I'm trying to use portions of the samples on Github for vsphere-automation-sdk-java (in particular ExternalPscSsoWorkflow.java) and I have a question about the SSL connections that are made to the VC STS to get a Saml bearer token using a username and password. The sample code just turns off certificate checking in SsoHelper.java when connecting to the STS. How can I make this connection secure by validating the certificate using a TrustStore. I cannot change the configuration at the JVM level because there are other clients in my JVM making their own TLS connections. So I don't want to do things like HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory()) as in the samples, as I think that would affect all clients. Is there a way that I can create and pass an instance of SSLSocketFactory (or something similar) that will only be used by the vsphere-automation-sdk-java libraries for making TLS connections?
↧