DisableSSLCertificateCheckUtil.java example

Explorer
load-balancer-master
/*
 * TeleStax, Open Source Cloud Communications
 * Copyright 2011-2015, Telestax Inc and individual contributors
 * by the @authors tag.
 *
 * This program is free software: you can redistribute it and/or modify
 * under the terms of the GNU Affero General Public License as
 * published by the Free Software Foundation; either version 3 of
 * the License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>
 */
package org.mobicents.tools.http.balancer;

import java.io.IOException;
import java.net.URL;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

/**
 * @author Konstantin Nosach (kostyantyn.nosach@telestax.com)
 */

public final class DisableSSLCertificateCheckUtil 
{
	/**
	 * Trust manager that does not perform nay checks.
	 */
	private static class NullX509TrustManager implements X509TrustManager 
	{
		public void checkClientTrusted(X509Certificate[] chain, String authType)throws CertificateException 
		{
		}

		public void checkServerTrusted(X509Certificate[] chain, String authType)throws CertificateException 
		{
		}
		public X509Certificate[] getAcceptedIssuers() 
		{
			return new X509Certificate[0];
		}
	}

	/**
	 * Host name verifier that does not perform nay checks.
	 */
	private static class NullHostnameVerifier implements HostnameVerifier 
	{
		public boolean verify(String hostname, SSLSession session) 
		{
			return true;
		}
	}

	/**
	 * Disable trust checks for SSL connections.
	 */
	public static void disableChecks() throws NoSuchAlgorithmException,	KeyManagementException 
	{

		try 
		{
			new URL("https://0.0.0.0/").getContent();
		} 
		catch (IOException e) 
		{
			// This invocation will always fail, but it will register the
			// default SSL provider to the URL class.
		}
		SSLContext context = SSLContext.getInstance("SSLv3");
		TrustManager[] trustManagerArray = { new NullX509TrustManager() };
		context.init(null, trustManagerArray, null);

		HttpsURLConnection.setDefaultSSLSocketFactory(context.getSocketFactory());
		HttpsURLConnection.setDefaultHostnameVerifier(new NullHostnameVerifier());
	}
}