diff --git a/acme4j-letsencrypt/pom.xml b/acme4j-letsencrypt/pom.xml
index 06798524..68388396 100644
--- a/acme4j-letsencrypt/pom.xml
+++ b/acme4j-letsencrypt/pom.xml
@@ -28,6 +28,21 @@
acme4j Let's Encrypt
Let's Encrypt service provider for acme4j
+
+
+
+ org.apache.maven.plugins
+ maven-surefire-plugin
+ 2.19
+
+ classes
+ 10
+ org.shredzone.acme4j.provider.LetsEncryptAcmeClientProviderTest$RequiresNetwork
+
+
+
+
+
org.shredzone.acme4j
diff --git a/acme4j-letsencrypt/src/main/java/org/shredzone/acme4j/provider/LetsEncryptAcmeClientProvider.java b/acme4j-letsencrypt/src/main/java/org/shredzone/acme4j/provider/LetsEncryptAcmeClientProvider.java
index 1830fda4..cf62cd37 100644
--- a/acme4j-letsencrypt/src/main/java/org/shredzone/acme4j/provider/LetsEncryptAcmeClientProvider.java
+++ b/acme4j-letsencrypt/src/main/java/org/shredzone/acme4j/provider/LetsEncryptAcmeClientProvider.java
@@ -92,7 +92,7 @@ public class LetsEncryptAcmeClientProvider extends AbstractAcmeClientProvider {
* Lazily creates an {@link SSLSocketFactory} that exclusively accepts the Let's
* Encrypt certificate.
*/
- private SSLSocketFactory createSocketFactory() throws IOException {
+ protected SSLSocketFactory createSocketFactory() throws IOException {
if (sslSocketFactory == null) {
try {
KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
diff --git a/acme4j-letsencrypt/src/test/java/org/shredzone/acme4j/provider/LetsEncryptAcmeClientProviderTest.java b/acme4j-letsencrypt/src/test/java/org/shredzone/acme4j/provider/LetsEncryptAcmeClientProviderTest.java
new file mode 100644
index 00000000..5776e5dc
--- /dev/null
+++ b/acme4j-letsencrypt/src/test/java/org/shredzone/acme4j/provider/LetsEncryptAcmeClientProviderTest.java
@@ -0,0 +1,99 @@
+/*
+ * acme4j - Java ACME client
+ *
+ * Copyright (C) 2015 Richard "Shred" Körber
+ * http://acme4j.shredzone.org
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ */
+package org.shredzone.acme4j.provider;
+
+import static org.hamcrest.Matchers.*;
+import static org.junit.Assert.*;
+
+import java.io.IOException;
+import java.net.HttpURLConnection;
+import java.net.URI;
+import java.net.URISyntaxException;
+
+import javax.net.ssl.HttpsURLConnection;
+import javax.net.ssl.SSLHandshakeException;
+import javax.net.ssl.SSLSocketFactory;
+
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+
+/**
+ * Unit tests for {@link LetsEncryptAcmeClientProvider}.
+ *
+ * @author Richard "Shred" Körber
+ */
+public class LetsEncryptAcmeClientProviderTest {
+
+ public interface RequiresNetwork {}
+
+ /**
+ * Tests if the provider accepts the correct URIs.
+ */
+ @Test
+ public void testAccepts() throws URISyntaxException {
+ LetsEncryptAcmeClientProvider provider = new LetsEncryptAcmeClientProvider();
+
+ assertThat(provider.accepts(new URI("acme://letsencrypt.org")), is(true));
+ assertThat(provider.accepts(new URI("acme://letsencrypt.org/")), is(true));
+ assertThat(provider.accepts(new URI("acme://letsencrypt.org/staging")), is(true));
+ assertThat(provider.accepts(new URI("acme://letsencrypt.org/v01")), is(true));
+ assertThat(provider.accepts(new URI("acme://example.com")), is(false));
+ assertThat(provider.accepts(new URI("http://example.com/acme")), is(false));
+ assertThat(provider.accepts(new URI("https://example.com/acme")), is(false));
+ }
+
+ /**
+ * Test if the {@link LetsEncryptAcmeClientProvider#openConnection(URI)} accepts only
+ * the Let's Encrypt certificate.
+ */
+ @Test
+ @Category(RequiresNetwork.class)
+ public void testCertificate() throws IOException, URISyntaxException {
+ LetsEncryptAcmeClientProvider provider = new LetsEncryptAcmeClientProvider();
+
+ try {
+ HttpURLConnection goodConn = provider.openConnection(
+ new URI("https://acme-staging.api.letsencrypt.org/directory"));
+ assertThat(goodConn, is(instanceOf(HttpsURLConnection.class)));
+ goodConn.connect();
+ } catch (SSLHandshakeException ex) {
+ fail("Connection does not accept Let's Encrypt certificate");
+ }
+
+ try {
+ HttpURLConnection badConn = provider.openConnection(
+ new URI("https://www.google.com"));
+ assertThat(badConn, is(instanceOf(HttpsURLConnection.class)));
+ badConn.connect();
+ fail("Connection accepts foreign certificate");
+ } catch (SSLHandshakeException ex) {
+ // expected
+ }
+ }
+
+ /**
+ * Test that the {@link SSLSocketFactory} can be instantiated and is cached.
+ */
+ @Test
+ public void testCreateSocketFactory() throws IOException {
+ LetsEncryptAcmeClientProvider provider = new LetsEncryptAcmeClientProvider();
+
+ SSLSocketFactory factory1 = provider.createSocketFactory();
+ assertThat(factory1, is(notNullValue()));
+
+ SSLSocketFactory factory2 = provider.createSocketFactory();
+ assertThat(factory1, is(sameInstance(factory2)));
+ }
+
+}
diff --git a/pom.xml b/pom.xml
index 0220510c..6dacdf60 100644
--- a/pom.xml
+++ b/pom.xml
@@ -128,7 +128,7 @@
org.apache.maven.plugins
maven-surefire-report-plugin
- 2.17
+ 2.19
org.apache.maven.plugins
@@ -149,7 +149,7 @@
junit
junit
- [4,)
+ [4.7,)
test