denis-kalinin/TunnelClient.java

## TunnelClient.java
import org.apache.mina.filter.ssl.SslFilter;
import org.apache.mina.transport.socket.nio.NioSocketConnector;


public class TunnelClient{
    .......
    NioSocketConnector nioConnector = new NioSocketConnector(1);
    nioConnector.setDefaultRemoteAddress(tunnelServerAddress);
    nioConnector.setHandler(handler);
    SslFilter sslFilter = new SslFilter(getSSLContext());
    sslFilter.setUseClientMode(true);
    ...
    nioConnector.getFilterChain().addFirst("sslFilter", sslFilter)

   /**
	 * @return generated SSLContext or <code>null</code> if failed.
	 */
	public SSLContext getSSLContext(){
		SSLContext sslContext;
		try {
			sslContext = SSLContext.getInstance("TLS");
		} catch (NoSuchAlgorithmException ex) {
			LOG.error("TLS protocol is not defined in the system");
			return null;
		}
		KeyManager keyManagers[] = null;
    try{
      KeyStore p12 = KeyStore.getInstance("PKCS12");
      ByteArrayInputStream bis = new ByteArrayInputStream(/*binary source - file or object*/);
      //FIXME
      p12.load(bis, null);
      KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
      kmf.init(p12, "".toCharArray());
      keyManagers = kmf.getKeyManagers();
    }catch(Exception e){
      if(LOG.isTraceEnabled()){
        LOG.warn("Failed to get keymanager for creating SSL connection", e);
      }else{
        LOG.debug("Failed to get keymanager for creating SSL connection: {}", e.getMessage());
      }
      return null;
    }
    try {
	sslContext.init(keyManagers, getEmptyTrustingManager, null);
	return sslContext;
	} catch (KeyManagementException e) {
		LOG.error("Failed to initialized TLS context");
		LOG.debug("Reason:", e);
		return null;
	}

	/**
	 * @return trustManager trusting everyone&mdash;doesn't perform any SSL-certificate checking.
	 */
    public static TrustManager[] getEmptyTrustingManager() {
        TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
            @Override
            public java.security.cert.X509Certificate[] getAcceptedIssuers() {
                return null;
            }
            @Override
            public void checkClientTrusted(X509Certificate[] certs, String authType) {}
            @Override
            public void checkServerTrusted(X509Certificate[] certs, String authType) {}
        } };
        return trustAllCerts;
    }
}
	import org.apache.mina.filter.ssl.SslFilter;
	import org.apache.mina.transport.socket.nio.NioSocketConnector;


	public class TunnelClient{
	.......
	NioSocketConnector nioConnector = new NioSocketConnector(1);
	nioConnector.setDefaultRemoteAddress(tunnelServerAddress);
	nioConnector.setHandler(handler);
	SslFilter sslFilter = new SslFilter(getSSLContext());
	sslFilter.setUseClientMode(true);
	...
	nioConnector.getFilterChain().addFirst("sslFilter", sslFilter)

	/**
	* @return generated SSLContext or <code>null</code> if failed.
	*/
	public SSLContext getSSLContext(){
	SSLContext sslContext;
	try {
	sslContext = SSLContext.getInstance("TLS");
	} catch (NoSuchAlgorithmException ex) {
	LOG.error("TLS protocol is not defined in the system");
	return null;
	}
	KeyManager keyManagers[] = null;
	try{
	KeyStore p12 = KeyStore.getInstance("PKCS12");
	ByteArrayInputStream bis = new ByteArrayInputStream(/binary source - file or object/);
	//FIXME
	p12.load(bis, null);
	KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
	kmf.init(p12, "".toCharArray());
	keyManagers = kmf.getKeyManagers();
	}catch(Exception e){
	if(LOG.isTraceEnabled()){
	LOG.warn("Failed to get keymanager for creating SSL connection", e);
	}else{
	LOG.debug("Failed to get keymanager for creating SSL connection: {}", e.getMessage());
	}
	return null;
	}
	try {
	sslContext.init(keyManagers, getEmptyTrustingManager, null);
	return sslContext;
	} catch (KeyManagementException e) {
	LOG.error("Failed to initialized TLS context");
	LOG.debug("Reason:", e);
	return null;
	}

	/**
	* @return trustManager trusting everyone—doesn't perform any SSL-certificate checking.
	*/
	public static TrustManager[] getEmptyTrustingManager() {
	TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
	@Override
	public java.security.cert.X509Certificate[] getAcceptedIssuers() {
	return null;
	}
	@Override
	public void checkClientTrusted(X509Certificate[] certs, String authType) {}
	@Override
	public void checkServerTrusted(X509Certificate[] certs, String authType) {}
	} };
	return trustAllCerts;
	}
	}