search

scravy / waitfor-maven-plugin

Wait for a URL to become available
BSD 2-Clause "Simplified" License
7 stars 4 forks source link

Insecure flag does not work #12

Open robert-farkas-dedalus opened 12 months ago

robert-farkas-dedalus commented 12 months ago

Hi!

I am trying to use the plugin with HTTPS and even if I use the insecure flag with true, I am getting SSLHandshakeException exception:

`

wait-for-environment-to-be-up waitfor pre-integration-test ${test.startup.timeoutSeconds} 2000 true https://${env.PROXY_HOST}:18443/health/live 
        </executions>`

Error:

[INFO] >>> Checking https://172.23.125.61:18443/health/live... [INFO] [WARNING] https://172.23.125.61:18443/health/live failed (javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target)

I checked the code and modified a little bit which works fine for me, resulting output: Executing request GET https://172.23.125.61:18443/health/live HTTP/1.1 !!!!!!!!!!!!!!!!!!!!1 finished

Could you please check the code in version 1.4 and use code below if it helps in the fix?

Code:

`import java.security.KeyManagementException; import java.security.KeyStoreException; import java.security.NoSuchAlgorithmException; import java.security.cert.CertificateException; import java.security.cert.X509Certificate;

import org.apache.http.client.methods.HttpGet; import org.apache.http.conn.ssl.NoopHostnameVerifier; import org.apache.http.conn.ssl.SSLConnectionSocketFactory; import org.apache.http.conn.ssl.TrustStrategy; import org.apache.http.impl.client.CloseableHttpClient; import org.apache.http.impl.client.HttpClients; import org.apache.http.ssl.SSLContextBuilder; import org.junit.jupiter.api.Test; import org.junit.jupiter.api.extension.ExtendWith; import org.mockito.junit.jupiter.MockitoExtension;

@ExtendWith(MockitoExtension.class) class HttpClientTest {

@Test
void testUpdateObservation() throws Exception {
    try (CloseableHttpClient httpclient = createAcceptSelfSignedCertificateClient()) {
        HttpGet httpget = new HttpGet("https://172.23.125.61:18443/health/live");
        System.out.println("Executing request " + httpget.getRequestLine());

        httpclient.execute(httpget);
        System.out.println("!!!!!!!!!!!!!!!!!!!!1 finished");
    } catch (Exception e) {
        throw new RuntimeException(e);
    }
}

private CloseableHttpClient createAcceptSelfSignedCertificateClient() {
    try {
        final SSLContextBuilder builder = new SSLContextBuilder();
        builder.loadTrustMaterial(null, new TrustStrategy() {

            @Override
            public boolean isTrusted(X509Certificate[] chain, String authType) throws CertificateException {
                return true;
            }

        });
        final SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(builder.build(), NoopHostnameVerifier.INSTANCE);

        CloseableHttpClient httpclient = HttpClients
                .custom()
                .setSSLSocketFactory(sslsf)
                .build();

        return httpclient;
    } catch (NoSuchAlgorithmException|KeyStoreException|KeyManagementException e) {
        System.out.println("Can not generate the ssl context for self signed certificates. " + e.getMessage());
        return null;
    }
}

}`

dedalusMohantyMa commented 10 months ago

I have the same issue. Insecure flag does not work on my endpoints.