Project

General

Profile

Task #7600

Story #7586: LogAggregation fails for MN in production with handshake alert

Task #7591: USANPN fails with TLS SNI handshake alert

Write a simple test for USANPN

Added by Robert Waltz almost 6 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Robert Waltz
Category:
Environment.Production
Target version:
Start date:
2016-01-21
Due date:
% Done:

100%

Milestone:
None
Product Version:
*
Story Points:
Sprint:

Description

This is the code. Not very safe way to do tls validation (trusts all certs), but effective for a simple test.

package org.dataone.test.usanpn;

import java.io.InputStream;

import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;

import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.utils.URIBuilder;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.ssl.SSLContextBuilder;
import org.apache.http.ssl.TrustStrategy;

/**
* A simple program to test the response of an apache server
* related to redmine issue #7591
*
*/
public class Main {

private static String host = "mynpn.usanpn.org";
private static String restPath = "/knb/d1/mn/v1/object";

public static void main(String[] args) {
    try {
        SSLContext sslContext;

        sslContext = new SSLContextBuilder().loadTrustMaterial(null, new TrustStrategy() {

            public boolean isTrusted(X509Certificate[] xcs, String string) throws CertificateException {
                return true;
            }
        }).build();

        // Skip hostname checks 
        HostnameVerifier hostnameVerifier = NoopHostnameVerifier.INSTANCE;
        SSLConnectionSocketFactory sslSocketFactory = new SSLConnectionSocketFactory(sslContext, hostnameVerifier);

        CloseableHttpClient httpClient = HttpClients.custom()
                .setSSLSocketFactory(sslSocketFactory)
                .build();
        URIBuilder builder = new URIBuilder();
        builder.setScheme("https").setHost(host).setPath(restPath)
                .setParameter("count", "0")
                .setParameter("start", "0");

        HttpGet httpget = new HttpGet(builder.build());
        CloseableHttpResponse response = httpClient.execute(httpget);
        int statusCode = response.getStatusLine().getStatusCode();
        InputStream inputStream = response.getEntity().getContent();
        if (statusCode == 200) {
            System.out.println("Success!");
            System.exit(0);
        }
    } catch (Exception e) {
        e.printStackTrace();
        System.exit(1);
    }

}

}

Also available in: Atom PDF

Add picture from clipboard (Maximum size: 14.8 MB)