*/
package org.openecomp.sdc.common.http.client.api;
+import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
SSLContextBuilder sslContextBuilder = new SSLContextBuilder();
SSLConnectionSocketFactory sslsf = null;
try {
- sslContextBuilder.loadTrustMaterial(new TrustSelfSignedStrategy());
if (clientCertificate != null) {
setClientSsl(clientCertificate, sslContextBuilder);
+ } else {
+ sslContextBuilder.loadTrustMaterial(new TrustSelfSignedStrategy());
}
sslsf = new SSLConnectionSocketFactory(sslContextBuilder.build(), NoopHostnameVerifier.INSTANCE);
} catch (GeneralSecurityException e) {
char[] keyStorePassword = clientCertificate.getKeyStorePassword().toCharArray();
KeyStore clientKeyStore = createClientKeyStore(clientCertificate.getKeyStore(), keyStorePassword);
sslContextBuilder.loadKeyMaterial(clientKeyStore, keyStorePassword);
+ if (StringUtils.isEmpty(clientCertificate.getTrustStore())) {
+ sslContextBuilder.loadTrustMaterial(new TrustSelfSignedStrategy());
+ } else {
+ sslContextBuilder.loadTrustMaterial(new File(clientCertificate.getTrustStore()), clientCertificate.getTrustStorePassword().toCharArray());
+ }
logger.debug("#setClientSsl - Set Client Certificate authentication");
} catch (IOException | GeneralSecurityException e) {
logger.debug("#setClientSsl - Set Client Certificate authentication failed with exception, diasable client SSL authentication ", e);
}
return keyStore;
}
+
private String getKeyStoreType(String keyStore) {
if (!StringUtils.isEmpty(keyStore)) {