MariaDBCertificateExtractor.java

package org.properssl.sslcertx.mariadb;

import java.security.cert.X509Certificate;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.SQLException;
import java.util.Properties;

import org.properssl.sslcertx.CertificateExtractingTrustManager;

public class MariaDBCertificateExtractor {
	public static X509Certificate[] extractCertificate(String host, int port) {
		try {
			// this can be anything as the connection never gets established
			String database = "foobar";
			String url = "jdbc:mysql://" + host + ":" + port + "/" + database;

			Properties info = new Properties();
			// user/pass is irrelevant as it never gets past the cert validation
			info.setProperty("user", "properssl");
			info.setProperty("password", "foobar");
			info.setProperty("useSSL", "true");
			info.setProperty("sslSocketFactory",
					"org.properssl.sslcertx.CertificateExtractingSocketFactory");
			Class.forName("org.properssl.sslcertx.mariadb.jdbc.Driver");
			Connection conn = null;
			Throwable connectException = null;
			try {
				conn = DriverManager.getConnection(url, info);
			} catch (SQLException e) {
				connectException = e;
			} finally {
				if (conn != null) {
					try {
						conn.close();
					} catch (Exception e) {
					}
				}
			}
			X509Certificate chain[] = CertificateExtractingTrustManager.chain;
			if (chain != null && chain.length > 0) {
				return chain;
			}
			throw new RuntimeException("Could not extract certificate",
					connectException);
		} catch (RuntimeException e) {
			throw e;
		} catch (Exception e) {
			e.printStackTrace();
			throw new RuntimeException(e);
		}
	}
}