public static SslContext build(SslProvider sslProvider) throws CertificateException, SSLException { SelfSignedCertificate ssc = new SelfSignedCertificate(); return SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey()) .sslProvider(sslProvider) .build(); }
/** * Returns the generated {@link X509Certificate}. */ public X509Certificate certificate() { ensureCertificate(); return certificate.cert(); }
/** * Configures SSL or TLS of this {@link VirtualHost} with an auto-generated self-signed certificate. * <strong>Note:</strong> You should never use this in production but only for a testing purpose. * * @throws CertificateException if failed to generate a self-signed certificate */ public B tlsSelfSigned() throws SSLException, CertificateException { final SelfSignedCertificate ssc = new SelfSignedCertificate(defaultHostname); return tls(ssc.certificate(), ssc.privateKey()); }
public static void main(String[] args) throws Exception { if (args.length != 1) { System.err.println("Please give port as argument"); System.exit(1); } int port = Integer.parseInt(args[0]); SelfSignedCertificate cert = new SelfSignedCertificate(); SslContext context = SslContext.newServerContext( cert.certificate(), cert.privateKey()); final SecureChatServer endpoint = new SecureChatServer(context); ChannelFuture future = endpoint.start(new InetSocketAddress(port)); Runtime.getRuntime().addShutdownHook(new Thread() { @Override public void run() { endpoint.destroy(); } }); future.channel().closeFuture().syncUninterruptibly(); } }
public static void start() throws CertificateException, SSLException, InterruptedException { // Configure SSL. final SslContext sslCtx; if (SSL) { SelfSignedCertificate ssc = new SelfSignedCertificate(); sslCtx = SslContext.newServerContext(ssc.certificate(), ssc.privateKey()); } else { sslCtx = null; } bossGroup = new NioEventLoopGroup(1); workerGroup = new NioEventLoopGroup(); ServerBootstrap b = new ServerBootstrap(); b.group(bossGroup, workerGroup) .channel(NioServerSocketChannel.class) .handler(new LoggingHandler(LogLevel.INFO)) .childHandler(new ExtractorServerInitializer(sslCtx)); b.bind(PORT).sync().channel().closeFuture().sync(); }
SelfSignedCertificate ssc = new SelfSignedCertificate(); sslContext = SslContext.newServerContext(ssc.certificate(), ssc.privateKey()); ServerBootstrap serverBootstrap = new ServerBootstrap() .group(bossGroup, workerGroup) .option(ChannelOption.ALLOCATOR, ByteBufAllocator.DEFAULT) .option(ChannelOption.AUTO_READ, true) CloudNet.getLogger().debug("Try to bind to " + connectableAddress.getHostName() + ":" + connectableAddress.getPort() + "..."); ChannelFuture channelFuture = serverBootstrap.bind(connectableAddress.getHostName(), connectableAddress.getPort()).addListener(new ChannelFutureListener() { @Override public void operationComplete(ChannelFuture channelFuture) throws Exception System.out.println("Failed to bind @" + connectableAddress.getHostName() + ":" + connectableAddress.getPort()); }).addListener(ChannelFutureListener.CLOSE_ON_FAILURE).addListener(ChannelFutureListener.FIRE_EXCEPTION_ON_FAILURE); channelFuture.sync().channel().closeFuture(); } catch (Exception ex)
SelfSignedCertificate ssc = new SelfSignedCertificate(); sslContext = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey()).build(); bossGroup = new NioEventLoopGroup(1, new NamedThreadFactory("primary-run")); workerGroup = new NioEventLoopGroup(0, new NamedThreadFactory("primary")); b = new ServerBootstrap(); b.group(bossGroup, workerGroup); b.channel(NioServerSocketChannel.class); b.option(ChannelOption.SO_REUSEADDR, true);
LOGGER.log(Level.SEVERE, "required sslCiphers " + sslCiphers); SelfSignedCertificate ssc = new SelfSignedCertificate(); try { sslCtx = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey()).ciphers(sslCiphers).build(); } finally { ssc.delete(); LOGGER.log(Level.FINE, "Using netty-native-epoll network type"); } else { bossGroup = new NioEventLoopGroup(workerThreads); workerGroup = new NioEventLoopGroup(workerThreads); LOGGER.log(Level.FINE, "Using nio network type"); ServerBootstrap b = new ServerBootstrap(); b.group(bossGroup, workerGroup) .channel(NetworkUtils.isEnableEpoolNative() ? EpollServerSocketChannel.class : NioServerSocketChannel.class) .childHandler(channelInitialized) .option(ChannelOption.SO_BACKLOG, 128); ChannelFuture f = b.bind(address).sync(); this.channel = f.channel(); LocalServerRegistry.registerLocalServer(hostAddress, port, ssl); ChannelFuture local_f = b_local.bind(new LocalAddress(hostAddress + ":" + port + ":" + ssl)).sync(); this.local_channel = local_f.channel();
try{ if(sslSettings==null){ SelfSignedCertificate ssc = new SelfSignedCertificate(); sslSettings = new SSLSettings().keyFile(ssc.privateKey()).certificateFile(ssc.certificate()); sslContext = SslContextBuilder.forServer(sslSettings.certificateFile, sslSettings.keyFile, sslSettings.keyPassword) .clientAuth(clientAuth) .trustManager(sslSettings.trustCertChainFile) .build(); }catch(Throwable thr){ if(port==-1) port = sslContext==null ? 80 : 443; ServerBootstrap bootstrap = new ServerBootstrap() .group(eventLoopGroup) .channel(NioServerSocketChannel.class) .childOption(ChannelOption.ALLOCATOR, PooledByteBufAllocator.DEFAULT) .childOption(ChannelOption.MAX_MESSAGES_PER_READ, 50000) bootstrap.bind(uri.getHost(), port).addListener(new ChannelFutureListener(){ @Override public void operationComplete(ChannelFuture future) throws Exception{
SelfSignedCertificate ssc = new SelfSignedCertificate(); sslContext = SslContextBuilder.forServer(ssc.key(), ssc.cert()).build(); serverBootstrap = new ServerBootstrap() .group(acceptorGroup, workerGroup) .childOption(ChannelOption.IP_TOS, 24) .childOption(ChannelOption.TCP_NODELAY, true) .childOption(ChannelOption.AUTO_READ, true)
@Test public void sslExchangeAbsoluteGet() throws CertificateException, SSLException { SelfSignedCertificate ssc = new SelfSignedCertificate(); SslContext sslServer = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey()).build(); SslContext sslClient = SslContextBuilder.forClient() .trustManager(InsecureTrustManagerFactory.INSTANCE).build(); DisposableServer context = HttpServer.create() .secure(ssl -> ssl.sslContext(sslServer)) .handle((req, resp) -> resp.sendString(Flux.just("hello ", req.uri()))) .wiretap(true) .bindNow(); String responseString = createHttpClientForContextWithAddress(context) .secure(ssl -> ssl.sslContext(sslClient)) .get() .uri("/foo") .responseSingle((res, buf) -> buf.asString(CharsetUtil.UTF_8)) .block(); context.disposeNow(); assertThat(responseString).isEqualTo("hello /foo"); }
if (tlsTestModeEnable) { return SslContextBuilder .forClient() .sslProvider(SslProvider.JDK) .trustManager(InsecureTrustManagerFactory.INSTANCE) .build(); } else { SelfSignedCertificate selfSignedCertificate = new SelfSignedCertificate(); return SslContextBuilder .forServer(selfSignedCertificate.certificate(), selfSignedCertificate.privateKey()) .sslProvider(SslProvider.JDK) .clientAuth(ClientAuth.OPTIONAL)
SelfSignedCertificate ssc = new SelfSignedCertificate(); return Optional.of(SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey()).build()); } catch (CertificateException | SSLException e) { throw new SslConfigurationException("Encountered an error while building a self signed certificate", e); .forServer(getKeyManagerFactory()) .trustManager(getTrustManagerFactory());
public static void createAndAttachSSLClient(ServiceHost h) throws Throwable { // we create a random userAgent string to validate host to host communication when // the client appears to be from an external, non-Xenon source. ServiceClient client = NettyHttpServiceClient.create(UUID.randomUUID().toString(), null, h.getScheduledExecutor(), h); if (NettyChannelContext.isALPNEnabled()) { SslContext http2ClientContext = SslContextBuilder.forClient() .trustManager(InsecureTrustManagerFactory.INSTANCE) .ciphers(Http2SecurityUtil.CIPHERS, SupportedCipherSuiteFilter.INSTANCE) .applicationProtocolConfig(new ApplicationProtocolConfig( ApplicationProtocolConfig.Protocol.ALPN, ApplicationProtocolConfig.SelectorFailureBehavior.NO_ADVERTISE, ApplicationProtocolConfig.SelectedListenerFailureBehavior.ACCEPT, ApplicationProtocolNames.HTTP_2)) .build(); ((NettyHttpServiceClient) client).setHttp2SslContext(http2ClientContext); } SSLContext clientContext = SSLContext.getInstance(ServiceClient.TLS_PROTOCOL_NAME); clientContext.init(null, InsecureTrustManagerFactory.INSTANCE.getTrustManagers(), null); client.setSSLContext(clientContext); h.setClient(client); SelfSignedCertificate ssc = new SelfSignedCertificate(); h.setCertificateFileReference(ssc.certificate().toURI()); h.setPrivateKeyFileReference(ssc.privateKey().toURI()); }
private SslContext newSslContext() throws Exception { return GrpcSslContexts.forServer(ssc.certificate(), ssc.privateKey()) .applicationProtocolConfig(ALPN) .trustManager(TestUtils.loadCert("ca.pem")) .build(); } };
private static SslContextBuilder sslContextFromSelfSignedCertificate(HttpsConnectorConfig httpsConnectorConfig) { SelfSignedCertificate certificate = newSelfSignedCertificate(); return SslContextBuilder.forServer(certificate.certificate(), certificate.privateKey()) .protocols(toProtocolsOrDefault(httpsConnectorConfig.protocols())) .ciphers(toCiphersOrDefault(httpsConnectorConfig.ciphers())) .sslProvider(SslProvider.valueOf(httpsConnectorConfig.sslProvider())); }
@Test void shouldLoadPEMCertificates() throws Throwable { // Given SelfSignedCertificate cert = new SelfSignedCertificate( "example.com" ); PkiUtils certs = new PkiUtils(); File pemCertificate = cert.certificate(); // When Certificate[] certificates = certs.loadCertificates( pemCertificate ); // Then assertThat(certificates.length, equalTo(1)); }
public SelfSignedCertificateImpl() { try { certificate = new io.netty.handler.ssl.util.SelfSignedCertificate(); } catch (CertificateException e) { throw new VertxException(e); } }
@Test void shouldLoadPEMPrivateKey() throws Throwable { // Given SelfSignedCertificate cert = new SelfSignedCertificate( "example.com" ); PkiUtils certs = new PkiUtils(); File privateKey = cert.privateKey(); // When PrivateKey pk = certs.loadPrivateKey( privateKey ); // Then assertNotNull( pk ); }