Created
August 29, 2019 01:40
-
-
Save rdhabalia/296d654c2b96ff03e009ecfb504e78a1 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package org.apache.pulsar.client.api; | |
import java.net.Socket; | |
import java.security.KeyStore; | |
import java.security.KeyStoreException; | |
import java.security.NoSuchAlgorithmException; | |
import java.security.NoSuchProviderException; | |
import java.security.cert.CertificateException; | |
import java.security.cert.X509Certificate; | |
import javax.net.ssl.SSLEngine; | |
import javax.net.ssl.TrustManager; | |
import javax.net.ssl.TrustManagerFactory; | |
import javax.net.ssl.X509ExtendedTrustManager; | |
import javax.net.ssl.X509TrustManager; | |
public class MyX509ExtendedTrustManager extends X509ExtendedTrustManager { | |
private X509ExtendedTrustManager trustManager; | |
public MyX509ExtendedTrustManager() throws KeyStoreException, NoSuchAlgorithmException, NoSuchProviderException { | |
KeyStore ks = null; // My-keystore | |
TrustManagerFactory tmf = TrustManagerFactory.getInstance("PKIX"); | |
tmf.init(ks); | |
TrustManager tms[] = tmf.getTrustManagers(); | |
/* | |
* Iterate over the returned trustmanagers, look for an instance of X509TrustManager. If found, use that as our | |
* "default" trust manager. | |
*/ | |
for (int i = 0; i < tms.length; i++) { | |
if (tms[i] instanceof X509TrustManager) { | |
trustManager = (X509ExtendedTrustManager) tms[i]; | |
break; | |
} | |
} | |
if (trustManager == null) { | |
throw new IllegalArgumentException("Failed to find default X509TrustManager"); | |
} | |
} | |
@Override | |
public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { | |
trustManager.checkClientTrusted(chain, authType); | |
} | |
@Override | |
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { | |
trustManager.checkServerTrusted(chain, authType); | |
} | |
@Override | |
public X509Certificate[] getAcceptedIssuers() { | |
return trustManager.getAcceptedIssuers(); | |
} | |
@Override | |
public void checkClientTrusted(X509Certificate[] chain, String authType, Socket arg2) throws CertificateException { | |
trustManager.checkClientTrusted(chain, authType); | |
} | |
@Override | |
public void checkClientTrusted(X509Certificate[] chain, String authType, SSLEngine engine) throws CertificateException { | |
trustManager.checkClientTrusted(chain, authType, engine); | |
} | |
@Override | |
public void checkServerTrusted(X509Certificate[] chain, String authType, Socket socket) throws CertificateException { | |
trustManager.checkServerTrusted(chain, authType, socket); | |
} | |
@Override | |
public void checkServerTrusted(X509Certificate[] chain, String authType, SSLEngine engine) throws CertificateException { | |
trustManager.checkServerTrusted(chain, authType, engine); | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment