checkNotNull(context);
checkNotNull(host);
log.info("Retrieving certificate from https://{}:{}", host, port);
Builder httpClientBuilder = null;
HttpClientConnectionManager connectionManager = null;
try {
final AtomicReference<Certificate[]> chain = new AtomicReference<Certificate[]>();
final SSLContext sc = SSLContext.getInstance("TLS");
sc.init(null, new TrustManager[]{ACCEPT_ALL_TRUST_MANAGER}, null);
final SSLConnectionSocketFactory sslSocketFactory = new SSLConnectionSocketFactory(sc, SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
final Registry<ConnectionSocketFactory> registry = RegistryBuilder.<ConnectionSocketFactory>create()
.register("http", PlainConnectionSocketFactory.getSocketFactory())
.register("https", sslSocketFactory).build();
httpClientBuilder = httpClientFactory.prepare(new RemoteStorageContextCustomizer(context));
connectionManager = new BasicHttpClientConnectionManager(registry);
httpClientBuilder.getHttpClientBuilder().setConnectionManager(connectionManager);
httpClientBuilder.getHttpClientBuilder().addInterceptorFirst(
new HttpResponseInterceptor()
{
@Override
public void process(final HttpResponse response, final HttpContext context)
throws HttpException, IOException
{
final ManagedHttpClientConnection connection = HttpCoreContext.adapt(context).getConnection(ManagedHttpClientConnection.class);
if (connection != null) {
SSLSession session = connection.getSSLSession();
if (session != null) {
chain.set(session.getPeerCertificates());
}
}
}
});
httpClientBuilder.build().execute(new HttpGet("https://" + host + ":" + port));
return chain.get();
}
finally {
if (connectionManager != null) {
connectionManager.shutdown();