package net.snowflake.client.jdbc.diagnostic;

import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URL;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import net.snowflake.client.jdbc.internal.apache.tika.metadata.TikaCoreProperties;
import net.snowflake.client.log.SFLogger;
import net.snowflake.client.log.SFLoggerFactory;

/* loaded from: input_file:net/snowflake/client/jdbc/diagnostic/CertificateDiagnosticCheck.class */
class CertificateDiagnosticCheck extends DiagnosticCheck {
    private static final String SECURE_SOCKET_PROTOCOL = "TLS";
    private static final SFLogger logger = SFLoggerFactory.getLogger((Class<?>) CertificateDiagnosticCheck.class);

    public CertificateDiagnosticCheck(ProxyConfig proxyConfig) {
        super("SSL/TLS Certificate Test", proxyConfig);
    }

    @Override // net.snowflake.client.jdbc.diagnostic.DiagnosticCheck
    protected void doCheck(SnowflakeEndpoint snowflakeEndpoint) {
        String host = snowflakeEndpoint.getHost();
        String num = Integer.toString(snowflakeEndpoint.getPort());
        if (!snowflakeEndpoint.isSslEnabled()) {
            logger.info("Host " + host + TikaCoreProperties.NAMESPACE_PREFIX_DELIMITER + num + " is not secure. Skipping certificate check.", new Object[0]);
            return;
        }
        String str = "https://" + host + TikaCoreProperties.NAMESPACE_PREFIX_DELIMITER + num;
        try {
            try {
                try {
                    try {
                        try {
                            try {
                                SSLContext sSLContext = SSLContext.getInstance("TLS");
                                sSLContext.init(null, new TrustManager[]{new DiagnosticTrustManager()}, null);
                                HttpsURLConnection.setDefaultSSLSocketFactory(sSLContext.getSocketFactory());
                                new URL(str).openConnection(this.proxyConf.getProxy(snowflakeEndpoint)).connect();
                                HttpsURLConnection.setDefaultSSLSocketFactory((SSLSocketFactory) SSLSocketFactory.getDefault());
                            } catch (Exception e) {
                                logger.error("Unexpected error occurred when trying to retrieve certificate from: " + host, e);
                                HttpsURLConnection.setDefaultSSLSocketFactory((SSLSocketFactory) SSLSocketFactory.getDefault());
                            }
                        } catch (KeyManagementException e2) {
                            logger.error("Failed to initialize SSLContext", e2);
                            HttpsURLConnection.setDefaultSSLSocketFactory((SSLSocketFactory) SSLSocketFactory.getDefault());
                        }
                    } catch (MalformedURLException e3) {
                        logger.error("Failed to create new URL object: " + str, e3);
                        HttpsURLConnection.setDefaultSSLSocketFactory((SSLSocketFactory) SSLSocketFactory.getDefault());
                    }
                } catch (IOException e4) {
                    logger.error("Failed to open a connection to: " + str, e4);
                    HttpsURLConnection.setDefaultSSLSocketFactory((SSLSocketFactory) SSLSocketFactory.getDefault());
                }
            } catch (NoSuchAlgorithmException e5) {
                logger.error("None of the security provider's implementation of SSLContextSpi supports TLS", e5);
                HttpsURLConnection.setDefaultSSLSocketFactory((SSLSocketFactory) SSLSocketFactory.getDefault());
            }
        } catch (Throwable th) {
            HttpsURLConnection.setDefaultSSLSocketFactory((SSLSocketFactory) SSLSocketFactory.getDefault());
            throw th;
        }
    }
}
