From f42d598bc07c167ab6e9e62a93c402968d94a59c Mon Sep 17 00:00:00 2001
From: Renan Souza <rfsouza@br.ibm.com>
Date: Thu, 12 Dec 2019 16:41:02 -0300
Subject: [PATCH] ES https  certificate

---
 .../org/opengroup/osdu/util/ElasticUtils.java | 72 +++++++++++++++----
 1 file changed, 59 insertions(+), 13 deletions(-)

diff --git a/testing/indexer-test-core/src/main/java/org/opengroup/osdu/util/ElasticUtils.java b/testing/indexer-test-core/src/main/java/org/opengroup/osdu/util/ElasticUtils.java
index fa8e8f716..ddea6d1ac 100644
--- a/testing/indexer-test-core/src/main/java/org/opengroup/osdu/util/ElasticUtils.java
+++ b/testing/indexer-test-core/src/main/java/org/opengroup/osdu/util/ElasticUtils.java
@@ -1,9 +1,22 @@
 package org.opengroup.osdu.util;
 
-import com.google.gson.Gson;
-import lombok.extern.java.Log;
+import java.io.IOException;
+import java.security.SecureRandom;
+import java.security.cert.X509Certificate;
+import java.util.ArrayList;
+import java.util.Base64;
+import java.util.List;
+import java.util.Map;
+import java.util.logging.Level;
+
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.X509TrustManager;
+
 import org.apache.http.Header;
 import org.apache.http.HttpHost;
+import org.apache.http.conn.ssl.SSLSocketFactory;
+import org.apache.http.impl.nio.client.HttpAsyncClientBuilder;
 import org.apache.http.message.BasicHeader;
 import org.elasticsearch.ElasticsearchException;
 import org.elasticsearch.ElasticsearchStatusException;
@@ -21,22 +34,22 @@ import org.elasticsearch.action.index.IndexRequest;
 import org.elasticsearch.action.search.SearchRequest;
 import org.elasticsearch.action.search.SearchResponse;
 import org.elasticsearch.action.support.master.AcknowledgedResponse;
-import org.elasticsearch.client.*;
+import org.elasticsearch.client.RequestOptions;
+import org.elasticsearch.client.RestClient;
+import org.elasticsearch.client.RestClientBuilder;
+import org.elasticsearch.client.RestClientBuilder.HttpClientConfigCallback;
+import org.elasticsearch.client.RestHighLevelClient;
 import org.elasticsearch.cluster.metadata.MappingMetaData;
 import org.elasticsearch.common.collect.ImmutableOpenMap;
 import org.elasticsearch.common.settings.Settings;
 import org.elasticsearch.common.unit.TimeValue;
-import org.elasticsearch.common.xcontent.XContentType;
 import org.elasticsearch.index.query.QueryBuilders;
 import org.elasticsearch.rest.RestStatus;
 import org.elasticsearch.search.builder.SearchSourceBuilder;
 
-import java.io.IOException;
-import java.util.ArrayList;
-import java.util.Base64;
-import java.util.List;
-import java.util.Map;
-import java.util.logging.Level;
+import com.google.gson.Gson;
+
+import lombok.extern.java.Log;
 
 
 /**
@@ -72,7 +85,7 @@ public class ElasticUtils {
                 // creating index + add mapping to the index
                 log.info("Creating index with name: " + index);
                 CreateIndexRequest request = new CreateIndexRequest(index, settings);
-                request.source("{\"mappings\":" + mapping + "}", XContentType.JSON);
+                //request.source("{\"mappings\":" + mapping + "}", XContentType.JSON);
                 request.timeout(REQUEST_TIMEOUT);
                 CreateIndexResponse response = client.indices().create(request, RequestOptions.DEFAULT);
 
@@ -268,6 +281,29 @@ public class ElasticUtils {
                     .setSocketTimeout(REST_CLIENT_SOCKET_TIMEOUT));
             builder.setMaxRetryTimeoutMillis(REST_CLIENT_RETRY_TIMEOUT);
 
+            SSLContext sslContext = SSLContext.getInstance("SSL");
+
+         // set up a TrustManager that trusts everything
+            sslContext.init(null, new TrustManager[] { new X509TrustManager() {
+            	public X509Certificate[] getAcceptedIssuers() {
+            		System.out.println("getAcceptedIssuers =============");
+            		return null;
+            	}
+
+            	public void checkClientTrusted(X509Certificate[] certs,
+            			String authType) {
+            		System.out.println("checkClientTrusted =============");
+            	}
+
+            	public void checkServerTrusted(X509Certificate[] certs,
+            			String authType) {
+            		System.out.println("checkServerTrusted =============");
+            	}
+            } }, new SecureRandom());
+
+
+            
+            
             Header[] defaultHeaders = new Header[]{
                     new BasicHeader("client.transport.nodes_sampler_interval", "30s"),
                     new BasicHeader("client.transport.ping_timeout", "30s"),
@@ -277,8 +313,18 @@ public class ElasticUtils {
                     new BasicHeader("xpack.security.transport.ssl.enabled", Boolean.toString(true)),
                     new BasicHeader("Authorization", String.format("Basic %s", Base64.getEncoder().encodeToString(rawString.getBytes()))),
             };
-
-            builder.setDefaultHeaders(defaultHeaders);
+            
+
+            builder.setHttpClientConfigCallback(new HttpClientConfigCallback() {
+                @Override
+                public HttpAsyncClientBuilder customizeHttpClient(
+                        HttpAsyncClientBuilder httpClientBuilder) {
+                    return httpClientBuilder
+                    		.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER)
+                    		.setSSLContext(sslContext);
+                }
+            })
+            .setDefaultHeaders(defaultHeaders);
             restHighLevelClient = new RestHighLevelClient(builder);
 
         } catch (Exception e) {
-- 
GitLab