From 77e633051aa67f78568807219b9d5a5a4e6526e7 Mon Sep 17 00:00:00 2001 From: Gerard Molina <47140788+gmolki@users.noreply.github.com> Date: Thu, 7 Dec 2023 19:13:53 +0100 Subject: [PATCH 1/3] feat: handle-x509-certs --- .../com/dius/pact/core/support/HttpClient.kt | 26 +++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/core/support/src/main/kotlin/au/com/dius/pact/core/support/HttpClient.kt b/core/support/src/main/kotlin/au/com/dius/pact/core/support/HttpClient.kt index 6367e5937..337b68417 100644 --- a/core/support/src/main/kotlin/au/com/dius/pact/core/support/HttpClient.kt +++ b/core/support/src/main/kotlin/au/com/dius/pact/core/support/HttpClient.kt @@ -23,6 +23,7 @@ import org.apache.hc.core5.http.config.RegistryBuilder import org.apache.hc.core5.http.message.BasicHeader import org.apache.hc.core5.ssl.SSLContexts import org.apache.hc.core5.util.TimeValue +import java.io.File import java.net.URI /** @@ -144,6 +145,8 @@ object HttpClient : KLogging() { setupInsecureTLS(builder) } + setupX509Certificate(builder) + return builder.build() to credsProvider } @@ -182,4 +185,27 @@ object HttpClient : KLogging() { ) ) } + + private fun setupX509Certificate(builder: HttpClientBuilder) { + val keystorePath = "tmp/machine-id/keystore.jks" + val truststorePath = "tmp/machine-id/truststore.jks" + val keystorePassword = "123456" + val truststorePassword = "123456" + + val sslContext = SSLContexts.custom() + .loadKeyMaterial(File(keystorePath), keystorePassword.toCharArray(), keystorePassword.toCharArray()) + .loadTrustMaterial(File(truststorePath), truststorePassword.toCharArray()) + .build() + + val sslSocketFactory = SSLConnectionSocketFactoryBuilder.create().setSslContext(sslContext).build() + + builder.setConnectionManager( + BasicHttpClientConnectionManager( + RegistryBuilder.create() + .register("http", PlainConnectionSocketFactory.getSocketFactory()) + .register("https", sslSocketFactory) + .build() + ) + ) + } } From 00b48c63a293c56fb21482b29b6788d997bdf7a3 Mon Sep 17 00:00:00 2001 From: Gerard Molina <47140788+gmolki@users.noreply.github.com> Date: Fri, 15 Dec 2023 11:36:07 +0100 Subject: [PATCH 2/3] remove trustore --- .../main/kotlin/au/com/dius/pact/core/support/HttpClient.kt | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/core/support/src/main/kotlin/au/com/dius/pact/core/support/HttpClient.kt b/core/support/src/main/kotlin/au/com/dius/pact/core/support/HttpClient.kt index 337b68417..b391f4db5 100644 --- a/core/support/src/main/kotlin/au/com/dius/pact/core/support/HttpClient.kt +++ b/core/support/src/main/kotlin/au/com/dius/pact/core/support/HttpClient.kt @@ -187,14 +187,11 @@ object HttpClient : KLogging() { } private fun setupX509Certificate(builder: HttpClientBuilder) { - val keystorePath = "tmp/machine-id/keystore.jks" - val truststorePath = "tmp/machine-id/truststore.jks" + val keystorePath = "tmp/machine-id/keystore.p12" val keystorePassword = "123456" - val truststorePassword = "123456" val sslContext = SSLContexts.custom() .loadKeyMaterial(File(keystorePath), keystorePassword.toCharArray(), keystorePassword.toCharArray()) - .loadTrustMaterial(File(truststorePath), truststorePassword.toCharArray()) .build() val sslSocketFactory = SSLConnectionSocketFactoryBuilder.create().setSslContext(sslContext).build() From 71a9bf29d62847151303513c28c00f0af72acc16 Mon Sep 17 00:00:00 2001 From: Gerard Molina <47140788+gmolki@users.noreply.github.com> Date: Fri, 15 Dec 2023 13:30:19 +0100 Subject: [PATCH 3/3] refactor: don't use keystore password --- .../main/kotlin/au/com/dius/pact/core/support/HttpClient.kt | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/core/support/src/main/kotlin/au/com/dius/pact/core/support/HttpClient.kt b/core/support/src/main/kotlin/au/com/dius/pact/core/support/HttpClient.kt index b391f4db5..6a528673b 100644 --- a/core/support/src/main/kotlin/au/com/dius/pact/core/support/HttpClient.kt +++ b/core/support/src/main/kotlin/au/com/dius/pact/core/support/HttpClient.kt @@ -188,10 +188,10 @@ object HttpClient : KLogging() { private fun setupX509Certificate(builder: HttpClientBuilder) { val keystorePath = "tmp/machine-id/keystore.p12" - val keystorePassword = "123456" + val keystorePassword = "".toCharArray() val sslContext = SSLContexts.custom() - .loadKeyMaterial(File(keystorePath), keystorePassword.toCharArray(), keystorePassword.toCharArray()) + .loadKeyMaterial(File(keystorePath), keystorePassword, keystorePassword) .build() val sslSocketFactory = SSLConnectionSocketFactoryBuilder.create().setSslContext(sslContext).build()