Add VerifyCertificate

Corsinvest · Apr 2, 2024 · da892ef · da892ef
1 parent f8ee968
commit da892ef
Show file tree

Hide file tree

Showing 2 changed files with 55 additions and 34 deletions.
diff --git a/pom.xml b/pom.xml
@@ -5,7 +5,7 @@
     <modelVersion>4.0.0</modelVersion>
     <groupId>it.corsinvest.proxmoxve</groupId>
     <artifactId>cv4pve-api-java</artifactId>
-    <version>8.1.2</version>
+    <version>8.1.3</version>
     <packaging>jar</packaging>
     <name>cv4pve-api-java</name>
     <description>Corsinvest for Proxmox VE Client API Java</description>

diff --git a/src/main/java/it/corsinvest/proxmoxve/api/PveClientBase.java b/src/main/java/it/corsinvest/proxmoxve/api/PveClientBase.java
@@ -46,6 +46,7 @@ public class PveClientBase {
     private String _apiToken;
     private Proxy _proxy = Proxy.NO_PROXY;
     private int _timeout = 0;
+    private boolean _verifyCertificate = false;
 
     public PveClientBase(String hostname, int port) {
         _hostname = hostname;
@@ -70,6 +71,24 @@ public int getPort() {
         return _port;
     }
 
+    /**
+     * Get Verify Certificate
+     *
+     * @return bool
+     */
+    public boolean getVerifyCertificate() {
+        return _verifyCertificate;
+    }
+
+    /**
+     * Set proxy
+     *
+     * @param verifyCertificate
+     */
+    public void setVerifyCertificate(boolean verifyCertificate) {
+        _verifyCertificate = verifyCertificate;
+    }
+
     /**
      * Get proxy
      *
@@ -82,7 +101,7 @@ public Proxy getProxy() {
     /**
      * Set proxy
      *
-     * @return Proxy
+     * @param proxy
      */
     public void setProxy(Proxy proxy) {
         _proxy = proxy;
@@ -154,7 +173,7 @@ public boolean login(String username, String password) throws JSONException, Pve
      *
      * @param username user name
      * @param password password connection
-     * @param realm    pam/pve or custom
+     * @param realm pam/pve or custom
      *
      * @return boolean
      * @throws JSONException
@@ -170,8 +189,8 @@ public boolean login(String username, String password, String realm)
      *
      * @param username user name
      * @param password password connection
-     * @param realm    pam/pve or custom
-     * @param otp      One-time password for Two-factor authentication.
+     * @param realm pam/pve or custom
+     * @param otp One-time password for Two-factor authentication.
      *
      * @return boolean
      * @throws JSONException
@@ -212,7 +231,7 @@ public String getApiUrl() {
     /**
      * Execute method GET
      *
-     * @param resource   Url request
+     * @param resource Url request
      * @param parameters Additional parameters
      * @return Result
      * @throws JSONException
@@ -224,7 +243,7 @@ public Result get(String resource, Map<String, Object> parameters) throws JSONEx
     /**
      * Execute method PUT
      *
-     * @param resource   Url request
+     * @param resource Url request
      * @param parameters Additional parameters
      * @return Result
      * @throws JSONException
@@ -236,7 +255,7 @@ public Result set(String resource, Map<String, Object> parameters) throws JSONEx
     /**
      * Execute method POST
      *
-     * @param resource   Url request
+     * @param resource Url request
      * @param parameters Additional parameters
      * @return Result
      * @throws JSONException
@@ -248,7 +267,7 @@ public Result create(String resource, Map<String, Object> parameters) throws JSO
     /**
      * Execute method DELETE
      *
-     * @param resource   Url request
+     * @param resource Url request
      * @param parameters Additional parameters
      * @return Result
      * @throws JSONException
@@ -345,29 +364,31 @@ private Result executeAction(String resource, MethodType methodType, Map<String,
             });
         }
 
-        // Create a trust manager that does not validate certificate chains
-        TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
-            @Override
-            public java.security.cert.X509Certificate[] getAcceptedIssuers() {
-                return null;
-            }
+        if (!_verifyCertificate) {
+            // Create a trust manager that does not validate certificate chains
+            TrustManager[] trustAllCerts = new TrustManager[]{new X509TrustManager() {
+                @Override
+                public java.security.cert.X509Certificate[] getAcceptedIssuers() {
+                    return null;
+                }
 
-            @Override
-            public void checkClientTrusted(X509Certificate[] certs, String authType) {
-            }
+                @Override
+                public void checkClientTrusted(X509Certificate[] certs, String authType) {
+                }
 
-            @Override
-            public void checkServerTrusted(X509Certificate[] certs, String authType) {
+                @Override
+                public void checkServerTrusted(X509Certificate[] certs, String authType) {
+                }
+            }};
+
+            // Install the all-trusting trust manager
+            try {
+                SSLContext sc = SSLContext.getInstance("SSL");
+                sc.init(null, trustAllCerts, new java.security.SecureRandom());
+                HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
+            } catch (NoSuchAlgorithmException | KeyManagementException ex) {
+                Logger.getLogger(PveClientBase.class.getName()).log(Level.SEVERE, null, ex);
             }
-        } };
-
-        // Install the all-trusting trust manager
-        try {
-            SSLContext sc = SSLContext.getInstance("SSL");
-            sc.init(null, trustAllCerts, new java.security.SecureRandom());
-            HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
-        } catch (NoSuchAlgorithmException | KeyManagementException ex) {
-            Logger.getLogger(PveClientBase.class.getName()).log(Level.SEVERE, null, ex);
         }
 
         // Create all-trusting host name verifier
@@ -498,8 +519,8 @@ public Result getLastResult() {
      * Add indexed parameter
      *
      * @param parameters Parameters
-     * @param name       Name parameter
-     * @param value      Values
+     * @param name Name parameter
+     * @param value Values
      */
     public static void addIndexedParameter(Map<String, Object> parameters, String name, Map<Integer, String> value) {
         if (value != null) {
@@ -512,8 +533,8 @@ public static void addIndexedParameter(Map<String, Object> parameters, String na
     /**
      * Wait for task to finish
      *
-     * @param task    Task identifier
-     * @param wait    Millisecond wait next check
+     * @param task Task identifier
+     * @param wait Millisecond wait next check
      * @param timeOut Millisecond timeout
      * @return 0 Success
      * @throws JSONException
@@ -564,7 +585,7 @@ public String getExitStatusTask(String task) throws JSONException {
     /**
      * Convert JSONArray To List
      *
-     * @param <T>   Type of data
+     * @param <T> Type of data
      * @param array Array JSON
      * @return T List of Type of data
      * @throws JSONException