Skip to content
Snippets Groups Projects
Commit 9d0a6a4a authored by Maximilien de Bayser's avatar Maximilien de Bayser
Browse files

Revert "skip SSL on ES request at indexer-core, NEED TO REMOVE before merge to master"

This reverts commit 5f7eacb9.
parent cf330aea
No related branches found
No related tags found
1 merge request!6Trusted ibm
......@@ -14,30 +14,21 @@
package org.opengroup.osdu.indexer.util;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import java.util.Base64;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.apache.http.Header;
import org.apache.http.HttpHost;
import org.apache.http.HttpStatus;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.impl.nio.client.HttpAsyncClientBuilder;
import org.apache.http.message.BasicHeader;
import org.elasticsearch.client.RestClient;
import org.elasticsearch.client.RestClientBuilder;
import org.elasticsearch.client.RestClientBuilder.HttpClientConfigCallback;
import org.elasticsearch.client.RestHighLevelClient;
import org.opengroup.osdu.core.common.model.http.AppException;
import org.opengroup.osdu.core.common.model.indexer.IElasticSettingService;
import org.opengroup.osdu.core.common.model.search.ClusterSettings;
import org.opengroup.osdu.core.common.model.indexer.IElasticSettingService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import java.util.Base64;
@Component
public class ElasticClientHandler {
......@@ -94,35 +85,8 @@ public class ElasticClientHandler {
new BasicHeader("xpack.security.transport.ssl.enabled", tls),
new BasicHeader("Authorization", basicAuthenticationHeaderVal),
};
SSLContext sslContext = SSLContext.getInstance("SSL");
// set up a TrustManager that trusts everything
sslContext.init(null, new TrustManager[] { new X509TrustManager() {
public X509Certificate[] getAcceptedIssuers() {
System.out.println("getAcceptedIssuers =============");
return null;
}
public void checkClientTrusted(X509Certificate[] certs, String authType) {
System.out.println("checkClientTrusted =============");
}
public void checkServerTrusted(X509Certificate[] certs, String authType) {
System.out.println("checkServerTrusted =============");
}
} }, new SecureRandom());
builder.setHttpClientConfigCallback(new HttpClientConfigCallback() {
@Override
public HttpAsyncClientBuilder customizeHttpClient(
HttpAsyncClientBuilder httpClientBuilder) {
return httpClientBuilder
.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER)
.setSSLContext(sslContext);
}
}).setDefaultHeaders(defaultHeaders);
//builder.setDefaultHeaders(defaultHeaders);
builder.setDefaultHeaders(defaultHeaders);
return new RestHighLevelClient(builder);
} catch (AppException e) {
throw e;
......@@ -135,4 +99,4 @@ public class ElasticClientHandler {
e);
}
}
}
}
\ No newline at end of file
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment