- private SslContext createSslContextRejectingUntrustedPeers(String trustStorePath, String trustStorePass,
- KeyManagerFactory keyManager)
- throws NoSuchAlgorithmException, CertificateException, IOException, KeyStoreException {
-
- final KeyStore trustStore = getTrustStore(trustStorePath, trustStorePass);
- List<Certificate> certificateList = Collections.list(trustStore.aliases()).stream() //
- .filter(alias -> isCertificateEntry(trustStore, alias)) //
- .map(alias -> getCertificate(trustStore, alias)) //
- .collect(Collectors.toList());
- final X509Certificate[] certificates = certificateList.toArray(new X509Certificate[certificateList.size()]);
-
- return SslContextBuilder.forClient() //
- .keyManager(keyManager) //
- .trustManager(certificates) //
- .build();
- }
-
- private SslContext createSslContext(KeyManagerFactory keyManager)
- throws NoSuchAlgorithmException, CertificateException, KeyStoreException, IOException {
- if (this.clientConfig.isTrustStoreUsed()) {
- return createSslContextRejectingUntrustedPeers(this.clientConfig.trustStore(),
- this.clientConfig.trustStorePassword(), keyManager);
- } else {
- // Trust anyone
- return SslContextBuilder.forClient() //
- .keyManager(keyManager) //
- .trustManager(InsecureTrustManagerFactory.INSTANCE) //
- .build();
- }
- }
-
- private TcpClient createTcpClientSecure(SslContext sslContext) {
- return TcpClient.create(ConnectionProvider.newConnection()) //