accept defaultGroupKey in Http2Client.SSL - #423 (#424)

client/src/main/java/com/networknt/client/Http2Client.java

@@ -461,7 +461,9 @@ private static KeyStore loadKeyStore(final String name, final char[] password) t
      * @throws IOException
      */
     public static SSLContext createSSLContext() throws IOException {
-    	return createSSLContext(null);
+    	Map<String, Object> tlsMap = (Map<String, Object>)config.get(TLS);
+
+    	return null==tlsMap?null:createSSLContext((String)tlsMap.get(TLSConfig.DEFAULT_GROUP_KEY));
     }
 
     /**

client/src/main/java/com/networknt/client/ssl/TLSConfig.java

@@ -37,8 +37,13 @@
 public class TLSConfig {
 	private static final Logger logger = LoggerFactory.getLogger(TLSConfig.class);
 	private static final Map<String, TLSConfig> memcache = new ConcurrentHashMap<>();
-
+	// config item that specifies whether hostname verification should be enabled or not
     public static final String VERIFY_HOSTNAME="verifyHostname";
+    // config item that specifies the default trustedNames group used to created default SSL context. 
+    // This is used to create Http2Client.SSL if set.
+    public static final String DEFAULT_GROUP_KEY="defaultGroupKey";
+    //trusted hostnames, service names, service Ids, and so on.
+    // Note: localhost and 127.0.0.1 are not trustable hostname/ip in general. So, these values should not be used as trusted names in production.
     public static final String TRUSTED_NAMES="trustedNames";
     public static final String CONFIG_LEVEL_DELIMITER = "\\.";
 

client/src/test/java/com/networknt/client/Http2ClientTest.java

@@ -827,7 +827,7 @@ public void standard_https_hostname_check_kicks_in_if_trustednames_are_empty() t
     @Test(expected=ClosedChannelException.class)
     public void standard_https_hostname_check_kicks_in_if_trustednames_are_not_used_or_not_provided() throws Exception{
     	final Http2Client client = createClient();
-        SSLContext context = Http2Client.createSSLContext();
+        SSLContext context = Http2Client.createSSLContext(null);
         XnioSsl ssl = new UndertowXnioSsl(worker.getXnio(), OptionMap.EMPTY, Http2Client.BUFFER_POOL, context);
 
         client.connect(new URI("https://127.0.0.1:7778"), worker, ssl, Http2Client.BUFFER_POOL, OptionMap.create(UndertowOptions.ENABLE_HTTP2, true)).get();
@@ -836,6 +836,16 @@ public void standard_https_hostname_check_kicks_in_if_trustednames_are_not_used_
         fail();
     }   
 
+    @Test
+    public void default_group_key_is_used_in_Http2Client_SSL() throws Exception{
+    	final Http2Client client = createClient();
+        final ClientConnection connection = client.connect(new URI("https://localhost:7778"), worker, Http2Client.SSL, Http2Client.BUFFER_POOL, OptionMap.create(UndertowOptions.ENABLE_HTTP2, true)).get();
+
+        assertTrue(connection.isOpen());
+
+        IoUtils.safeClose(connection);
+    }
+
     @Test
     public void invalid_hostname_is_accepted_if_verifyhostname_is_disabled() throws Exception{
     	final Http2Client client = createClient();

client/src/test/resources/config/client.yml

@@ -2,7 +2,9 @@
 tls:
   # if the server is using self-signed certificate, this need to be false.
   verifyHostname: true
-  # trused hostnames, service names, service Ids, and so on.
+  # The default trustedNames group used to created default SSL context. This is used to create Http2Client.SSL if set.
+  defaultGroupKey: trustedNames.local
+  # trusted hostnames, service names, service Ids, and so on.
   # Note: localhost and 127.0.0.1 are not trustable hostname/ip in general. So, these values should not be used as trusted names in production.
   trustedNames: 
     local: localhost