Examples of org.apache.cxf.configuration.jsse.TLSClientParameters

• org.apache.cxf.configuration.jsse.TLSClientParameters
  This class extends {@link TLSParameterBase} with client-specificSSL/TLS parameters.

                                   ? url.openConnection(proxy)
                                   : url.openConnection());
        if (HTTPS_URL_PROTOCOL_ID.equals(url.getProtocol())) {

            if (tlsClientParameters == null) {
                tlsClientParameters = new TLSClientParameters();
            }

            Exception ex = null;
            try {
                decorateWithTLS(tlsClientParameters, connection);

            //ignore, just use info based on Tls
        }
        if (useHttps
            || configuredConduit.getTlsClientParameters() != null) {

            TLSClientParameters params = configuredConduit.getTlsClientParameters();
            if (params == null) {
                params = new TLSClientParameters(); //use defaults
            }
            fac = new HttpsURLConnectionFactory(params);
        } else {
            fac = new HttpURLConnectionFactoryImpl();
        }

    T rootResource = bean.create(proxyType);
    ClientConfiguration config = WebClient.getConfig(rootResource);
    HTTPConduit conduit = (HTTPConduit) config.getConduit();
    if (isTlsEnabled) {
      TLSClientParameters tlsParams = new TLSClientParameters();
      if (!validateCerts) {
        tlsParams.setTrustManagers(new TrustManager[] { new AcceptAllTrustManager() });
      }
      else if (trustManagers != null) {
        tlsParams.setTrustManagers(trustManagers);
      }
      tlsParams.setDisableCNCheck(!validateCn);
      conduit.setTlsClientParameters(tlsParams);
    }

    HTTPClientPolicy policy = conduit.getClient();
    policy.setConnectionTimeout(

        } catch (Exception e) {
            e.printStackTrace();
        }
        HTTPConduit httpConduit = (HTTPConduit) ClientProxy.getClient(port).getConduit();

        TLSClientParameters tlsCP = new TLSClientParameters();
        String keyPassword = "password";
        KeyStore keyStore = KeyStore.getInstance("JKS");
        String keyStoreLoc = contextPath + "/wibble.jks";
        keyStore.load(new FileInputStream(keyStoreLoc), keyPassword.toCharArray());
        KeyManager[] myKeyManagers = getKeyManagers(keyStore, keyPassword);
        tlsCP.setKeyManagers(myKeyManagers);


        KeyStore trustStore = KeyStore.getInstance("JKS");
        String trustStoreLoc = contextPath + "/truststore.jks";
        trustStore.load(new FileInputStream(trustStoreLoc), keyPassword.toCharArray());
        TrustManager[] myTrustStoreKeyManagers = getTrustManagers(trustStore);
        tlsCP.setTrustManagers(myTrustStoreKeyManagers);

        //The following is not recommended and would not be done in a prodcution environment,
        //this is just for illustrative purpose
        tlsCP.setDisableCNCheck(true);

        httpConduit.setTlsClientParameters(tlsCP);

    }

                                   ? url.openConnection(proxy)
                                   : url.openConnection());
        if (HTTPS_URL_PROTOCOL_ID.equals(url.getProtocol())) {

            if (tlsClientParameters == null) {
                tlsClientParameters = new TLSClientParameters();
            }

            Exception ex = null;
            try {
                decorateWithTLS(tlsClientParameters, connection);

        }
        if (address == null) {
            useHttps = configuredConduit.getTlsClientParameters() != null;
        }
        if (useHttps) {
            TLSClientParameters params = configuredConduit.getTlsClientParameters();
            if (params == null) {
                params = new TLSClientParameters(); //use defaults
            }
            fac = new HttpsURLConnectionFactory(params);
        } else {
            fac = new HttpURLConnectionFactoryImpl();
        }

        HTTPConduit conduit = new HTTPConduit(bus, ei, null);
        conduit.finalizeConfig();

        Message message = getNewMessage();
        // We need an SSL policy, or we can't use "https".
        conduit.setTlsClientParameters(new TLSClientParameters());

        // Test call
        conduit.prepare(message);

        assertTrue("TLS Client Parameters should generate an HttpsURLConnection",

    private static void setupTLS(Greeter port)
        throws FileNotFoundException, IOException, GeneralSecurityException {
        String keyStoreLoc = "src/main/config/clientKeystore.jks";
        HTTPConduit httpConduit = (HTTPConduit) ClientProxy.getClient(port).getConduit();

        TLSClientParameters tlsCP = new TLSClientParameters();
        String keyPassword = "ckpass";
        KeyStore keyStore = KeyStore.getInstance("JKS");
        keyStore.load(new FileInputStream(keyStoreLoc), "cspass".toCharArray());
        KeyManager[] myKeyManagers = getKeyManagers(keyStore, keyPassword);
        tlsCP.setKeyManagers(myKeyManagers);


        KeyStore trustStore = KeyStore.getInstance("JKS");
        trustStore.load(new FileInputStream(keyStoreLoc), "cspass".toCharArray());
        TrustManager[] myTrustStoreKeyManagers = getTrustManagers(trustStore);
        tlsCP.setTrustManagers(myTrustStoreKeyManagers);

        httpConduit.setTlsClientParameters(tlsCP);
    }

                                   ? url.openConnection(proxy)
                                   : url.openConnection());
        if (HTTPS_URL_PROTOCOL_ID.equals(url.getProtocol())) {

            if (tlsClientParameters == null) {
                tlsClientParameters = new TLSClientParameters();
            }

            Exception ex = null;
            try {
                decorateWithTLS(tlsClientParameters, connection);

                    RegistryBuilder<SchemeIOSessionStrategy> regBuilder
                        = RegistryBuilder.<SchemeIOSessionStrategy>create()
                            .register("http", NoopIOSessionStrategy.INSTANCE);

                    // check tlsClientParameters from message header
                    TLSClientParameters tlsClientParameters = outMessage.get(TLSClientParameters.class);
                    if (tlsClientParameters == null) {
                        tlsClientParameters = getTlsClientParameters();
                    }
                    if (tlsClientParameters == null) {
                        tlsClientParameters = new TLSClientParameters();
                    }
                    final SSLContext sslcontext = getSSLContext(tlsClientParameters);
                    regBuilder
                        .register("https",
                                  new SSLIOSessionStrategy(sslcontext) {
                                @Override
                                protected void initializeEngine(SSLEngine engine) {
                                    initializeSSLEngine(sslcontext, engine);
                                }
                                @Override
                                protected void verifySession(final HttpHost host,
                                                             final IOSession iosession,
                                                             final SSLSession sslsession) throws SSLException {
                                    iosession.setAttribute("cxf.handshake.done", Boolean.TRUE);
                                    setSSLSession(sslsession);
                                }
                            });
                    ctx.setAttribute("http.iosession-factory-registry", regBuilder.build());
                } catch (GeneralSecurityException e) {
                    // TODO Auto-generated catch block
                    e.printStackTrace();
                }
            }


            if (sslURL != null && !sslURL.equals(url)) {
                sslURL = null;
                sslState = null;
                session = null;
            }
            if (tlsClientParameters != null && tlsClientParameters.hashCode() == lastTlsHash) {
                ctx.setUserToken(sslState);
            }

            connectionFuture = new BasicFuture<Boolean>(callback);
            HttpAsyncClient c = getHttpAsyncClient();