d100adc9c5
* [BAEL-4448] Added examples for setting TLS version in HttpClient (cherry picked from commit f4d40fc3f3140fd046ed957030e9a54582bd4a67) * [BAEL-4448] Simplified the code for one example * [BAEL-4448] Formatting fixes and moved to new package * [BAEL-4448] Forgot an import and fixed class name typo * [BAEL-4448] Created second module for httpclient and moved article code Co-authored-by: joe <joe.boudreau@pm.me>
64 lines
2.5 KiB
Java
64 lines
2.5 KiB
Java
package com.baeldung.tlsversion;
|
|
|
|
import javax.net.ssl.SSLSocket;
|
|
|
|
import org.apache.http.HttpEntity;
|
|
import org.apache.http.client.methods.CloseableHttpResponse;
|
|
import org.apache.http.client.methods.HttpGet;
|
|
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
|
|
import org.apache.http.impl.client.CloseableHttpClient;
|
|
import org.apache.http.impl.client.HttpClients;
|
|
import org.apache.http.ssl.SSLContexts;
|
|
import org.apache.http.util.EntityUtils;
|
|
|
|
import java.io.IOException;
|
|
|
|
public class ClientTlsVersionExamples {
|
|
|
|
public static CloseableHttpClient setViaSocketFactory() {
|
|
SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(
|
|
SSLContexts.createDefault(),
|
|
new String[] { "TLSv1.2", "TLSv1.3" },
|
|
null,
|
|
SSLConnectionSocketFactory.getDefaultHostnameVerifier());
|
|
|
|
return HttpClients.custom().setSSLSocketFactory(sslsf).build();
|
|
}
|
|
|
|
public static CloseableHttpClient setTlsVersionPerConnection() {
|
|
SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(SSLContexts.createDefault()) {
|
|
|
|
@Override
|
|
protected void prepareSocket(SSLSocket socket) {
|
|
String hostname = socket.getInetAddress().getHostName();
|
|
if (hostname.endsWith("internal.system.com")) {
|
|
socket.setEnabledProtocols(new String[] { "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3" });
|
|
} else {
|
|
socket.setEnabledProtocols(new String[] { "TLSv1.3" });
|
|
}
|
|
}
|
|
};
|
|
|
|
return HttpClients.custom().setSSLSocketFactory(sslsf).build();
|
|
}
|
|
|
|
// To configure the TLS versions for the client, set the https.protocols system property during runtime.
|
|
// For example: java -Dhttps.protocols=TLSv1.1,TLSv1.2,TLSv1.3 -jar webClient.jar
|
|
public static CloseableHttpClient setViaSystemProperties() {
|
|
return HttpClients.createSystem();
|
|
// Alternatively:
|
|
// return HttpClients.custom().useSystemProperties().build();
|
|
}
|
|
|
|
public static void main(String[] args) throws IOException {
|
|
// Alternatively:
|
|
// CloseableHttpClient httpClient = setTlsVersionPerConnection();
|
|
// CloseableHttpClient httpClient = setViaSystemProperties();
|
|
try (CloseableHttpClient httpClient = setViaSocketFactory();
|
|
CloseableHttpResponse response = httpClient.execute(new HttpGet("https://httpbin.org/"))) {
|
|
|
|
HttpEntity entity = response.getEntity();
|
|
EntityUtils.consume(entity);
|
|
}
|
|
}
|
|
} |