package org.jolokia.docker.maven.access.hc.http;

import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import javax.net.ssl.SSLContext;
import org.apache.http.config.Registry;
import org.apache.http.config.RegistryBuilder;
import org.apache.http.conn.socket.ConnectionSocketFactory;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.SSLContexts;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
import org.jolokia.docker.maven.access.KeyStoreUtil;

/* loaded from: input_file:org/jolokia/docker/maven/access/hc/http/HttpClientBuilder.class */
public class HttpClientBuilder {
    private final String certPath;

    public HttpClientBuilder(String str) {
        this.certPath = str;
    }

    public CloseableHttpClient build() throws IOException {
        org.apache.http.impl.client.HttpClientBuilder custom = HttpClients.custom();
        PoolingHttpClientConnectionManager poolingConnectionFactory = getPoolingConnectionFactory(this.certPath);
        poolingConnectionFactory.setDefaultMaxPerRoute(10);
        custom.setConnectionManager(poolingConnectionFactory);
        return custom.build();
    }

    private static PoolingHttpClientConnectionManager getPoolingConnectionFactory(String str) throws IOException {
        return str != null ? new PoolingHttpClientConnectionManager(getSslFactoryRegistry(str)) : new PoolingHttpClientConnectionManager();
    }

    private static Registry<ConnectionSocketFactory> getSslFactoryRegistry(String str) throws IOException {
        try {
            KeyStore createDockerKeyStore = KeyStoreUtil.createDockerKeyStore(str);
            SSLContext build = SSLContexts.custom().useTLS().loadKeyMaterial(createDockerKeyStore, "docker".toCharArray()).loadTrustMaterial(createDockerKeyStore).build();
            String str2 = System.getenv("DOCKER_TLS_VERIFY");
            return RegistryBuilder.create().register("https", (str2 == null || str2.equals("0") || str2.equals("false")) ? new SSLConnectionSocketFactory(build, SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER) : new SSLConnectionSocketFactory(build)).build();
        } catch (GeneralSecurityException e) {
            throw new IOException(e);
        }
    }
}
