gistfile1.java

package com.jeraff.sell.net.apiclient.sentry;

import javax.net.ssl.*;
import java.security.KeyStore;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Collection;
import java.util.List;

public class TrustSentry {
    public TrustSentry() throws SentryTrustException {
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init((KeyStore) null);

            X509TrustManager defaultTrustManager = null;
            for (TrustManager trustManager : trustManagerFactory.getTrustManagers()) {
                if (trustManager instanceof X509TrustManager) {
                    defaultTrustManager = (X509TrustManager) trustManager;
                }
            }

            final X509TrustManager finalDefaultTrustManager = defaultTrustManager;

            X509TrustManager sentryTrustManager = new X509TrustManager() {
                private static final String GET_SENTRY_COM = "getsentry.com";

                @Override
                public void checkClientTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {
                    return;
                }

                @Override
                public void checkServerTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {
                    for (X509Certificate cert : x509Certificates) {
                        Collection<List<?>> alternativeNames = cert.getSubjectAlternativeNames();
                        for (List<?> alternativeName : alternativeNames) {
                            for (Object o : alternativeName) {
                                if (o instanceof String && o.toString().equalsIgnoreCase(GET_SENTRY_COM)) {
                                    return;
                                }
                            }
                        }
                    }

                    if (finalDefaultTrustManager != null) {
                        finalDefaultTrustManager.checkServerTrusted(x509Certificates, s);
                    } else {
                        throw new CertificateException("No available default trust managers...");
                    }
                }

                public X509Certificate[] getAcceptedIssuers() {
                    return null;
                }
            };

            SSLContext sc = SSLContext.getInstance("SSL");
            sc.init(null, new TrustManager[]{sentryTrustManager}, new java.security.SecureRandom());
            HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());

            HostnameVerifier allHostsValid = new HostnameVerifier() {
                @Override
                public boolean verify(String s, SSLSession sslSession) {
                    return false;
                }
            };
        } catch (Exception e) {
            throw new SentryTrustException(e);
        }
    }

    public static class SentryTrustException extends Exception {
        public SentryTrustException() {
        }

        public SentryTrustException(String message) {
            super(message);
        }

        public SentryTrustException(String message, Throwable cause) {
            super(message, cause);
        }

        public SentryTrustException(Throwable cause) {
            super(cause);
        }

        public SentryTrustException(String message, Throwable cause, boolean enableSuppression, boolean writableStackTrace) {
            super(message, cause, enableSuppression, writableStackTrace);
        }
    }
}