DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=21257>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=21257 [HttpClient][patch]A more flexible SSLProtocolSocketFactory WRT SSLSocketFactory. ------- Additional Comments From [EMAIL PROTECTED] 2004-06-08 11:25 ------- Ive always used this code to allow selfsigned CA. A bit different code than previous one, but same idea. /* * ==================================================================== * * Copyright 2002-2004 The Apache Software Foundation * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. * ==================================================================== * * This software consists of voluntary contributions made by many * individuals on behalf of the Apache Software Foundation. For more * information on the Apache Software Foundation, please see * <http://www.apache.org/>. * * [Additional notices, if required by prior licensing conditions] * */ package org.apache.commons.httpclient.contrib.ssl; import java.io.IOException; import java.net.InetAddress; import java.net.Socket; import java.net.UnknownHostException; import java.security.cert.CertificateException; import java.security.cert.X509Certificate; import javax.net.ssl.SSLContext; import javax.net.ssl.SSLSocketFactory; import javax.net.ssl.TrustManager; import javax.net.ssl.X509TrustManager; import org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory; /** * Usage: * <blockquote> * 1) register a common protocol handler * Protocol.registerProtocol("https", * new Protocol("https", new SelfSignedSSLProtocolSocketFactory(), 443)); * * 2) register per client instance * Protocol httpsProtocol = new Protocol( * "https", new SelfSignedSSLProtocolSocketFactory(), 443); * HttpClient client = new HttpClient(); * client.getHostConfiguration().setHost("localhost", 443, httpsProtocol); * </blockquote> */ public class SelfSignedSSLProtocolSocketFactory implements SecureProtocolSocketFactory { private static class TM implements X509TrustManager { public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[0]; } public void checkClientTrusted(X509Certificate[] arg0, String arg1) throws CertificateException { } public void checkServerTrusted(X509Certificate[] arg0, String arg1) throws CertificateException { } } private static SSLSocketFactory getSocketFactory() { try { SSLContext context = SSLContext.getInstance("SSL"); context.init(null, new TrustManager[] {new TM()}, null); return context.getSocketFactory(); } catch (Exception e) { throw new RuntimeException(e); } } public Socket createSocket(String host, int port, InetAddress clientHost, int clientPort) throws IOException, UnknownHostException { return getSocketFactory().createSocket(host, port, clientHost, clientPort); } public Socket createSocket(String host, int port) throws IOException, UnknownHostException { return getSocketFactory().createSocket(host, port); } public Socket createSocket(Socket socket, String host, int port, boolean autoClose) throws IOException, UnknownHostException { return getSocketFactory().createSocket(socket, host, port, autoClose); } } --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
