in src/main/java/org/opensearch/performanceanalyzer/http_action/config/PerformanceAnalyzerResourceProvider.java [86:140]
public PerformanceAnalyzerResourceProvider(Settings settings, RestController controller) {
PluginSettings pluginSettings = PluginSettings.instance();
portNumber =
pluginSettings.getSettingValue("webservice-listener-port", DEFAULT_PORT_NUMBER);
isHttpsEnabled = pluginSettings.getHttpsEnabled();
if (isHttpsEnabled) {
// skip host name verification
// Create a trust manager that does not validate certificate chains
TrustManager[] trustAllCerts =
new TrustManager[] {
new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkClientTrusted(
X509Certificate[] certs, String authType) {}
public void checkServerTrusted(
X509Certificate[] certs, String authType) {}
}
};
// Install the all-trusting trust manager
try {
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new java.security.SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
} catch (AccessControlException e) {
LOG.warn(
"SecurityManager forbids setting default SSL Socket Factory...using default settings",
e);
} catch (Exception e) {
LOG.warn(
"Error encountered while initializing SSLContext...using default settings",
e);
}
// Create all-trusting host name verifier
HostnameVerifier allHostsValid = (hostname, session) -> true;
// Attempt to install the all-trusting host verifier
try {
HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid);
} catch (AccessControlException e) {
LOG.warn(
"SecurityManager forbids setting default hostname verifier...using default settings",
e);
} catch (Exception e) {
LOG.warn(
"Error encountered while initializing hostname verifier...using default settings",
e);
}
}
}