ES https certificate

f42d598b · Renan Souza · f0c0bf02 · f42d598b
Commit f42d598b authored 5 years ago by Renan Souza
--- a/testing/indexer-test-core/src/main/java/org/opengroup/osdu/util/ElasticUtils.java
+++ b/testing/indexer-test-core/src/main/java/org/opengroup/osdu/util/ElasticUtils.java
 package org.opengroup.osdu.util;

-import com.google.gson.Gson;
-import lombok.extern.java.Log;
+import java.io.IOException;
+import java.security.SecureRandom;
+import java.security.cert.X509Certificate;
+import java.util.ArrayList;
+import java.util.Base64;
+import java.util.List;
+import java.util.Map;
+import java.util.logging.Level;
+
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.X509TrustManager;
+
 import org.apache.http.Header;
 import org.apache.http.HttpHost;
+import org.apache.http.conn.ssl.SSLSocketFactory;
+import org.apache.http.impl.nio.client.HttpAsyncClientBuilder;
 import org.apache.http.message.BasicHeader;
 import org.elasticsearch.ElasticsearchException;
 import org.elasticsearch.ElasticsearchStatusException;
@@ -21,22 +34,22 @@ import org.elasticsearch.action.index.IndexRequest;
 import org.elasticsearch.action.search.SearchRequest;
 import org.elasticsearch.action.search.SearchResponse;
 import org.elasticsearch.action.support.master.AcknowledgedResponse;
-import org.elasticsearch.client.*;
+import org.elasticsearch.client.RequestOptions;
+import org.elasticsearch.client.RestClient;
+import org.elasticsearch.client.RestClientBuilder;
+import org.elasticsearch.client.RestClientBuilder.HttpClientConfigCallback;
+import org.elasticsearch.client.RestHighLevelClient;
 import org.elasticsearch.cluster.metadata.MappingMetaData;
 import org.elasticsearch.common.collect.ImmutableOpenMap;
 import org.elasticsearch.common.settings.Settings;
 import org.elasticsearch.common.unit.TimeValue;
-import org.elasticsearch.common.xcontent.XContentType;
 import org.elasticsearch.index.query.QueryBuilders;
 import org.elasticsearch.rest.RestStatus;
 import org.elasticsearch.search.builder.SearchSourceBuilder;

-import java.io.IOException;
-import java.util.ArrayList;
-import java.util.Base64;
-import java.util.List;
-import java.util.Map;
-import java.util.logging.Level;
+import com.google.gson.Gson;
+
+import lombok.extern.java.Log;


 /**
@@ -72,7 +85,7 @@ public class ElasticUtils {
                // creating index + add mapping to the index
                log.info("Creating index with name: " + index);
                CreateIndexRequest request = new CreateIndexRequest(index, settings);
-                request.source("{\"mappings\":" + mapping + "}", XContentType.JSON);
+                //request.source("{\"mappings\":" + mapping + "}", XContentType.JSON);
                request.timeout(REQUEST_TIMEOUT);
                CreateIndexResponse response = client.indices().create(request, RequestOptions.DEFAULT);

@@ -268,6 +281,29 @@ public class ElasticUtils {
                    .setSocketTimeout(REST_CLIENT_SOCKET_TIMEOUT));
            builder.setMaxRetryTimeoutMillis(REST_CLIENT_RETRY_TIMEOUT);

+            SSLContext sslContext = SSLContext.getInstance("SSL");
+
+         // set up a TrustManager that trusts everything
+            sslContext.init(null, new TrustManager[] { new X509TrustManager() {
+            	public X509Certificate[] getAcceptedIssuers() {
+            		System.out.println("getAcceptedIssuers =============");
+            		return null;
+            	}
+
+            	public void checkClientTrusted(X509Certificate[] certs,
+            			String authType) {
+            		System.out.println("checkClientTrusted =============");
+            	}
+
+            	public void checkServerTrusted(X509Certificate[] certs,
+            			String authType) {
+            		System.out.println("checkServerTrusted =============");
+            	}
+            } }, new SecureRandom());
+
+
+            
+            
            Header[] defaultHeaders = new Header[]{
                    new BasicHeader("client.transport.nodes_sampler_interval", "30s"),
                    new BasicHeader("client.transport.ping_timeout", "30s"),
@@ -277,8 +313,18 @@ public class ElasticUtils {
                    new BasicHeader("xpack.security.transport.ssl.enabled", Boolean.toString(true)),
                    new BasicHeader("Authorization", String.format("Basic %s", Base64.getEncoder().encodeToString(rawString.getBytes()))),
            };
-
-            builder.setDefaultHeaders(defaultHeaders);
+            
+
+            builder.setHttpClientConfigCallback(new HttpClientConfigCallback() {
+                @Override
+                public HttpAsyncClientBuilder customizeHttpClient(
+                        HttpAsyncClientBuilder httpClientBuilder) {
+                    return httpClientBuilder
+                    		.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER)
+                    		.setSSLContext(sslContext);
+                }
+            })
+            .setDefaultHeaders(defaultHeaders);
            restHighLevelClient = new RestHighLevelClient(builder);

        } catch (Exception e) {