3636public class HttpService {
3737 // For debugging purposes
3838 private static final boolean VERBOSE_REQUESTS = false ;
39- public static boolean useTLS = false ;
39+ public static boolean useTLS = false ;
4040 protected static SSLSecurityProtocol sslSecurityProtocol = null ;
4141
4242 /**
4343 * Boolean flag for validating certificates at either of the sides (client/server).
44- * If true, then it will check and validate relevant certificates otherwise, in case of false, it will accept all certificates by default.
45- * While working in localhost OR development environment, FALSE is set. But for PROD environment, TRUE is strongly recommended.
44+ * If true, then it will check and validate relevant certificates otherwise, in case of false, it will accept all certificates.
45+ * For PROD environment, TRUE is strongly recommended, whereas working in localhost OR development environment, FALSE is used.
46+ * Default Value: TRUE
4647 */
47- protected static boolean validateCertificates = false ;
48+ public static boolean validateCertificates = true ;
4849
49- private static SSLSocketFactory sslSocketFactory = createSSLFactory (validateCertificates );
50+ private static SSLSocketFactory sslSocketFactory = createSSLFactory ();
5051 private static String HTTPS_SCHEME = "https" ;
5152 private static String HTTP_SCHEME = "http" ;
5253 private static String HOSTNAME = "localhost" ;
@@ -219,7 +220,7 @@ public static void setSslSecurityProtocol(SSLSecurityProtocol securityProtocol)
219220 // Only update the SSL_SOCKET_FACTORY if changing protocols
220221 if (sslSecurityProtocol != securityProtocol ) {
221222 sslSecurityProtocol = securityProtocol ;
222- sslSocketFactory = new SplunkHttpsSocketFactory (createSSLFactory (validateCertificates ));
223+ sslSocketFactory = new SplunkHttpsSocketFactory (createSSLFactory ());
223224 }
224225 }
225226
@@ -423,8 +424,9 @@ public ResponseMessage send(String path, RequestMessage request) {
423424 throw new RuntimeException (e .getMessage (), e );
424425 }
425426 if (cn instanceof HttpsURLConnection ) {
426- // sslSocketFactory instance will be created based on the above flag "validateCertificate".
427- ((HttpsURLConnection ) cn ).setSSLSocketFactory (sslSocketFactory );
427+ if (!validateCertificates ) {
428+ ((HttpsURLConnection ) cn ).setSSLSocketFactory (sslSocketFactory );
429+ }
428430 ((HttpsURLConnection ) cn ).setHostnameVerifier (HOSTNAME_VERIFIER );
429431 }
430432 cn .setUseCaches (false );
@@ -529,7 +531,7 @@ public static SSLSocketFactory getSSLSocketFactory() {
529531 return HttpService .sslSocketFactory ;
530532 }
531533
532- public static SSLSocketFactory createSSLFactory (boolean validateCertificate ) {
534+ public static SSLSocketFactory createSSLFactory () {
533535
534536 try {
535537 String contextStr = "" ;
@@ -542,24 +544,21 @@ public static SSLSocketFactory createSSLFactory(boolean validateCertificate) {
542544 }
543545 SSLContext context = SSLContext .getInstance (contextStr );
544546
545- if (validateCertificate ) {
546- // TODO: Validate certificates.
547- } else {
548- TrustManager [] trustAll = new TrustManager []{
549- new X509TrustManager () {
550- public X509Certificate [] getAcceptedIssuers () {
551- return null ;
552- }
547+ TrustManager [] trustAll = new TrustManager []{
548+ new X509TrustManager () {
549+ public X509Certificate [] getAcceptedIssuers () {
550+ return null ;
551+ }
553552
554- public void checkClientTrusted (X509Certificate [] certs , String authType ) {
555- }
553+ public void checkClientTrusted (X509Certificate [] certs , String authType ) {
554+ }
556555
557- public void checkServerTrusted (X509Certificate [] certs , String authType ) {
558- }
556+ public void checkServerTrusted (X509Certificate [] certs , String authType ) {
559557 }
560- };
561- context .init (null , trustAll , new java .security .SecureRandom ());
562- }
558+ }
559+ };
560+ context .init (null , trustAll , new java .security .SecureRandom ());
561+
563562
564563 return new SplunkHttpsSocketFactory (context .getSocketFactory ());
565564 } catch (Exception e ) {
0 commit comments