Examples of SSLConnectionSocketFactory

• org.apache.http.conn.ssl.SSLConnectionSocketFactory
  Layered socket factory for TLS/SSL connections.

  SSLSocketFactory can be used to validate the identity of the HTTPS server against a list of trusted certificates and to authenticate to the HTTPS server using a private key.

  SSLSocketFactory will enable server authentication when supplied with a {@link java.security.KeyStore trust-store} file containing one or several trusted certificates. The clientsecure socket will reject the connection during the SSL session handshake if the target HTTPS server attempts to authenticate itself with a non-trusted certificate.

  Use JDK keytool utility to import a trusted certificate and generate a trust-store file:

   keytool -import -alias "my server cert" -file server.crt -keystore my.truststore 

  In special cases the standard trust verification process can be bypassed by using a custom {@link org.apache.http.conn.ssl.TrustStrategy}. This interface is primarily intended for allowing self-signed certificates to be accepted as trusted without having to add them to the trust-store file.

  SSLSocketFactory will enable client authentication when supplied with a {@link java.security.KeyStore key-store} file containing a private key/public certificatepair. The client secure socket will use the private key to authenticate itself to the target HTTPS server during the SSL session handshake if requested to do so by the server. The target HTTPS server will in its turn verify the certificate presented by the client in order to establish client's authenticity.

  Use the following sequence of actions to generate a key-store file

  • Use JDK keytool utility to generate a new key

    keytool -genkey -v -alias "my client key" -validity 365 -keystore my.keystore

    For simplicity use the same password for the key as that of the key-store

  • Issue a certificate signing request (CSR)

    keytool -certreq -alias "my client key" -file mycertreq.csr -keystore my.keystore

  • Send the certificate request to the trusted Certificate Authority for signature. One may choose to act as her own CA and sign the certificate request using a PKI tool, such as OpenSSL.

  • Import the trusted CA root certificate

    keytool -import -alias "my trusted ca" -file caroot.crt -keystore my.keystore

  • Import the PKCS#7 file containing the complete certificate chain

    keytool -import -alias "my client key" -file mycert.p7 -keystore my.keystore

  • Verify the content of the resultant keystore file

    keytool -list -v -keystore my.keystore

  @since 4.3

Examples of org.apache.http.conn.ssl.SSLConnectionSocketFactory

    }

    protected HttpClientConnectionManager buildConnectionManager() {
        Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create()
                .register("http", PlainConnectionSocketFactory.INSTANCE)
                .register("https", new SSLConnectionSocketFactory(fetcher.sslContext(), new AllowAllHostnameVerifier()))
                .build();

        DnsResolver dnsResolver = new ServerCacheResolver(fetcher.getServerCache());

        ManagedHttpClientConnectionFactory connFactory = new ManagedHttpClientConnectionFactory(){

Examples of org.apache.http.conn.ssl.SSLConnectionSocketFactory

    // Initialize standard solr-j.
    // First, we need an HttpClient where basic auth is properly set up.
    connectionManager = new PoolingHttpClientConnectionManager();
    connectionManager.setMaxTotal(1);

    SSLConnectionSocketFactory myFactory;
    if (keystoreManager != null)
    {
      myFactory = new SSLConnectionSocketFactory(keystoreManager.getSecureSocketFactory(), SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
    }
    else
    {
      // Use the "trust everything" one
      myFactory = new SSLConnectionSocketFactory(KeystoreManagerFactory.getTrustingSecureSocketFactory(),SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
    }

    RequestConfig.Builder requestBuilder = RequestConfig.custom()
      .setCircularRedirectsAllowed(true)
      .setSocketTimeout(socketTimeout)

Examples of org.apache.http.conn.ssl.SSLConnectionSocketFactory

      connectionManager = new PoolingHttpClientConnectionManager();

      CredentialsProvider credentialsProvider = new BasicCredentialsProvider();

      SSLConnectionSocketFactory myFactory = null;
      if (keystoreData != null)
      {
        keystoreManager = KeystoreManagerFactory.make("",keystoreData);
        myFactory = new SSLConnectionSocketFactory(keystoreManager.getSecureSocketFactory(), new BrowserCompatHostnameVerifier());
      }

      if (strippedUserName != null)
      {
        credentialsProvider.setCredentials(

