package com.ecwid.consul.transport;

import com.ecwid.consul.transport.TLSConfig;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.SecureRandom;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import org.apache.http.client.HttpClient;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.config.Registry;
import org.apache.http.config.RegistryBuilder;
import org.apache.http.conn.socket.ConnectionSocketFactory;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
import org.apache.http.ssl.SSLContexts;
import org.springframework.cloud.commons.httpclient.ApacheHttpClientConnectionManagerFactory;

/* loaded from: input_file:BOOT-INF/lib/consul-api-1.4.5.jar:com/ecwid/consul/transport/DefaultHttpsTransport.class */
public final class DefaultHttpsTransport extends AbstractHttpTransport {
    private final HttpClient httpClient;

    public DefaultHttpsTransport(TLSConfig tLSConfig) {
        try {
            KeyStore keyStore = KeyStore.getInstance(tLSConfig.getKeyStoreInstanceType().name());
            keyStore.load(new FileInputStream(tLSConfig.getCertificatePath()), tLSConfig.getCertificatePassword().toCharArray());
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(keyStore, tLSConfig.getCertificatePassword().toCharArray());
            KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
            KeyStore keyStore2 = KeyStore.getInstance(TLSConfig.KeyStoreInstanceType.JKS.name());
            keyStore2.load(new FileInputStream(tLSConfig.getKeyStorePath()), tLSConfig.getKeyStorePassword().toCharArray());
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore2);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            SSLContext build = SSLContexts.custom().loadTrustMaterial(new TrustSelfSignedStrategy()).build();
            build.init(keyManagers, trustManagers, new SecureRandom());
            PoolingHttpClientConnectionManager poolingHttpClientConnectionManager = new PoolingHttpClientConnectionManager((Registry<ConnectionSocketFactory>) RegistryBuilder.create().register(ApacheHttpClientConnectionManagerFactory.HTTPS_SCHEME, new SSLConnectionSocketFactory(build)).build());
            poolingHttpClientConnectionManager.setMaxTotal(1000);
            poolingHttpClientConnectionManager.setDefaultMaxPerRoute(500);
            this.httpClient = HttpClientBuilder.create().setConnectionManager(poolingHttpClientConnectionManager).setDefaultRequestConfig(RequestConfig.custom().setConnectTimeout(10000).setConnectionRequestTimeout(10000).setSocketTimeout(600000).build()).build();
        } catch (IOException e) {
            throw new TransportException(e);
        } catch (GeneralSecurityException e2) {
            throw new TransportException(e2);
        }
    }

    public DefaultHttpsTransport(HttpClient httpClient) {
        this.httpClient = httpClient;
    }

    @Override // com.ecwid.consul.transport.AbstractHttpTransport
    protected HttpClient getHttpClient() {
        return this.httpClient;
    }
}
