New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SSL with self-signed certificates #652

Closed
hlg opened this Issue Nov 13, 2017 · 3 comments

Comments

Projects
None yet
2 participants
@hlg
Member

hlg commented Nov 13, 2017

I have extended JsonBimServerClientFactory and JsonSocketReflectorFactory to allow for connections over SSL to servers that present a self-signed certificate. You can specify which certificate to trust when instantiating the client factory: https://github.com/hlg/bimservershell/tree/master/src/main/java

Maybe this could be integrated into the original factories?

@hlg

This comment has been minimized.

Show comment
Hide comment
@hlg

hlg Nov 13, 2017

Member

Alternatively, instead of passing in the trusted certificate, the HttpClient could be created with HttpClients.createSystem() or a builder with HttpClients.custom().useSystemProperties(). Then the location of a Java keystore with trusted certificates can be specified via system properties javax.net.ssl.trustStore and possibly javax.net.ssl.trustStorePassword.

Member

hlg commented Nov 13, 2017

Alternatively, instead of passing in the trusted certificate, the HttpClient could be created with HttpClients.createSystem() or a builder with HttpClients.custom().useSystemProperties(). Then the location of a Java keystore with trusted certificates can be specified via system properties javax.net.ssl.trustStore and possibly javax.net.ssl.trustStorePassword.

@rubendel

This comment has been minimized.

Show comment
Hide comment
@rubendel

rubendel Nov 20, 2017

Member

Thansk @hlg, any chance you could provide a pull request for these upgrades?

Member

rubendel commented Nov 20, 2017

Thansk @hlg, any chance you could provide a pull request for these upgrades?

@hlg

This comment has been minimized.

Show comment
Hide comment
@hlg

hlg Nov 21, 2017

Member

Yes, I can. But since I do not understand all the design decisions there, I worried that I might not overview the consequences of certain changes and break something. Because of that I did not touch the original factories and the result is a bit awkward. You may want to review and improve the code once I have sent the request.

Member

hlg commented Nov 21, 2017

Yes, I can. But since I do not understand all the design decisions there, I worried that I might not overview the consequences of certain changes and break something. Because of that I did not touch the original factories and the result is a bit awkward. You may want to review and improve the code once I have sent the request.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment