fix: add option to trustSelfSigned certificates

src/main/java/com/jadice/flow/client/s3/ConfigProperties.java

@@ -1,9 +1,9 @@
 package com.jadice.flow.client.s3;
 
-import com.amazonaws.services.s3.model.Region;
-
 import java.net.URI;
 
+import com.amazonaws.services.s3.model.Region;
+
 /**
  * Configuration object that contains all the necessary connection information for accessing the s3 storage.
  */
@@ -18,6 +18,7 @@ public class ConfigProperties {
     String accessKey;
     String secretKey;
     String protocol;
+    boolean trustSelfSigned = false;
 
     public ConfigProperties() {}
 
@@ -27,14 +28,16 @@ public ConfigProperties( //
         final Region region, //
         final String accessKey, //
         final String secretKey, //
-        final String protocol //
+        final String protocol ,//
+        final boolean trustSelfSigned //
     ) {
         this.endpoint = endpoint;
         this.bucket = bucket;
         this.region = region;
         this.accessKey = accessKey;
         this.secretKey = secretKey;
         this.protocol = protocol;
+        this.trustSelfSigned = trustSelfSigned;
     }
 
     public String getAccessKey() {
@@ -84,4 +87,12 @@ public String getProtocol() {
     public void setProtocol(String protocol) {
         this.protocol = protocol;
     }
+
+    public boolean isTrustSelfSigned() {
+        return trustSelfSigned;
+    }
+
+    public void setTrustSelfSigned(boolean trustSelfSigned) {
+        this.trustSelfSigned = trustSelfSigned;
+    }
 }

src/main/java/com/jadice/flow/client/s3/S3ClientBuilder.java

@@ -1,5 +1,16 @@
 package com.jadice.flow.client.s3;
 
+import java.security.KeyManagementException;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+
+import javax.net.ssl.SSLContext;
+
+import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
+import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
+import org.apache.http.ssl.SSLContextBuilder;
+
+import com.amazonaws.ApacheHttpClientConfig;
 import com.amazonaws.ClientConfiguration;
 import com.amazonaws.Protocol;
 import com.amazonaws.auth.AWSStaticCredentialsProvider;
@@ -23,8 +34,23 @@ public AmazonS3 build(final ConfigProperties configProperties) {
             )));
         // prefer the path style access, as minio uses that mode
         builder.setPathStyleAccessEnabled(true);
+
+        final ClientConfiguration clientConfiguration = new ClientConfiguration();
+
+        // enforce HTTP
         if("http".equalsIgnoreCase(configProperties.getProtocol())){
-            builder.withClientConfiguration(new ClientConfiguration().withProtocol(Protocol.HTTP));
+            builder.withClientConfiguration(clientConfiguration.withProtocol(Protocol.HTTP));
+        } else if (configProperties.isTrustSelfSigned()) {
+            // trust self-signed certificates
+            SSLContext sslContext = null;
+            try {
+                sslContext = new SSLContextBuilder().loadTrustMaterial(TrustSelfSignedStrategy.INSTANCE).build();
+            } catch (NoSuchAlgorithmException | KeyManagementException | KeyStoreException e) {
+                throw new IllegalStateException("Failed to initialize SSLContext with TrustSelfSignedStrategy", e);
+            }
+            final ApacheHttpClientConfig apacheHttpClientConfig = clientConfiguration.getApacheHttpClientConfig();
+            apacheHttpClientConfig.setSslSocketFactory(new SSLConnectionSocketFactory(sslContext));
+            builder.withClientConfiguration(clientConfiguration);
         }
         return builder.build();
     }

src/test/java/com/jadice/flow/client/s3/S3ClientTest.java

@@ -32,13 +32,15 @@ public static void setupClass() throws IOException {
             final String accessKey = (String) s3.get("access-key");
             final String secretKey = (String) s3.get("secret-key");
             final String protocol = (String) s3.get("protocol");
+            final boolean trustSelfSigned = (boolean) s3.get("trustSelfSigned");
             final ConfigProperties configProperties = new ConfigProperties( //
                     URI.create(endpoint), //
                     bucket, //
                     null, //
                     accessKey, //
                     secretKey, //
-                    protocol //
+                    protocol, //
+                    trustSelfSigned //
             );
             s3Client = new S3Client(configProperties, Duration.ofHours(1));
         }