my client key" -file mycertreq.csr -keystore my.keystore
```
- Send the certificate request to the trusted Certificate Authority for signature. One may choose to act as her own CA and sign the certificate request using a PKI tool, such as OpenSSL.
- Import the trusted CA root certificate
```
keytool -import -alias "my trusted ca" -file caroot.crt -keystore my.keystore
```
- Import the PKCS#7 file containg the complete certificate chain
```
keytool -import -alias "my client key" -file mycert.p7 -keystore my.keystore
```
- Verify the content the resultant keystore file
```
keytool -list -v -keystore my.keystore
```
@since 4.0
org.mule.transport.ssl.SslSocketFactory

Examples of javax.net.ssl.SSLSocketFactory

   */
  public HttpConnection createHttpsConnection(String host, int port) 
    throws IOException
  {
    HttpConnection connection = null;
    SSLSocketFactory factory = (SSLSocketFactory)SSLSocketFactory.getDefault();
    SSLSocket socket = null;


    if (! useProxy) {
      
      socket = (SSLSocket)factory.createSocket(host,port);


    } else {
      
      Socket tunnel = new Socket(proxyHost, proxyPort);
      doTunnelHandshake(tunnel, host, port);
      
      /*
       * Ok, let's overlay the tunnel socket with SSL.
       */
      socket = (SSLSocket)factory.createSocket(tunnel, host, port, true);
      
      /*
       * send http request
       *
       * See SSLSocketClient.java for more information about why

View Full Code Here

Examples of javax.net.ssl.SSLSocketFactory

                        throw new FtpException(
                                "Data connection SSL not configured");
                    }


                    // get socket factory
                    SSLSocketFactory socFactory = ssl.getSocketFactory();


                    // create socket
                    SSLSocket ssoc = (SSLSocket) socFactory.createSocket();
                    ssoc.setUseClientMode(false);


                    // initialize socket
                    if (ssl.getEnabledCipherSuites() != null) {
                        ssoc.setEnabledCipherSuites(ssl.getEnabledCipherSuites());
                    }
                    dataSoc = ssoc;
                } else {
                    LOG.debug("Opening active data connection");
                    dataSoc = new Socket();
                }


                dataSoc.setReuseAddress(true);


                InetAddress localAddr = resolveAddress(dataConfig
                        .getActiveLocalAddress());


                // if no local address has been configured, make sure we use the same as the client connects from
                if(localAddr == null) {
                    localAddr = ((InetSocketAddress)session.getLocalAddress()).getAddress();
                }       


                SocketAddress localSocketAddress = new InetSocketAddress(localAddr, dataConfig.getActiveLocalPort());
                
                LOG.debug("Binding active data connection to {}", localSocketAddress);
                dataSoc.bind(localSocketAddress);


                dataSoc.connect(new InetSocketAddress(address, port));
            } else {


                if (secure) {
                    LOG.debug("Opening secure passive data connection");
                    // this is where we wrap the unsecured socket as a SSLSocket. This is 
                    // due to the JVM bug described in FTPSERVER-241.


