/ Java Zone
Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

How to Setup Custom SSLSocketFactory's TrustManager per Each URL Connection

DZone's Guide to

How to Setup Custom SSLSocketFactory's TrustManager per Each URL Connection

by
Zemian Deng
·
Oct. 31, 14 · Java Zone
Free Resource

Comment (2)

Save
Tweet
{{ articles[0].views | formatCount}} Views

Are you joining the containers revolution? Start leveraging container management using Platform9's ultimate guide to Kubernetes deployment.

We can see from javadoc that javax.net.ssl.HttpsURLConnection provided a static method to override withsetDefaultSSLSocketFory() method. This allow you to supply a custom javax.net.ssl.TrustManagerthat may verify your own  CA certs handshake and validation etc. But this will override the default for all "https" URLs per your JVM!

So how can we override just a single https URL? Looking at javax.net.ssl.HttpsURLConnection again we see instance method for setSSLSocketFactory(), but we can't instantiate HttpsURLConnection object directly! It took me some digging to realized that the java.net.URL is actually an factory class for its implementation! One can get an instance like this using new URL("https://localhost").openConnection()
To complete this article, I will provide a simple working example that demonstrate this.

package zemian;
import java.io.BufferedReader;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.net.URL;
import java.net.URLConnection;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
public class WGetText {
    public static void main(String[] args) throws Exception {
        String urlString = System.getProperty("url", "https://google.com");
        URL url = new URL(urlString);
        URLConnection urlConnection = url.openConnection();
        HttpsURLConnection httpsUrlConnection = (HttpsURLConnection) urlConnection;
        SSLSocketFactory sslSocketFactory = createSslSocketFactory();
       httpsUrlConnection.setSSLSocketFactory(sslSocketFactory);
        try (InputStream inputStream = httpsUrlConnection.getInputStream()) {
            BufferedReader reader = new BufferedReader(new InputStreamReader(inputStream));
            String line = null;
            while ((line = reader.readLine()) != null) {
                System.out.println(line);
            }
        }
    }
    private static SSLSocketFactory createSslSocketFactory() throws Exception {
        TrustManager[] byPassTrustManagers = new TrustManager[] { new X509TrustManager() {
            public X509Certificate[] getAcceptedIssuers() {
                return new X509Certificate[0];
            }
            public void checkClientTrusted(X509Certificate[] chain, String authType) {
            }
            public void checkServerTrusted(X509Certificate[] chain, String authType) {
            }
        } };
        SSLContext sslContext = SSLContext.getInstance("TLS");
       sslContext.init(null, byPassTrustManagers, new SecureRandom());
        return sslContext.getSocketFactory();
    }
}

Moving towards a private or Hybrid cloud infrastructure model? Get started with our OpenStack Deployment Models guide to learn the proper deployment model for your organization.

Like This Article? Read More From DZone

Using AI to Predict Cardiac Risk in Liver Transplant Patients
New RegEx Features in Java 9
Announcing log4j-aws-appenders

Free DZone Refcard

Getting Started With Vaadin Framework 8
DOWNLOAD
Topics:

Comment (2)

Save
Tweet
{{ articles[0].views | formatCount}} Views

Published at DZone with permission of Zemian Deng, DZone MVB. See the original article here.

Opinions expressed by DZone contributors are their own.

Java Partner Resources

CA App Experience Analytics, a whole new level of visibility. Learn more.
How To Resolve Network Partitions In Seconds With Lightbend Enterprise Suite
Reactive Microsystems - The Evolution of Microservices at Scale
Develop and Deploy Microservices with JHipster
Jenkins, Docker and DevOps: The Innovation Catalysts
Play Framework: The JVM Architect's Path to Super-Fast Web Apps
Easily Build Continuous Delivery Pipelines with Jenkins and Pipeline Plugin
Modern Java EE Design Patterns: Building Scalable Architecture for Sustainable Enterprise Development
An Introduction to Progressive Web Applications with Spring Boot and Angular
Building Reactive Microservices in Java: Asynchronous and Event-Based Application Design
Advanced Linux Commands [Cheat Sheet]
Combine the Innovations of NoSQL with the Critical Capabilities of Relational Databases

Java Partner Resources

CA App Experience Analytics, a whole new level of visibility. Learn more.
How To Resolve Network Partitions In Seconds With Lightbend Enterprise Suite
Reactive Microsystems - The Evolution of Microservices at Scale
Develop and Deploy Microservices with JHipster
THE DZONE NEWSLETTER

Dev Resources & Solutions Straight to Your Inbox

Thanks for subscribing!

Awesome! Check your inbox to verify your email so you can start receiving the latest in tech news and resources.

X

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.linkDescription }}

{{ parent.urlSource.name }}
by {{ parent.authors[0].realName || parent.author}}
· {{ parent.articleDate | date:'MMM. dd, yyyy' }} {{ parent.linkDate | date:'MMM. dd, yyyy' }}
· {{ parent.portal.name }} Zone