Examples of org.apache.http.conn.ssl.SSLConnectionSocketFactory

      connectionManager = new PoolingHttpClientConnectionManager();

      CredentialsProvider credentialsProvider = new BasicCredentialsProvider();

      // Set up ingest ssl if indicated
      SSLConnectionSocketFactory myFactory = null;
      if (ingestKeystoreManager != null)
      {
        myFactory = new SSLConnectionSocketFactory(new InterruptibleSocketFactory(ingestKeystoreManager.getSecureSocketFactory(), connectionTimeout),
          new BrowserCompatHostnameVerifier());
      }

      // Set up authentication to use
      if (ingestNtlmDomain != null)

Examples of org.apache.http.conn.ssl.SSLConnectionSocketFactory

                public boolean verify(String s, SSLSession sslSession) {
                    return true;
                }
            };

            return new SSLConnectionSocketFactory(sc, hostnameVerifier);
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

Examples of org.apache.http.conn.ssl.SSLConnectionSocketFactory

                TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();

                SSLContext sslContext = SSLContext.getInstance("SSL");
                sslContext.init(keyManagers, trustManagers, null);

                SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslContext);

                Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory> create()
                        .register("https", sslsf).build();

                manager = new PoolingHttpClientConnectionManager(socketFactoryRegistry);

Examples of org.apache.http.conn.ssl.SSLConnectionSocketFactory

                HostnameVerifier hostnameVerifierCopy = this.hostnameVerifier;
                if (hostnameVerifierCopy == null) {
                    hostnameVerifierCopy = SSLConnectionSocketFactory.getDefaultHostnameVerifier();
                }
                if (sslcontext != null) {
                    sslSocketFactoryCopy = new SSLConnectionSocketFactory(
                            sslcontext, supportedProtocols, supportedCipherSuites, hostnameVerifierCopy);
                } else {
                    if (systemProperties) {
                        sslSocketFactoryCopy = new SSLConnectionSocketFactory(
                                (SSLSocketFactory) SSLSocketFactory.getDefault(),
                                supportedProtocols, supportedCipherSuites, hostnameVerifierCopy);
                    } else {
                        sslSocketFactoryCopy = new SSLConnectionSocketFactory(
                                SSLContexts.createDefault(),
                                hostnameVerifierCopy);
                    }
                }
            }

Examples of org.apache.http.conn.ssl.SSLConnectionSocketFactory

  protected RestTemplate restTemplate;

  @Before
  public void setUpRestTemplate() throws Exception {
    SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(
        new SSLContextBuilder().loadTrustMaterial(null,
            new TrustSelfSignedStrategy()).build());

    HttpClient httpClient = HttpClients.custom().setSSLSocketFactory(socketFactory)
        .build();

Examples of org.apache.http.conn.ssl.SSLConnectionSocketFactory

    BasicCredentialsProvider credentialsProvider = new BasicCredentialsProvider();
    credentialsProvider.setCredentials(AuthScope.ANY, new UsernamePasswordCredentials("admin", "whosThere"));
    HttpComponentsClientHttpRequestFactory requestFactory =
        new HttpComponentsClientHttpRequestFactory(HttpClientBuilder.create()
            .setDefaultCredentialsProvider(credentialsProvider)
            .setSSLSocketFactory(new SSLConnectionSocketFactory(
                new SSLContextBuilder().loadTrustMaterial(null,
                    new TrustSelfSignedStrategy())
                    .build()))
            .build());
    SpringXDTemplate template = new SpringXDTemplate(requestFactory, new URI("https://localhost:" + adminPort));

Examples of org.apache.http.conn.ssl.SSLConnectionSocketFactory

    public MocoTestHelper() {
        // make fluent HC accept any certificates so we can test HTTPS calls as well
        Registry<ConnectionSocketFactory> registry = RegistryBuilder.<ConnectionSocketFactory>create()
                .register("http", PlainConnectionSocketFactory.getSocketFactory())
                .register("https", new SSLConnectionSocketFactory(createClientContext()))
                .build();
        HttpClientConnectionManager cm = new PoolingHttpClientConnectionManager(registry);
        EXECUTOR = Executor.newInstance(HttpClients.custom().setConnectionManager(cm).build());
    }