                    // get server socket factory
                    SslConfiguration ssl = getSslConfiguration();
                    
                    // we've already checked this, but let's do it again
                    if (ssl == null) {
                        throw new FtpException(
                                "Data connection SSL not configured");
                    }


                    SSLSocketFactory ssocketFactory = ssl.getSocketFactory();


                    Socket serverSocket = servSoc.accept();


                    SSLSocket sslSocket = (SSLSocket) ssocketFactory
                            .createSocket(serverSocket, serverSocket
                                    .getInetAddress().getHostAddress(),
                                    serverSocket.getPort(), true);
                    sslSocket.setUseClientMode(false);

View Full Code Here

Examples of javax.net.ssl.SSLSocketFactory

        Socket createSocket(InetSocketAddress addr) throws Exception {
            return new Socket(addr.getAddress(), addr.getPort());
        }


        Socket createSSLSocket(InetSocketAddress addr) throws Exception {
            SSLSocketFactory sslsocketfactory = (SSLSocketFactory)SSLSocketFactory.getDefault();
            return sslsocketfactory.createSocket(addr.getAddress(), addr.getPort());
        }

View Full Code Here

Examples of javax.net.ssl.SSLSocketFactory

      context.init(km, getTrustManager(), new SecureRandom());
      setSslContext(context);
    }
    
    if(getSslSocketFactory()==null) {
      SSLSocketFactory factory = getSslContext().getSocketFactory();
      setSslSocketFactory(factory);
    }
  }

View Full Code Here

Examples of javax.net.ssl.SSLSocketFactory

        
          SSLContext sc = SSLContext.getInstance("SSL");
        
          sc.init(null, trustAllCerts, RandomUtils.SECURE_RANDOM );
        
          SSLSocketFactory factory = sc.getSocketFactory();


          try{
            socket_out = factory.createSocket();
            
            socket_out.connect( new InetSocketAddress( delegate_to_host, delegate_to_port ), CONNECT_TIMEOUT );
          
          }catch( SSLException ssl_excep ){
                        
            factory = SESecurityManager.installServerCertificates( "AZ-sniffer:" + delegate_to_host + ":" + port, delegate_to_host, delegate_to_port );
            
            socket_out = factory.createSocket();
            
            socket_out.connect( new InetSocketAddress( delegate_to_host, delegate_to_port ), 30*1000 );          
          }
        }else{

View Full Code Here

Examples of javax.net.ssl.SSLSocketFactory

   */
  public void connect() throws IOException {
    if (level != 0) // otherwise disconnected or connect
      throw new SocketException("Socket closed or already open ("+ level +")");
    IOException exception = null;
    SSLSocketFactory sf = null;
    SSLSocket s = null;
    for (int i = 0; i < ports.length && s == null; i++) {
      try {
        if (sf == null)
          sf = getSocketFactory();
        s = (SSLSocket)sf.createSocket(host, ports[i]);
        s.startHandshake();
        exception = null; 
      } catch (IOException exc) {
        if (s != null)
          s.close();

View Full Code Here

Examples of javax.net.ssl.SSLSocketFactory

      addTrustManager(new SSLDefaultTrustManager());
    try {
      Security.addProvider(new Provider());
      SSLContext context = SSLContext.getInstance("SSL");
      context.init(null, getTrustManagers(), null);
      SSLSocketFactory socketFactory = context.getSocketFactory();
      return socketFactory;
    } catch (Exception exc) {
      StringWriter sw = new StringWriter();
      PrintWriter pw = new PrintWriter(sw);
      exc.printStackTrace(pw);

View Full Code Here

Examples of javax.net.ssl.SSLSocketFactory

               proxyPort = "3128";
            trFact.setProxy(proxyHost, Integer.parseInt(proxyPort));
         }
         if (isSSL) {
            SocketUrl socketUrl = new SocketUrl(glob, xmlRpcUrl.getHostname(), xmlRpcUrl.getPort());
            SSLSocketFactory ssf = socketUrl.createSocketFactorySSL(address);
            if (ssf != null)
               trFact.setSSLSocketFactory(ssf);
            else
               log.warning("The SSL Socket Factory was null but SSL is required");
         }

View Full Code Here

Examples of javax.net.ssl.SSLSocketFactory

   * @return a SSLSocket
   * @throws IOException when creating the socket failed
   */
  public SSLSocket createSSLSocket(Socket socket) throws IOException
  {
    SSLSocketFactory sf = ((SSLSocketFactory) SSLSocketFactory.getDefault());
    InetSocketAddress remoteAddress = (InetSocketAddress) socket.getRemoteSocketAddress();
    SSLSocket s = (SSLSocket) (sf.createSocket(socket, remoteAddress.getHostName(), socket.getPort(), true));


    // we are a server
    s.setUseClientMode(false);


    // allow all supported cipher suites

View Full Code Here

Examples of javax.net.ssl.SSLSocketFactory

                            createJettySslClientConfigurer(sslClientPolicy, 
                                                           "https://dummyurl",
                                                           handler);


        jettySslClientConfigurer.configure();
        SSLSocketFactory sSLSocketFactory = 
                jettySslClientConfigurer.getHttpsConnection().getSSLSocketFactory();
        
        assertTrue("sSLSocketFactory not correct, sSLSocketFactory = " + sSLSocketFactory,
                   sSLSocketFactory instanceof SSLSocketFactoryWrapper);
        assertTrue("Keystore loaded success message not present",

View Full Code Here

0 1 2 3 4 5

TOP

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.