Revert "skip SSL on ES request at indexer-core, NEED TO REMOVE before merge to master"

This reverts commit 5f7eacb9.

Revert "skip SSL on ES request at indexer-core, NEED TO REMOVE before merge to master"
9d0a6a4a · Maximilien de Bayser · cf330aea · 9d0a6a4a
Commit 9d0a6a4a authored 5 years ago by Maximilien de Bayser
--- a/indexer-core/src/main/java/org/opengroup/osdu/indexer/util/ElasticClientHandler.java
+++ b/indexer-core/src/main/java/org/opengroup/osdu/indexer/util/ElasticClientHandler.java
@@ -14,30 +14,21 @@
 package org.opengroup.osdu.indexer.util;
-import java.security.SecureRandom;
-import java.security.cert.X509Certificate;
-import java.util.Base64;
-import javax.net.ssl.SSLContext;
-import javax.net.ssl.TrustManager;
-import javax.net.ssl.X509TrustManager;
 import org.apache.http.Header;
 import org.apache.http.HttpHost;
 import org.apache.http.HttpStatus;
-import org.apache.http.conn.ssl.SSLSocketFactory;
-import org.apache.http.impl.nio.client.HttpAsyncClientBuilder;
 import org.apache.http.message.BasicHeader;
 import org.elasticsearch.client.RestClient;
 import org.elasticsearch.client.RestClientBuilder;
-import org.elasticsearch.client.RestClientBuilder.HttpClientConfigCallback;
 import org.elasticsearch.client.RestHighLevelClient;
 import org.opengroup.osdu.core.common.model.http.AppException;
-import org.opengroup.osdu.core.common.model.indexer.IElasticSettingService;
 import org.opengroup.osdu.core.common.model.search.ClusterSettings;
+import org.opengroup.osdu.core.common.model.indexer.IElasticSettingService;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
+import java.util.Base64;
 @Component
 public class ElasticClientHandler {
@@ -94,35 +85,8 @@ public class ElasticClientHandler {
                    new BasicHeader("xpack.security.transport.ssl.enabled", tls),
                    new BasicHeader("Authorization", basicAuthenticationHeaderVal),
            };
-            SSLContext sslContext = SSLContext.getInstance("SSL");
-            // set up a TrustManager that trusts everything
-            sslContext.init(null, new TrustManager[] { new X509TrustManager() {
-	            public X509Certificate[] getAcceptedIssuers() {
-	           		System.out.println("getAcceptedIssuers =============");
-	           		return null;
-	            }
-	            public void checkClientTrusted(X509Certificate[] certs, String authType) {
-	           		System.out.println("checkClientTrusted =============");
-	            }
-	            public void checkServerTrusted(X509Certificate[] certs, String authType) {
-	           		System.out.println("checkServerTrusted =============");
-	            }
-            } }, new SecureRandom());
-            builder.setHttpClientConfigCallback(new HttpClientConfigCallback() {
+            builder.setDefaultHeaders(defaultHeaders);
-                @Override
-                public HttpAsyncClientBuilder customizeHttpClient(
-                        HttpAsyncClientBuilder httpClientBuilder) {
-                    return httpClientBuilder
-                    		.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER)
-                    		.setSSLContext(sslContext);
-                }
-            }).setDefaultHeaders(defaultHeaders);
-            //builder.setDefaultHeaders(defaultHeaders);
            return new RestHighLevelClient(builder);
        } catch (AppException e) {
            throw e;
@@ -135,4 +99,4 @@ public class ElasticClientHandler {
                    e);
        }
    }
 }
\ No newline at end of file