package com.ibm.wbimonitor.ute.itc.emitter;

import com.ibm.wbimonitor.ute.itc.LoggerUtility;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.security.KeyStore;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.logging.Level;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: input_file:monitorItc.jar:com/ibm/wbimonitor/ute/itc/emitter/CertificateManager.class */
public class CertificateManager {
    public static final String COPYRIGHT = "Copyright IBM Corporation 2009.";
    public static final String TEMP_TRUST_STORE = String.valueOf(System.getProperty("java.io.tmpdir")) + File.separatorChar + "tempTrust.store";
    public static final String PASSWORD = "changeit";
    private static KeyStore keyStore;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:monitorItc.jar:com/ibm/wbimonitor/ute/itc/emitter/CertificateManager$SavingTrustManager.class */
    public static class SavingTrustManager implements X509TrustManager {
        private final X509TrustManager tm;
        private X509Certificate[] chain;

        SavingTrustManager(X509TrustManager x509TrustManager) {
            this.tm = x509TrustManager;
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            throw new UnsupportedOperationException();
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            throw new UnsupportedOperationException();
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            this.chain = x509CertificateArr;
            this.tm.checkServerTrusted(x509CertificateArr, str);
        }
    }

    public static SSLSocketFactory getSSLSocketFactory() throws Exception {
        initialize();
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(keyStore);
        SavingTrustManager savingTrustManager = new SavingTrustManager((X509TrustManager) trustManagerFactory.getTrustManagers()[0]);
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(null, new TrustManager[]{savingTrustManager}, null);
        return sSLContext.getSocketFactory();
    }

    public static void createTempCertificate(String str, int i) {
        try {
            File file = new File(TEMP_TRUST_STORE);
            if (!file.exists()) {
                file.createNewFile();
            }
            FileOutputStream fileOutputStream = new FileOutputStream(file);
            if (createCertificate(str, i)) {
                keyStore.store(fileOutputStream, PASSWORD.toCharArray());
            }
            fileOutputStream.close();
        } catch (Exception e) {
            LoggerUtility.getLogger().severe(("Failed to get the certificate from the target server: " + str).toString());
            LoggerUtility.exceptionToLogger(e);
        }
    }

    public static boolean createCertificate(String str, int i) throws Exception {
        initialize();
        String alias = getAlias(str, i);
        if (keyStore.containsAlias(alias)) {
            return true;
        }
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(keyStore);
        SavingTrustManager savingTrustManager = new SavingTrustManager((X509TrustManager) trustManagerFactory.getTrustManagers()[0]);
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(null, new TrustManager[]{savingTrustManager}, null);
        SSLSocket sSLSocket = (SSLSocket) sSLContext.getSocketFactory().createSocket(str, i);
        sSLSocket.setSoTimeout(10000);
        try {
            sSLSocket.startHandshake();
            sSLSocket.close();
        } catch (SSLException unused) {
        }
        X509Certificate[] x509CertificateArr = savingTrustManager.chain;
        if (x509CertificateArr == null) {
            LoggerUtility.console(Level.SEVERE, "Can not obtain the certificate chain from the target server, please check the host and port of the target server.");
            return false;
        }
        keyStore.setCertificateEntry(alias, x509CertificateArr[0]);
        if (sSLSocket == null || sSLSocket.isClosed()) {
            return true;
        }
        sSLSocket.close();
        return true;
    }

    private static void initialize() throws Exception {
        if (keyStore == null) {
            keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            char c = File.separatorChar;
            FileInputStream fileInputStream = new FileInputStream(new File(new File(String.valueOf(System.getProperty("java.home")) + c + "lib" + c + "security"), "cacerts"));
            keyStore.load(fileInputStream, PASSWORD.toCharArray());
            fileInputStream.close();
        }
    }

    private static String getAlias(String str, int i) {
        return String.valueOf(str) + "-" + i;
    }
}
