1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27 package org.apache.hc.client5.http.examples;
28
29 import java.security.cert.X509Certificate;
30
31 import javax.net.ssl.SSLContext;
32 import javax.net.ssl.SSLSession;
33
34 import org.apache.hc.client5.http.classic.methods.HttpGet;
35 import org.apache.hc.client5.http.config.TlsConfig;
36 import org.apache.hc.client5.http.impl.classic.CloseableHttpClient;
37 import org.apache.hc.client5.http.impl.classic.HttpClients;
38 import org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManagerBuilder;
39 import org.apache.hc.client5.http.io.HttpClientConnectionManager;
40 import org.apache.hc.client5.http.protocol.HttpClientContext;
41 import org.apache.hc.client5.http.ssl.SSLConnectionSocketFactory;
42 import org.apache.hc.client5.http.ssl.SSLConnectionSocketFactoryBuilder;
43 import org.apache.hc.core5.http.io.entity.EntityUtils;
44 import org.apache.hc.core5.http.message.StatusLine;
45 import org.apache.hc.core5.http.ssl.TLS;
46 import org.apache.hc.core5.ssl.SSLContexts;
47 import org.apache.hc.core5.util.Timeout;
48
49
50
51
52
53 public class ClientCustomSSL {
54
55 public final static void main(final String[] args) throws Exception {
56
57 final SSLContext sslContext = SSLContexts.custom()
58 .loadTrustMaterial((chain, authType) -> {
59 final X509Certificate cert = chain[0];
60 return "CN=httpbin.org".equalsIgnoreCase(cert.getSubjectDN().getName());
61 })
62 .build();
63 final SSLConnectionSocketFactory sslSocketFactory = SSLConnectionSocketFactoryBuilder.create()
64 .setSslContext(sslContext)
65 .build();
66
67 final HttpClientConnectionManager cm = PoolingHttpClientConnectionManagerBuilder.create()
68 .setSSLSocketFactory(sslSocketFactory)
69 .setDefaultTlsConfig(TlsConfig.custom()
70 .setHandshakeTimeout(Timeout.ofSeconds(30))
71 .setSupportedProtocols(TLS.V_1_3)
72 .build())
73 .build();
74 try (CloseableHttpClient httpclient = HttpClients.custom()
75 .setConnectionManager(cm)
76 .build()) {
77
78 final HttpGet httpget = new HttpGet("https://httpbin.org/");
79
80 System.out.println("Executing request " + httpget.getMethod() + " " + httpget.getUri());
81
82 final HttpClientContext clientContext = HttpClientContext.create();
83 httpclient.execute(httpget, clientContext, response -> {
84 System.out.println("----------------------------------------");
85 System.out.println(httpget + "->" + new StatusLine(response));
86 EntityUtils.consume(response.getEntity());
87 final SSLSession sslSession = clientContext.getSSLSession();
88 if (sslSession != null) {
89 System.out.println("SSL protocol " + sslSession.getProtocol());
90 System.out.println("SSL cipher suite " + sslSession.getCipherSuite());
91 }
92 return null;
93 });
94 }
95 }
96
97 }