How do you create SSL socket factory in new Apache Http Client 4.3? - McMap

About

How do you create SSL socket factory in new Apache Http Client 4.3?

Asked 28/9, 2013 at 0:20 Answered 30/9, 2013 at 3:10

Solved ssl apache-commons-httpclient

F

1

5

How do you create SSL socket factory in new Apache Http Client 4.3 ?

Here is how I was creating it before 4.3

val ts = new TrustStrategy() {
  def isTrusted(chain: Array[X509Certificate], authType: String): Boolean = true
}

new SSLSocketFactory(ts, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER)

Now SSLSocketFactory marked as deprecated. What is the new way of defining custom TrustStrategy ? I couldn't figure it out.

Freesia answered 28/9, 2013 at 0:20 Comment(0)

F

6

Well, I figured it out.

Initialize your ConnectionSocketFactory like this

val sslContext = SSLContexts.custom().loadTrustMaterial(null, new TrustSelfSignedStrategy).useTLS().build()
new SSLConnectionSocketFactory(sslContext, new AllowAllHostnameVerifier())

If you take a look at sources of TrustSelfSignedStrategy the way they distinguish self-signed certificates from real ones is by checking length of chain.

public boolean isTrusted(
        final X509Certificate[] chain, final String authType) throws CertificateException {
    return chain.length == 1;
}

I'm not sure it's very reliable way but just keep it in mind. Maybe it's worth checking given X509Certificate in isTrusted.

Freesia answered 30/9, 2013 at 3:10 Comment(2)

What does exactly mean this null value? "SSLContexts.custom().loadTrustMaterial(null, ..." Regards – Leoraleos 1/3, 2016 at 0:19

@Zilevav it's instance of object with key-store (java.security.KeyStore). – Freesia 1/3, 2016 at 11:42

Recommended topics

#Godot #Unity #Godot 4.X #Mongodb

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

© 2022 - 2024 — McMap. All rights reserved.