package com.indix.tools;

import java.io.BufferedInputStream;
import java.io.IOException;
import java.net.URL;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/indix/tools/SSLTrustCA.class */
public final class SSLTrustCA {
    private static KeyStore keyStore;
    private static final char[] KEYSTORE_DEFAULT_PASSWORD = "changeit".toCharArray();
    private static final Logger LOG = LoggerFactory.getLogger(SSLTrustCA.class);

    public static SSLContext trustLetsEncryptRootCA() {
        return trustCa(SSLTrustCA.class.getResource("/ca/DSTRootCAX3.der"));
    }

    private static synchronized KeyStore initialize() throws GeneralSecurityException, IOException {
        if (keyStore == null) {
            KeyStore keyStore2 = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore2.load(null, KEYSTORE_DEFAULT_PASSWORD);
            keyStore = keyStore2;
        }
        return keyStore;
    }

    private static synchronized SSLContext trustCa(URL url) {
        try {
            LOG.debug("Trusting CAFile: " + url.toExternalForm());
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            BufferedInputStream bufferedInputStream = new BufferedInputStream(url.openStream());
            Throwable th = null;
            try {
                try {
                    Certificate generateCertificate = certificateFactory.generateCertificate(bufferedInputStream);
                    if (bufferedInputStream != null) {
                        if (0 != 0) {
                            try {
                                bufferedInputStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            bufferedInputStream.close();
                        }
                    }
                    String name = ((X509Certificate) generateCertificate).getSubjectDN().getName();
                    KeyStore initialize = initialize();
                    initialize.setCertificateEntry(name, generateCertificate);
                    TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                    trustManagerFactory.init(initialize);
                    SSLContext sSLContext = SSLContext.getInstance("TLS");
                    sSLContext.init(null, trustManagerFactory.getTrustManagers(), null);
                    SSLContext.setDefault(sSLContext);
                    return sSLContext;
                } finally {
                }
            } finally {
            }
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }
}
