javassltls1.2sslsocketfactory

How to retrieve the KeyManager, TrustManager, and SecureRandom object being used by the SSL Client?

I'm trying to create an SSL Socket factory that performs the handshake w/ the TSLv1.2 protocol.

What I have so far [UPDATED 1/18]:

SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
ServerSocketFactory sf = SSLServerSocketFactory.getDefault();
KeyManager[] km = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()).getKeyManagers();
TrustManager[] tm = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()).getTrustManagers();
SecureRandom random = new SecureRandom();
sslContext.init(km, tm, random);
requestContext.put(BindingProviderProperties.SSL_SOCKET_FACTORY, sslContext.getSocketFactory());

I was hoping to grab the KeyManager, TrustManager, and SecureRandom objects from SSLServerSocketFactory.getDefault(), but there are no getters for this.
Is ther another place I could pull this from? or a more efficient way to do this?

I don't want to create the Key and Trust managers manually to avoid the need for system specific configurations.

Full Method for reference:

    public MyOutBoundClientWSImpl(URL wsdlUrl){
        super(wsdlUrl, serviceName);
        this.wsUrl=wsdlUrl;
        this.mService = this.getMySoapHttpPort();
        Map<String, Object> requestContext = ((BindingProvider)mService).getRequestContext();
        requestContext.put(BindingProviderProperties.REQUEST_TIMEOUT, REQUEST_TIMEOUT); // Timeout in millis
        requestContext.put(BindingProviderProperties.CONNECT_TIMEOUT, CONNECT_TIMEOUT); // Timeout in millis
        try {
            SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
            ServerSocketFactory sf = SSLServerSocketFactory.getDefault();
            KeyManager[] km = ??;
            TrustManager[] tm = ??;
            SecureRandom random = ??;
            sslContext.init(km, tm, random);
            requestContext.put(BindingProviderProperties.SSL_SOCKET_FACTORY, sslContext.getSocketFactory());
        } catch (NoSuchAlgorithmException e) {
            throw new IllegalArgumentException(e.getMessage(), e);
        }
    }
Solution

  • Check official documentation :

    https://docs.oracle.com/javase/7/docs/api/javax/net/ssl/SSLContext.html

    public final void init(KeyManager[] km,
        TrustManager[] tm,
        SecureRandom random)
                throws KeyManagementException

    Initializes this context. Either of the first two parameters may be null in which case the installed security providers will be searched for the highest priority implementation of the appropriate factory. Likewise, the secure random parameter may be null in which case the default implementation will be used.

    Turns out this was very easy to do, you just have to pass all nulls to the init method.

        public MyOutBoundClientWSImpl(URL wsdlUrl){
        super(wsdlUrl, serviceName);
        this.wsUrl=wsdlUrl;
        this.mService = this.getMySoapHttpPort();
        Map<String, Object> requestContext = ((BindingProvider)mService).getRequestContext();
        requestContext.put(BindingProviderProperties.REQUEST_TIMEOUT, REQUEST_TIMEOUT); // Timeout in millis
        requestContext.put(BindingProviderProperties.CONNECT_TIMEOUT, CONNECT_TIMEOUT); // Timeout in millis
        try {
            SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
            KeyManager[] km = null;
            TrustManager[] tm = null;
            SecureRandom random = null;                
            sslContext.init(km, tm, random);
            requestContext.put(BindingProviderProperties.SSL_SOCKET_FACTORY, sslContext.getSocketFactory());
        } catch (NoSuchAlgorithmException e) {
            throw new IllegalArgumentException(e.getMessage(), e);
        }
    }