From 704fba67a2948ce059ee88890105ef8950123e55 Mon Sep 17 00:00:00 2001
From: Alex Virvara <alexandru.virvara@gmail.com>
Date: Tue, 3 Sep 2024 15:54:26 +0300
Subject: [PATCH 1/2] added new set and get for ssl context

---
 .../java/org/htmlunit/WebClientOptions.java   | 20 +++++++++++++++++++
 .../HtmlUnitSSLConnectionSocketFactory.java   | 16 +++++++++------
 2 files changed, 30 insertions(+), 6 deletions(-)

diff --git a/src/main/java/org/htmlunit/WebClientOptions.java b/src/main/java/org/htmlunit/WebClientOptions.java
index 772907227c..ac34440f7e 100644
--- a/src/main/java/org/htmlunit/WebClientOptions.java
+++ b/src/main/java/org/htmlunit/WebClientOptions.java
@@ -27,6 +27,8 @@
 
 import org.apache.commons.io.FileUtils;
 
+import javax.net.ssl.SSLContext;
+
 /**
  * Represents options of a {@link WebClient}.
  *
@@ -65,6 +67,7 @@ public class WebClientOptions implements Serializable {
 
     private boolean useInsecureSSL_; // default is secure SSL
     private String sslInsecureProtocol_;
+    private SSLContext sslContext_;
 
     private boolean fileProtocolForXMLHttpRequestsAllowed_;
 
@@ -515,6 +518,23 @@ public String getSSLInsecureProtocol() {
         return sslInsecureProtocol_;
     }
 
+    /**
+     * Sets the SSL Context, used only when {@link #setUseInsecureSSL(boolean)} is set to {@code true}.
+     * @param sslContext the SSL Context for insecure SSL connections,
+     *      {@code null} to use for default value
+     */
+    public void setSSLContext(final SSLContext sslContext) {
+        sslContext_ = sslContext;
+    }
+
+    /**
+     * Gets the SSL Context, to be used only when {@link #setUseInsecureSSL(boolean)} is set to {@code true}.
+     * @return the SSL Context for insecure SSL connections
+     */
+    public SSLContext getSSLContext() {
+        return sslContext_;
+    }
+
     /**
      * Sets the SSL server certificate trust store. All server certificates will be validated against
      * this trust store.
diff --git a/src/main/java/org/htmlunit/httpclient/HtmlUnitSSLConnectionSocketFactory.java b/src/main/java/org/htmlunit/httpclient/HtmlUnitSSLConnectionSocketFactory.java
index 48441960bb..c913ae2d2b 100644
--- a/src/main/java/org/htmlunit/httpclient/HtmlUnitSSLConnectionSocketFactory.java
+++ b/src/main/java/org/htmlunit/httpclient/HtmlUnitSSLConnectionSocketFactory.java
@@ -100,13 +100,17 @@ public static SSLConnectionSocketFactory buildSSLSocketFactory(final WebClientOp
                         sslClientProtocols, sslClientCipherSuites);
             }
 
-            // we need insecure SSL + SOCKS awareness
-            String protocol = options.getSSLInsecureProtocol();
-            if (protocol == null) {
-                protocol = "SSL";
+            SSLContext sslContext = options.getSSLContext();
+            if (sslContext == null) {
+                // we need insecure SSL + SOCKS awareness
+                String protocol = options.getSSLInsecureProtocol();
+                if (protocol == null) {
+                    protocol = "SSL";
+                }
+
+                sslContext = SSLContext.getInstance(protocol);
+                sslContext.init(getKeyManagers(options), new X509ExtendedTrustManager[]{new InsecureTrustManager()}, null);
             }
-            final SSLContext sslContext = SSLContext.getInstance(protocol);
-            sslContext.init(getKeyManagers(options), new X509ExtendedTrustManager[] {new InsecureTrustManager()}, null);
 
             return new HtmlUnitSSLConnectionSocketFactory(sslContext, NoopHostnameVerifier.INSTANCE,
                                             useInsecureSSL, sslClientProtocols, sslClientCipherSuites);

From e462b7d8eff546ca63e4bd07d4be830f765af8e5 Mon Sep 17 00:00:00 2001
From: Alex Virvara <alexandru.virvara@gmail.com>
Date: Wed, 4 Sep 2024 08:30:41 +0300
Subject: [PATCH 2/2] fix checkstyle

---
 .../httpclient/HtmlUnitSSLConnectionSocketFactory.java         | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/main/java/org/htmlunit/httpclient/HtmlUnitSSLConnectionSocketFactory.java b/src/main/java/org/htmlunit/httpclient/HtmlUnitSSLConnectionSocketFactory.java
index c913ae2d2b..2604b16003 100644
--- a/src/main/java/org/htmlunit/httpclient/HtmlUnitSSLConnectionSocketFactory.java
+++ b/src/main/java/org/htmlunit/httpclient/HtmlUnitSSLConnectionSocketFactory.java
@@ -109,7 +109,8 @@ public static SSLConnectionSocketFactory buildSSLSocketFactory(final WebClientOp
                 }
 
                 sslContext = SSLContext.getInstance(protocol);
-                sslContext.init(getKeyManagers(options), new X509ExtendedTrustManager[]{new InsecureTrustManager()}, null);
+                sslContext.init(getKeyManagers(options),
+                        new X509ExtendedTrustManager[]{new InsecureTrustManager()}, null);
             }
 
             return new HtmlUnitSSLConnectionSocketFactory(sslContext, NoopHostnameVerifier.INSTANCE,