FilesExpand file tree

 master

/

HttpsTest.java

Copy path

Blame

More file actions

Blame

More file actions

Latest commit

 

History

History

History

170 lines (154 loc) · 5.12 KB

 master

/

HttpsTest.java

Copy path

Top

File metadata and controls

• Code
• Blame

170 lines (154 loc) · 5.12 KB

Raw

Copy raw file

Download raw file

Open symbols panel

Edit and raw actions

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

66

67

68

69

70

71

72

73

74

75

76

77

78

79

80

81

82

83

84

85

86

87

88

89

90

91

92

93

94

95

96

97

98

99

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

import org.junit.Assert;

import org.junit.Test;

import javax.net.ssl.*;

import java.io.*;

import java.net.MalformedURLException;

import java.net.URL;

import java.security.KeyManagementException;

import java.security.KeyStore;

import java.security.NoSuchAlgorithmException;

import java.security.cert.X509Certificate;

public class HttpsTest {

private SSLSocketFactory factory;

/**

* Make a HTTPS GET request to a site with a self-signed certificate or a certificate signed by a

* self-signed ROOT certificate. Since a keystore with the Root is used, the request can be made.

*

* @throws Exception

*/

@Test

public void testSelfSignedCertWithKeyStore() throws Exception {

KeyStore keyStore = KeyStore.getInstance("JKS");

InputStream in = new FileInputStream("cacerts.jks");

keyStore.load(in, "changeit".toCharArray());

TrustManagerFactory tmf =

TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());

tmf.init(keyStore);

SSLContext ctx = SSLContext.getInstance("TLS");

ctx.init(null, tmf.getTrustManagers(), null);

SSLSocketFactory sslFactory = ctx.getSocketFactory();

httpsGet("https://gce.ileci.com", sslFactory);

}

/**

* Make a HTTPS GET request to a site with a self-signed certificate or a certificate signed by a

* self-signed Root certificate. An <code>

* SSLHandshakeException</code> should be thrown.

*

* @throws Exception

*/

@Test

public void testSelfSignedCert() throws Exception {

try {

httpsGet("https://gce.ileci.com");

Assert.fail("SSLHandshakeException should be thrown for self signed certificate");

} catch (SSLHandshakeException ex) {

if (!(ex instanceof SSLHandshakeException)) {

throw ex;

}

}

}

/**

* Makes a HTTP GET request to a site with a valid HTTPS certificate. The request can be make.

*

* @throws Exception

*/

@Test

public void testValidCert() throws Exception {

httpsGet("https://www.baidu.com");

}

/**

* Makes a HTTP GET request to a site with an expired certificate. An <code>SSLHandshakeException

* </code> should be thrown.

*

* @throws Exception

*/

@Test

public void testExpiredCert() throws Exception {

try {

httpsGet("https://expired.badssl.com");

Assert.fail("SSLHandshakeException should be thrown for expired certificate");

} catch (Exception ex) {

if (!(ex instanceof SSLHandshakeException)) {

throw ex;

}

}

}

/**

* Makes a HTTP GET request to a site with an expired certificate. Since the custom

* SSLSocketFactory is used, the request can also be made.

*

* @throws Exception

*/

@Test

public void testExpiredCertWithSslFactory() throws Exception {

setSslFactory();

httpsGet("https://expired.badssl.com");

restoreSslFactory();

}

/**

* Sets a custom SSLSocketFactory which skips the certificate verification.

*

* @throws NoSuchAlgorithmException

* @throws KeyManagementException

*/

private void setSslFactory() throws NoSuchAlgorithmException, KeyManagementException {

factory = HttpsURLConnection.getDefaultSSLSocketFactory();

TrustManager[] trustAllCerts =

new TrustManager[] {

new X509TrustManager() {

public java.security.cert.X509Certificate[] getAcceptedIssuers() {

return null;

}

@Override

public void checkClientTrusted(X509Certificate[] certs, String authType) {}

@Override

public void checkServerTrusted(X509Certificate[] certs, String authType) {}

}

};

SSLContext sc = SSLContext.getInstance("SSL");

sc.init(null, trustAllCerts, new java.security.SecureRandom());

HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());

}

/** Restore the default SSLSocketFactory. */

private void restoreSslFactory() {

HttpsURLConnection.setDefaultSSLSocketFactory(factory);

}

/**

* Makes a HTTPS get GET request with the default SSLSocketFactory.

*

* @param urlStr

* @throws MalformedURLException

* @throws IOException

*/

private void httpsGet(String urlStr) throws MalformedURLException, IOException {

httpsGet(urlStr, null);

}

/**

* Makes a HTTPS GET request and prints its response.

*

* @param urlStr URL

* @param sslSocketFactory If null, use the default.

* @throws MalformedURLException

* @throws IOException

*/

private void httpsGet(String urlStr, SSLSocketFactory sslSocketFactory)

throws MalformedURLException, IOException {

URL url = new URL(urlStr);

HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();

if (sslSocketFactory != null) {

conn.setSSLSocketFactory(sslSocketFactory);

}

BufferedReader br = bufferedReader(conn);

String inputLine;

while ((inputLine = br.readLine()) != null) {

System.out.println(inputLine);

}

br.close();

}

private static BufferedReader bufferedReader(HttpsURLConnection conn) throws IOException {

InputStream in = conn.getInputStream();

InputStreamReader r = new InputStreamReader(in);

BufferedReader br = new BufferedReader(r);

return br;

}

}