package org.shredzone.acme4j.provider.pebble;

import jakarta.annotation.ParametersAreNonnullByDefault;
import java.io.IOException;
import java.io.InputStream;
import java.net.HttpURLConnection;
import java.net.Proxy;
import java.net.URL;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import javax.annotation.concurrent.ThreadSafe;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManagerFactory;
import org.shredzone.acme4j.connector.HttpConnector;

@ThreadSafe
@ParametersAreNonnullByDefault
/* loaded from: input_file:org/shredzone/acme4j/provider/pebble/PebbleHttpConnector.class */
public class PebbleHttpConnector extends HttpConnector {
    private static HostnameVerifier ALLOW_ALL_HOSTNAME_VERIFIER = new HostnameVerifier() { // from class: org.shredzone.acme4j.provider.pebble.PebbleHttpConnector.1
        @Override // javax.net.ssl.HostnameVerifier
        public boolean verify(String str, SSLSession sSLSession) {
            return true;
        }
    };
    private static SSLSocketFactory sslSocketFactory;

    @Override // org.shredzone.acme4j.connector.HttpConnector
    public HttpURLConnection openConnection(URL url, Proxy proxy) throws IOException {
        HttpURLConnection openConnection = super.openConnection(url, proxy);
        if (openConnection instanceof HttpsURLConnection) {
            HttpsURLConnection httpsURLConnection = (HttpsURLConnection) openConnection;
            httpsURLConnection.setSSLSocketFactory(createSocketFactory());
            httpsURLConnection.setHostnameVerifier(ALLOW_ALL_HOSTNAME_VERIFIER);
        }
        return openConnection;
    }

    protected synchronized SSLSocketFactory createSocketFactory() throws IOException {
        if (sslSocketFactory == null) {
            try {
                InputStream resourceAsStream = getClass().getResourceAsStream("/org/shredzone/acme4j/provider/pebble/pebble.truststore");
                Throwable th = null;
                try {
                    KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                    keyStore.load(resourceAsStream, "acme4j".toCharArray());
                    TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                    trustManagerFactory.init(keyStore);
                    SSLContext sSLContext = SSLContext.getInstance("TLS");
                    sSLContext.init(null, trustManagerFactory.getTrustManagers(), null);
                    sslSocketFactory = sSLContext.getSocketFactory();
                    if (resourceAsStream != null) {
                        if (0 != 0) {
                            try {
                                resourceAsStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            resourceAsStream.close();
                        }
                    }
                } finally {
                }
            } catch (KeyManagementException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
                throw new IOException("Could not create truststore", e);
            }
        }
        return sslSocketFactory;
    }
}
