[BAEL-4448] Added examples for setting TLS version in HttpClient
This commit is contained in:
joe
@@ -0,0 +1,73 @@
|
|||||||
|
package com.baeldung
|
||||||
|
|
||||||
|
import org.apache.http.HttpEntity;
|
||||||
|
import org.apache.http.client.methods.CloseableHttpResponse;
|
||||||
|
import org.apache.http.client.methods.HttpGet;
|
||||||
|
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
|
||||||
|
import org.apache.http.impl.client.CloseableHttpClient;
|
||||||
|
import org.apache.http.impl.client.HttpClients;
|
||||||
|
import org.apache.http.ssl.SSLContexts;
|
||||||
|
import org.apache.http.util.EntityUtils;
|
||||||
|
|
||||||
|
import javax.net.ssl.SSLSocket;
|
||||||
|
import java.net.InetSocketAddress;
|
||||||
|
import java.net.SocketAddress;
|
||||||
|
|
||||||
|
public class ClientTlsVersionExmaples{
|
||||||
|
|
||||||
|
public static CloseableHttpClient setViaSocketFactory(){
|
||||||
|
SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(
|
||||||
|
SSLContexts.createDefault(),
|
||||||
|
new String[] {"TLSv1.2", "TLSv1.3"},
|
||||||
|
null,
|
||||||
|
SSLConnectionSocketFactory.getDefaultHostnameVerifier());
|
||||||
|
|
||||||
|
return HttpClients.custom().setSSLSocketFactory(sslsf).build();
|
||||||
|
}
|
||||||
|
|
||||||
|
public static CloseableHttpClient setTlsVersionPerConnection() {
|
||||||
|
SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(SSLContexts.createDefault()){
|
||||||
|
|
||||||
|
@Override
|
||||||
|
protected void prepareSocket(SSLSocket socket) {
|
||||||
|
String[] enabledProtocols = new String[] {"TLSv1.3"};
|
||||||
|
|
||||||
|
SocketAddress remoteAddr = socket.getRemoteSocketAddress();
|
||||||
|
if (remoteAddr instanceof InetSocketAddress){
|
||||||
|
String hostname = ((InetSocketAddress) remoteAddr).getHostName();
|
||||||
|
if (hostname.endsWith("internal.system.com")){
|
||||||
|
enabledProtocols = new String[] { "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3" };
|
||||||
|
}
|
||||||
|
}
|
||||||
|
socket.setEnabledProtocols(enabledProtocols);
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
return HttpClients.custom().setSSLSocketFactory(sslsf).build();
|
||||||
|
}
|
||||||
|
|
||||||
|
// To set the TLS versions for the client, set the https.protocols system property during runtime.
|
||||||
|
// For example: java -Dhttps.protocols=TLSv1.1,TLSv1.2,TLSv1.3 -jar webClient.jar
|
||||||
|
public static CloseableHttpClient setViaSystemProperties(){
|
||||||
|
return HttpClients.createSystem();
|
||||||
|
//alternatively
|
||||||
|
//return HttpClients.custom().useSystemProperties().build();
|
||||||
|
}
|
||||||
|
|
||||||
|
public static void main(String[] args) throws Exception {
|
||||||
|
|
||||||
|
CloseableHttpClient httpClient = setTlsVersionPerConnection();
|
||||||
|
//HttpClient httpClient = setViaSocketFactory();
|
||||||
|
//HttpClient httpClient = setViaSystemProperties();
|
||||||
|
|
||||||
|
try {
|
||||||
|
try (CloseableHttpResponse response = httpClient.execute(new HttpGet("https://httpbin.org/"))) {
|
||||||
|
HttpEntity entity = response.getEntity();
|
||||||
|
EntityUtils.consume(entity);
|
||||||
|
}
|
||||||
|
} finally {
|
||||||
|
httpClient.close();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
Reference in New Issue
Block a user