Skip to content

Instantly share code, notes, and snippets.

@phatduckk

phatduckk/gist:6116089

Created July 30, 2013 19:30
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save phatduckk/6116089 to your computer and use it in GitHub Desktop.
Save phatduckk/6116089 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
gistfile1.java
package com.jeraff.sell.net.apiclient.sentry;
import javax.net.ssl.*;
import java.security.KeyStore;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Collection;
import java.util.List;
public class TrustSentry {
public TrustSentry() throws SentryTrustException {
try {
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init((KeyStore) null);
X509TrustManager defaultTrustManager = null;
for (TrustManager trustManager : trustManagerFactory.getTrustManagers()) {
if (trustManager instanceof X509TrustManager) {
defaultTrustManager = (X509TrustManager) trustManager;
}
}
final X509TrustManager finalDefaultTrustManager = defaultTrustManager;
X509TrustManager sentryTrustManager = new X509TrustManager() {
private static final String GET_SENTRY_COM = "getsentry.com";
@Override
public void checkClientTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {
return;
}
@Override
public void checkServerTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {
for (X509Certificate cert : x509Certificates) {
Collection<List<?>> alternativeNames = cert.getSubjectAlternativeNames();
for (List<?> alternativeName : alternativeNames) {
for (Object o : alternativeName) {
if (o instanceof String && o.toString().equalsIgnoreCase(GET_SENTRY_COM)) {
return;
}
}
}
}
if (finalDefaultTrustManager != null) {
finalDefaultTrustManager.checkServerTrusted(x509Certificates, s);
} else {
throw new CertificateException("No available default trust managers...");
}
}
public X509Certificate[] getAcceptedIssuers() {
return null;
}
};
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, new TrustManager[]{sentryTrustManager}, new java.security.SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
HostnameVerifier allHostsValid = new HostnameVerifier() {
@Override
public boolean verify(String s, SSLSession sslSession) {
return false;
}
};
} catch (Exception e) {
throw new SentryTrustException(e);
}
}
public static class SentryTrustException extends Exception {
public SentryTrustException() {
}
public SentryTrustException(String message) {
super(message);
}
public SentryTrustException(String message, Throwable cause) {
super(message, cause);
}
public SentryTrustException(Throwable cause) {
super(cause);
}
public SentryTrustException(String message, Throwable cause, boolean enableSuppression, boolean writableStackTrace) {
super(message, cause, enableSuppression, writableStackTrace);
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment