/** * @return instance of {@code SSLConfig} */ public SSLConfig build() { if (keyStore == null) { throw new IllegalArgumentException("Certificate File Not Configured"); } if (keyStorePassword == null) { throw new IllegalArgumentException("KeyStore Password Not Configured"); } return new SSLConfig(keyStore, keyStorePassword, certificatePassword, trustKeyStore, trustKeyStorePassword); } }
public SSLHandlerFactory(SSLConfig sslConfig) { String algorithm = Security.getProperty("ssl.KeyManagerFactory.algorithm"); if (algorithm == null) { algorithm = "SunX509"; } try { KeyStore ks = getKeyStore(sslConfig.getKeyStore(), sslConfig.getKeyStorePassword()); // Set up key manager factory to use our key store KeyManagerFactory kmf = KeyManagerFactory.getInstance(algorithm); kmf.init(ks, sslConfig.getCertificatePassword() != null ? sslConfig.getCertificatePassword().toCharArray() : sslConfig.getKeyStorePassword().toCharArray()); SslContextBuilder builder = SslContextBuilder.forServer(kmf); if (sslConfig.getTrustKeyStore() != null) { this.needClientAuth = true; KeyStore tks = getKeyStore(sslConfig.getTrustKeyStore(), sslConfig.getTrustKeyStorePassword()); TrustManagerFactory tmf = TrustManagerFactory.getInstance(algorithm); tmf.init(tks); builder.trustManager(tmf); } this.sslContext = builder.build(); } catch (Exception e) { throw new IllegalArgumentException("Failed to initialize the server-side SSLContext", e); } }
SSLConfig getSSLConfig(Configuration conf, String keyStorePathKey, String keyStorePasswordKey, String keyPasswordKey, String trustKeyStorePathKey, String trustKeyPasswordKey) { String keyStoreFilePath = conf.get(keyStorePathKey); Preconditions.checkArgument(keyStoreFilePath != null, String.format("%s is not specified.", keyStorePathKey)); File keyStore = new File(keyStoreFilePath); SSLConfig.Builder builder = SSLConfig.builder(keyStore, conf.get(keyStorePasswordKey)) .setCertificatePassword(conf.get(keyPasswordKey)); String trustKeyStoreFilePath = conf.get(trustKeyStorePathKey); if (trustKeyStoreFilePath == null) { return builder.build(); } return builder.setTrustKeyStore(new File(trustKeyStoreFilePath)) .setTrustKeyStorePassword(conf.get(trustKeyPasswordKey)).build(); }
+ sConf.get(Constants.Security.Router.SSL_KEYSTORE_PATH)); SSLConfig sslConfig = SSLConfig.builder(keystore, sConf.get(Constants.Security.Router.SSL_KEYSTORE_PASSWORD)) .setCertificatePassword(sConf.get(Constants.Security.Router.SSL_KEYPASSWORD)) .build();