LdapsNoVerifySSLSocketFactory.java

package io.gsealy;

import java.io.IOException;
import java.net.InetAddress;
import java.net.Socket;
import java.net.UnknownHostException;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

import javax.net.SocketFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509ExtendedTrustManager;

/**
 * Do not verify cert IP or DNS Extensions.
 *
 * @author <a href="mailto:gsealy@outlook.com">Gsealy</a>
 */
public class LdapsNoVerifySSLSocketFactory extends SSLSocketFactory {

    private final SSLContext sslContext;

    private static SSLSocketFactory socketFactory;

    public LdapsNoVerifySSLSocketFactory() throws NoSuchAlgorithmException, KeyManagementException {
        NoVerificationTrustManager noVerificationTrustManager = new NoVerificationTrustManager();
        sslContext = SSLContext.getInstance("TLS");
        sslContext.init(null, new TrustManager[] {noVerificationTrustManager}, new SecureRandom());
        socketFactory = sslContext.getSocketFactory();
        SSLContext.setDefault(sslContext);
    }

    public static synchronized SocketFactory getDefault() {
        if (socketFactory == null) {
            try {
                socketFactory = new LdapsNoVerifySSLSocketFactory();
            } catch (NoSuchAlgorithmException e) {
                e.printStackTrace();
            } catch (KeyManagementException e) {
                e.printStackTrace();
            }
        }
        return socketFactory;
    }

    @Override
    public String[] getDefaultCipherSuites() {
        return socketFactory.getDefaultCipherSuites();
    }

    @Override
    public String[] getSupportedCipherSuites() {
        return socketFactory.getSupportedCipherSuites();
    }

    @Override
    public Socket createSocket(Socket s, String host, int port, boolean autoClose)
            throws IOException {
        return socketFactory.createSocket(s, host, port, autoClose);
    }

    @Override
    public Socket createSocket(String host, int port) throws IOException {
        SSLSocketFactory socketFactory = sslContext.getSocketFactory();
        return socketFactory.createSocket(host, port);
    }

    @Override
    public Socket createSocket(String host, int port, InetAddress localHost, int localPort)
            throws IOException, UnknownHostException {
        return socketFactory.createSocket(host, port, localHost, localPort);
    }

    @Override
    public Socket createSocket(InetAddress host, int port) throws IOException {
        return socketFactory.createSocket(host, port);
    }

    @Override
    public Socket createSocket(InetAddress address, int port, InetAddress localAddress,
            int localPort) throws IOException {
        return socketFactory.createSocket(address, port, localAddress, localPort);
    }

    static class NoVerificationTrustManager extends X509ExtendedTrustManager {
        @Override
        public void checkClientTrusted(X509Certificate[] x509Certificates, String authType,
                Socket socket) throws CertificateException {}

        @Override
        public void checkClientTrusted(X509Certificate[] x509Certificates, String authType,
                SSLEngine engine) throws CertificateException {}


        @Override
        public void checkServerTrusted(X509Certificate[] x509Certificates, String authType,
                Socket socket) throws CertificateException {}

        @Override
        public void checkServerTrusted(X509Certificate[] x509Certificates, String authType,
                SSLEngine engine) throws CertificateException {}

        @Override
        public void checkClientTrusted(X509Certificate[] x509Certificates, String s)
                throws CertificateException {}

        @Override
        public void checkServerTrusted(X509Certificate[] x509Certificates, String s)
                throws CertificateException {}

        @Override
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }
    }
}

Test.java

package io.gsealy;

import java.util.HashMap;
import java.util.Hashtable;
import java.util.Map;
import java.util.Map.Entry;

import javax.naming.Context;
import javax.naming.NameClassPair;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.ldap.InitialLdapContext;
import javax.naming.ldap.LdapContext;

/**
 * @author Gsealy
 */
public class Test {

    public static void main(String[] args) throws Exception {
        Hashtable<String, String> env = new Hashtable<>();
        // String ldapURL = "ldaps://10.20.61.26:636";
        String ldapURL = "ldaps://10.20.70.72:636";
        String adminName = "CN=Administrator,CN=Users,DC=com,DC=cn";
        String adminPassword = "11111111";
        env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
        env.put(Context.SECURITY_PRINCIPAL, adminName);
        env.put(Context.SECURITY_CREDENTIALS, adminPassword);
        System.err.println(LdapsNoVerifySSLSocketFactory.class.getName());
        env.put("java.naming.ldap.factory.socket", LdapsNoVerifySSLSocketFactory.class.getName());

        LdapContext ctx = null;
        try {
            env.put(Context.PROVIDER_URL, ldapURL);

            ctx = new InitialLdapContext(env, null);
            System.out.println(ctx.getEnvironment());
        } catch (NamingException e) {
            e.printStackTrace();
        }
    }
}