[1/2] git commit: refs/heads/vim51_win8 - Trust all certificate in vcenter connect.

[mc...@apache.org]

Trust all certificate in vcenter connect.

Project: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/commit/525fe14c
Tree: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/tree/525fe14c
Diff: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/diff/525fe14c

Branch: refs/heads/vim51_win8
Commit: 525fe14c25877aeb0c49a6ca8aa9d18f62ff97e2
Parents: c20ea04
Author: Min Chen <mi...@citrix.com>
Authored: Wed Feb 20 10:57:52 2013 -0800
Committer: Min Chen <mi...@citrix.com>
Committed: Wed Feb 20 10:57:52 2013 -0800

----------------------------------------------------------------------
 .../cloud/hypervisor/vmware/util/VmwareClient.java |   31 +++++++++++++++
 1 files changed, 31 insertions(+), 0 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/525fe14c/vmware-base/src/com/cloud/hypervisor/vmware/util/VmwareClient.java
----------------------------------------------------------------------
diff --git a/vmware-base/src/com/cloud/hypervisor/vmware/util/VmwareClient.java b/vmware-base/src/com/cloud/hypervisor/vmware/util/VmwareClient.java
index ae5f47f..f29a8c0 100644
--- a/vmware-base/src/com/cloud/hypervisor/vmware/util/VmwareClient.java
+++ b/vmware-base/src/com/cloud/hypervisor/vmware/util/VmwareClient.java
@@ -58,6 +58,36 @@ import com.vmware.vim25.ObjectContent;
  */
 public class VmwareClient {
 
+    private static class TrustAllTrustManager implements javax.net.ssl.TrustManager, javax.net.ssl.X509TrustManager {
+
+        @Override
+        public java.security.cert.X509Certificate[] getAcceptedIssuers() {
+            return null;
+        }
+
+        @Override
+        public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) throws java.security.cert.CertificateException {
+            return;
+        }
+
+        @Override
+        public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) throws java.security.cert.CertificateException {
+            return;
+        }
+    }
+
+    private static void trustAllHttpsCertificates() throws Exception {
+        // Create a trust manager that does not validate certificate chains:
+        javax.net.ssl.TrustManager[] trustAllCerts = new javax.net.ssl.TrustManager[1];
+        javax.net.ssl.TrustManager tm = new TrustAllTrustManager();
+        trustAllCerts[0] = tm;
+        javax.net.ssl.SSLContext sc = javax.net.ssl.SSLContext.getInstance("SSL");
+        javax.net.ssl.SSLSessionContext sslsc = sc.getServerSessionContext();
+        sslsc.setSessionTimeout(0);
+        sc.init(null, trustAllCerts, null);
+        javax.net.ssl.HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
+    }
+
     private ManagedObjectReference SVC_INST_REF = new ManagedObjectReference();
     private ManagedObjectReference propCollectorRef;
     private ManagedObjectReference rootRef;
@@ -86,6 +116,7 @@ public class VmwareClient {
                 return true;
             }
         };
+        trustAllHttpsCertificates();
         HttpsURLConnection.setDefaultHostnameVerifier(hv);
 
         SVC_INST_REF.setType(SVC_INST_NAME);