You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by mc...@apache.org on 2013/02/20 19:58:51 UTC
[1/2] git commit: refs/heads/vim51_win8 - Trust all certificate in
vcenter connect.
Trust all certificate in vcenter connect.
Project: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/commit/525fe14c
Tree: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/tree/525fe14c
Diff: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/diff/525fe14c
Branch: refs/heads/vim51_win8
Commit: 525fe14c25877aeb0c49a6ca8aa9d18f62ff97e2
Parents: c20ea04
Author: Min Chen <mi...@citrix.com>
Authored: Wed Feb 20 10:57:52 2013 -0800
Committer: Min Chen <mi...@citrix.com>
Committed: Wed Feb 20 10:57:52 2013 -0800
----------------------------------------------------------------------
.../cloud/hypervisor/vmware/util/VmwareClient.java | 31 +++++++++++++++
1 files changed, 31 insertions(+), 0 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/525fe14c/vmware-base/src/com/cloud/hypervisor/vmware/util/VmwareClient.java
----------------------------------------------------------------------
diff --git a/vmware-base/src/com/cloud/hypervisor/vmware/util/VmwareClient.java b/vmware-base/src/com/cloud/hypervisor/vmware/util/VmwareClient.java
index ae5f47f..f29a8c0 100644
--- a/vmware-base/src/com/cloud/hypervisor/vmware/util/VmwareClient.java
+++ b/vmware-base/src/com/cloud/hypervisor/vmware/util/VmwareClient.java
@@ -58,6 +58,36 @@ import com.vmware.vim25.ObjectContent;
*/
public class VmwareClient {
+ private static class TrustAllTrustManager implements javax.net.ssl.TrustManager, javax.net.ssl.X509TrustManager {
+
+ @Override
+ public java.security.cert.X509Certificate[] getAcceptedIssuers() {
+ return null;
+ }
+
+ @Override
+ public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) throws java.security.cert.CertificateException {
+ return;
+ }
+
+ @Override
+ public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) throws java.security.cert.CertificateException {
+ return;
+ }
+ }
+
+ private static void trustAllHttpsCertificates() throws Exception {
+ // Create a trust manager that does not validate certificate chains:
+ javax.net.ssl.TrustManager[] trustAllCerts = new javax.net.ssl.TrustManager[1];
+ javax.net.ssl.TrustManager tm = new TrustAllTrustManager();
+ trustAllCerts[0] = tm;
+ javax.net.ssl.SSLContext sc = javax.net.ssl.SSLContext.getInstance("SSL");
+ javax.net.ssl.SSLSessionContext sslsc = sc.getServerSessionContext();
+ sslsc.setSessionTimeout(0);
+ sc.init(null, trustAllCerts, null);
+ javax.net.ssl.HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
+ }
+
private ManagedObjectReference SVC_INST_REF = new ManagedObjectReference();
private ManagedObjectReference propCollectorRef;
private ManagedObjectReference rootRef;
@@ -86,6 +116,7 @@ public class VmwareClient {
return true;
}
};
+ trustAllHttpsCertificates();
HttpsURLConnection.setDefaultHostnameVerifier(hv);
SVC_INST_REF.setType(SVC_INST_NAME);