Skip to content

Instantly share code, notes, and snippets.

@rdhabalia
Created August 29, 2019 01:40
Show Gist options
  • Save rdhabalia/296d654c2b96ff03e009ecfb504e78a1 to your computer and use it in GitHub Desktop.
Save rdhabalia/296d654c2b96ff03e009ecfb504e78a1 to your computer and use it in GitHub Desktop.
package org.apache.pulsar.client.api;
import java.net.Socket;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509ExtendedTrustManager;
import javax.net.ssl.X509TrustManager;
public class MyX509ExtendedTrustManager extends X509ExtendedTrustManager {
private X509ExtendedTrustManager trustManager;
public MyX509ExtendedTrustManager() throws KeyStoreException, NoSuchAlgorithmException, NoSuchProviderException {
KeyStore ks = null; // My-keystore
TrustManagerFactory tmf = TrustManagerFactory.getInstance("PKIX");
tmf.init(ks);
TrustManager tms[] = tmf.getTrustManagers();
/*
* Iterate over the returned trustmanagers, look for an instance of X509TrustManager. If found, use that as our
* "default" trust manager.
*/
for (int i = 0; i < tms.length; i++) {
if (tms[i] instanceof X509TrustManager) {
trustManager = (X509ExtendedTrustManager) tms[i];
break;
}
}
if (trustManager == null) {
throw new IllegalArgumentException("Failed to find default X509TrustManager");
}
}
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
trustManager.checkClientTrusted(chain, authType);
}
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
trustManager.checkServerTrusted(chain, authType);
}
@Override
public X509Certificate[] getAcceptedIssuers() {
return trustManager.getAcceptedIssuers();
}
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType, Socket arg2) throws CertificateException {
trustManager.checkClientTrusted(chain, authType);
}
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType, SSLEngine engine) throws CertificateException {
trustManager.checkClientTrusted(chain, authType, engine);
}
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType, Socket socket) throws CertificateException {
trustManager.checkServerTrusted(chain, authType, socket);
}
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType, SSLEngine engine) throws CertificateException {
trustManager.checkServerTrusted(chain, authType, engine);
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment