HttpConfiguration http_config = new HttpConfiguration(); http_config.setSecureScheme("https"); http_config.setSecurePort(Integer.parseInt(globalProps.getProperty("serverPort"))); SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setKeyStorePath(keystoreFile.getAbsolutePath()); sslContextFactory.setKeyStorePassword(globalProps.getProperty("keystorePwd")); sslContextFactory.setKeyManagerPassword(globalProps.getProperty("keystoreManagerPwd")); HttpConfiguration https_config = new HttpConfiguration(http_config); https_config.addCustomizer(new SecureRequestCustomizer()); ServerConnector https = new ServerConnector(server, new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(https_config)); https.setPort(Integer.parseInt(globalProps.getProperty("serverPort"))); server.setConnectors(new Connector[]{https}); } else { http_config.addCustomizer(new org.eclipse.jetty.server.ForwardedRequestCustomizer()); ServerConnector http = new ServerConnector(server, new HttpConnectionFactory(http_config)); http.setPort(Integer.parseInt(globalProps.getProperty("serverPort"))); server.setConnectors(new Connector[]{http});
HttpConfiguration httpConfig = new HttpConfiguration(); httpConfig.setSecureScheme("https"); httpConfig.setSecurePort(listenPort); httpConfig.setHeaderCacheSize(DEFAULT_HTTP_MAX_HEADER_SIZE); httpConfig.setRequestHeaderSize(DEFAULT_HTTP_MAX_HEADER_SIZE); if(conf.getBoolean(THRIFT_SSL_ENABLED_KEY, false)) { HttpConfiguration httpsConfig = new HttpConfiguration(httpConfig); httpsConfig.addCustomizer(new SecureRequestCustomizer()); SslContextFactory sslCtxFactory = new SslContextFactory(); String keystore = conf.get(THRIFT_SSL_KEYSTORE_STORE_KEY); String password = HBaseConfiguration.getPassword(conf, serverConnector = new ServerConnector(httpServer, new SslConnectionFactory(sslCtxFactory, HttpVersion.HTTP_1_1.toString()), new HttpConnectionFactory(httpsConfig)); } else { serverConnector = new ServerConnector(httpServer, new HttpConnectionFactory(httpConfig)); serverConnector.setPort(listenPort); serverConnector.setHost(getBindAddress(conf).getHostAddress()); httpServer.addConnector(serverConnector);
private void setUpSSlServer2() throws Exception { server2 = new Server(); HttpConfiguration https_config = new HttpConfiguration(); https_config.setSecureScheme("https"); https_config.setSecurePort(port2); https_config.setOutputBufferSize(32768); SecureRequestCustomizer src = new SecureRequestCustomizer(); src.setStsMaxAge(2000); src.setStsIncludeSubDomains(true); https_config.addCustomizer(src); SslContextFactory sslContextFactory = new SslContextFactory(); ClassLoader cl = getClass().getClassLoader(); URL cacertsUrl = cl.getResource("ssltest-cacerts.jks"); String trustStoreFile = new File(cacertsUrl.toURI()).getAbsolutePath(); sslContextFactory.setTrustStorePath(trustStoreFile); sslContextFactory.setTrustStorePassword("changeit"); sslContextFactory.setTrustStoreType("JKS"); ServerConnector https_connector = new ServerConnector(server2, new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(https_config)); https_connector.setPort(port2); https_connector.setIdleTimeout(500000); setUpServers(https_connector);
ServerConnector listener = null; String scheme = ep.getScheme(); HttpConfiguration httpConfig = new HttpConfiguration(); httpConfig.setSecureScheme("https"); httpConfig.setHeaderCacheSize(DEFAULT_MAX_HEADER_SIZE); httpConfig.setResponseHeaderSize(DEFAULT_MAX_HEADER_SIZE); httpConfig.setRequestHeaderSize(DEFAULT_MAX_HEADER_SIZE); listener = new ServerConnector(server.webServer, new HttpConnectionFactory(httpConfig)); } else if ("https".equals(scheme)) { HttpConfiguration httpsConfig = new HttpConfiguration(httpConfig); httpsConfig.addCustomizer(new SecureRequestCustomizer()); SslContextFactory sslCtxFactory = new SslContextFactory(); sslCtxFactory.setNeedClientAuth(needsClientAuth); sslCtxFactory.setKeyManagerPassword(keyPassword); listener = new ServerConnector(server.webServer, new SslConnectionFactory(sslCtxFactory, HttpVersion.HTTP_1_1.toString()), new HttpConnectionFactory(httpsConfig)); } else { throw new HadoopIllegalArgumentException( listener.setAcceptQueueSize(128); if (Shell.WINDOWS) {
Boolean needClientAuth, Boolean wantClientAuth, Integer headerBufferSize) { SslContextFactory factory = new SslContextFactory(); factory.setExcludeCipherSuites("SSL_RSA_WITH_RC4_128_MD5", "SSL_RSA_WITH_RC4_128_SHA"); factory.setExcludeProtocols("SSLv3"); factory.setRenegotiationAllowed(false); factory.setKeyStorePath(ksPath); HttpConfiguration httpsConfig = new HttpConfiguration(); httpsConfig.addCustomizer(new SecureRequestCustomizer()); if (null != headerBufferSize) { httpsConfig.setRequestHeaderSize(headerBufferSize); ServerConnector sslConnector = new ServerConnector( server, new SslConnectionFactory(factory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(httpsConfig) ); sslConnector.setPort(port); return sslConnector;
protected ServerConnector sslConnector(final Server server) { sslContextFactory = new SslContextFactory(); String keystore; try { keystore = sslKeystore; sslContextFactory.setKeyStorePath(keystore); sslContextFactory.setKeyStorePassword(sslKeystorePassword); sslContextFactory.setKeyManagerPassword(sslKeystorePassword); if (sslTruststore != null) { httpConfig.addCustomizer(new SecureRequestCustomizer()); final ServerConnector serverConnector = new ServerConnector(server, new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(httpConfig)); serverConnector.setIdleTimeout(30000); serverConnector.setHost(host); if (port != -1) { serverConnector.setPort(port);
private Connector sslConnector(Server server) { ensureX509Certificates(); HttpConfiguration httpsConfig = new HttpConfiguration(); httpsConfig.setOutputBufferSize(systemEnvironment.get(SystemEnvironment.RESPONSE_BUFFER_SIZE)); httpsConfig.addCustomizer(new SecureRequestCustomizer()); httpsConfig.setSendServerVersion(false); httpsConfig.addCustomizer(new ForwardedRequestCustomizer()); sslContextFactory.setExcludeProtocols(); sslContextFactory.setExcludeCipherSuites(); sslContextFactory.setKeyStorePath(keystore.getPath()); sslContextFactory.setKeyStorePassword(password); sslContextFactory.setKeyManagerPassword(password); LOGGER.info("Excluded protocols: {}", StringUtils.join(goSSLConfig.getProtocolsToBeExcluded(), ",")); LOGGER.info("Renegotiation Allowed: {}", goSSLConfig.isRenegotiationAllowed()); ServerConnector https = new ServerConnector(server, new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(httpsConfig)); https.setHost(systemEnvironment.getListenHost()); https.setPort(systemEnvironment.getSslServerPort()); https.setIdleTimeout(systemEnvironment.get(SystemEnvironment.IDLE_TIMEOUT));
ServerConnector connector = null; HttpConfiguration httpConfig = new HttpConfiguration(); httpConfig.setSecureScheme(HTTPS); httpConfig.setSecurePort(port); SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setCertAlias(sslConfig.getAlias()); sslContextFactory.setNeedClientAuth(sslConfig.isRequireAuth()); logger.debug(sslContextFactory.dump()); httpConfig.addCustomizer(new SecureRequestCustomizer()); connector = new ServerConnector(httpServer, new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(httpConfig)); connector.setPort(port); } else { connector = new ServerConnector(httpServer, new HttpConnectionFactory(httpConfig)); connector.setPort(port);
HttpConnectionFactory http = new HttpConnectionFactory(httpConfiguration); httpConnector = new ServerConnector(server, http, http2c); } else { httpConnector = new ServerConnector(server, http); httpConnector.setPort(httpConfig.getPort() == null ? ServerConnectorConfig.DEFAULT_HTTP_PORT : httpConfig.getPort()); httpConnector.setHost(httpConfig.getAddress()); HttpConnectionFactory http = new HttpConnectionFactory(httpsConfiguration); SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setKeyStorePath(httpsConfig.getKeystorePath()); sslContextFactory.setKeyStorePassword(httpsConfig.getKeystorePassword()); alpn.setDefaultProtocol(HttpVersion.HTTP_1_1.toString()); SslConnectionFactory ssl = new SslConnectionFactory(sslContextFactory, alpn.getProtocol()); httpsConnector = new ServerConnector(server, ssl, alpn, h2, http); } else { SslConnectionFactory ssl = new SslConnectionFactory(sslContextFactory, http.getProtocol()); httpsConnector = new ServerConnector(server, ssl, http);
/** Add HTTPS to a {@link Server}. */ private static ServerConnector httpsConnector(Server server, int httpsPort, String keystore, String certPassword) { SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setKeyStorePath(keystore); sslContextFactory.setKeyStorePassword(certPassword); SecureRequestCustomizer src = new SecureRequestCustomizer(); src.setStsMaxAge(2000); src.setStsIncludeSubDomains(true); HttpConfiguration https_config = httpConfiguration(); https_config.setSecureScheme(HttpScheme.HTTPS.asString()); https_config.setSecurePort(httpsPort); https_config.addCustomizer(src); // HTTPS Connector ServerConnector sslConnector = new ServerConnector(server, new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(https_config)); sslConnector.setPort(httpsPort); return sslConnector; }
org.apache.commons.configuration.Configuration config = getConfiguration(); SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setKeyStorePath(config.getString(KEYSTORE_FILE_KEY, System.getProperty(KEYSTORE_FILE_KEY, DEFAULT_KEYSTORE_FILE_LOCATION))); sslContextFactory.setKeyStorePassword(getPassword(config, KEYSTORE_PASSWORD_KEY)); sslContextFactory.setKeyManagerPassword(getPassword(config, SERVER_CERT_PASSWORD_KEY)); sslContextFactory.setTrustStorePath(config.getString(TRUSTSTORE_FILE_KEY, HttpConfiguration http_config = new HttpConfiguration(); http_config.setSecureScheme("https"); final int bufferSize = AtlasConfiguration.WEBSERVER_REQUEST_BUFFER_SIZE.getInt(); http_config.setSecurePort(port); http_config.setRequestHeaderSize(bufferSize); http_config.setResponseHeaderSize(bufferSize); HttpConfiguration https_config = new HttpConfiguration(http_config); https_config.addCustomizer(new SecureRequestCustomizer()); ServerConnector sslConnector = new ServerConnector(server, new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(https_config)); sslConnector.setPort(port); server.addConnector(sslConnector);
ServerConnector http = new ServerConnector(jetty); http.setPort(port); http.setIdleTimeout(idleTimeout); if (host != null) { http.setHost(host); HttpConfiguration httpConfig = new HttpConfiguration(); httpConfig.setSecureScheme("https"); httpConfig.setSecurePort(sslPort); httpConfig.setOutputBufferSize(32768); HttpConfiguration httpsConfig = new HttpConfiguration(httpConfig); httpsConfig.addCustomizer(new SecureRequestCustomizer()); SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setKeyStore(StandaloneHelper.loadKeyStore(this.sslKeystoreUri, this.sslKeystorePassword.toCharArray())); sslContextFactory.setKeyManagerPassword(this.sslKeystorePassword); sslContextFactory.setTrustStore(StandaloneHelper.loadKeyStore(this.sslTruststoreUri, this.sslTruststorePassword.toCharArray())); ServerConnector https = new ServerConnector( jetty, new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(httpsConfig)); https.setPort(sslPort);
srv.addBean(mbContainer); HttpConfiguration httpConfiguration = new HttpConfiguration(); httpConfiguration.addCustomizer(new SecureRequestCustomizer()); SslContextFactory sslCtxFactory = new SslContextFactory(); sslCtxFactory.setSslContext(sslContext); sslCtxFactory.setExcludeProtocols(getExcludeProtocols().toArray(new String[]{})); sslCtxFactory.setIncludeProtocols(getIncludeProtocols().toArray(new String[]{})); sslCtxFactory.setExcludeCipherSuites(getExcludeCipherSuites().toArray(new String[]{})); httpConfiguration.setSecurePort(port); httpConfiguration.setSecureScheme("https"); return new ServerConnector(srv, new SslConnectionFactory(sslCtxFactory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(httpConfiguration)); }).orElse( new ServerConnector(srv, new HttpConnectionFactory(httpConfiguration)) ); connector.setPort(port); connector.setHost(host); connector.setReuseAddress(true);
private static Server createServer(Handler handler, int port, KeyStore keyStore, String keyPassword) throws Exception { Server server = new Server(); SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setIncludeProtocols("TLSv1.2"); sslContextFactory.setKeyStore(keyStore); sslContextFactory.setKeyManagerPassword(keyPassword); HttpConfiguration httpsConfig = new HttpConfiguration(); httpsConfig.addCustomizer(new SecureRequestCustomizer()); ServerConnector sslConnector = new ServerConnector(server, new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(httpsConfig)); sslConnector.setPort(port); server.addConnector(sslConnector); server.setHandler(handler); return server; }
final HttpConfiguration httpConfig = new HttpConfiguration(); httpConfig.setSendServerVersion( false ); final ServerConnector httpConnector = new ServerConnector(adminServer, null, null, null, -1, serverThreads, new HttpConnectionFactory(httpConfig)); httpConnector.setHost(bindInterface); httpConnector.setPort(adminPort); adminServer.addConnector(httpConnector); final SslContextFactory sslContextFactory = new EncryptionArtifactFactory( configuration ).getSslContextFactory(); final HttpConfiguration httpsConfig = new HttpConfiguration(); httpsConfig.setSendServerVersion( false ); httpsConfig.setSecureScheme( "https" ); httpsConfig.setSecurePort( adminSecurePort ); httpsConfig.addCustomizer( new SecureRequestCustomizer() ); final HttpConnectionFactory httpConnectionFactory = new HttpConnectionFactory( httpsConfig ); final SslConnectionFactory sslConnectionFactory = new SslConnectionFactory( sslContextFactory, org.eclipse.jetty.http.HttpVersion.HTTP_1_1.toString() ); final ServerConnector httpsConnector = new ServerConnector( adminServer, null, null, null, -1, serverThreads, sslConnectionFactory, httpConnectionFactory );
SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setKeyStorePath(getStorePath("serverKeyStore.jks")); sslContextFactory.setKeyStorePassword("passw0rd"); sslContextFactory.setKeyManagerPassword("passw0rd"); sslContextFactory.setCertAlias("default"); sslContextFactory.setTrustStorePassword("passw0rd"); HttpConfiguration httpsConfig = new HttpConfiguration(); httpsConfig.addCustomizer(new SecureRequestCustomizer()); ServerConnector https= new ServerConnector(server, new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(httpsConfig)); https.setPort(endpointURI.getPort());
LOG.info("Setting up HTTPS connector for web server"); final SslContextFactory sslContextFactory = new SslContextFactory(); new java.security.cert.Certificate[] { certificate }); sslContextFactory.setKeyStore(keyStore); sslContextFactory.setKeyStorePassword(keyStorePasswd); final HttpConfiguration httpsConfig = new HttpConfiguration(); httpsConfig.addCustomizer(new SecureRequestCustomizer()); final ServerConnector sslConnector = new ServerConnector(jettyServer, new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(httpsConfig)); sslConnector.setPort(config.getInt(DrillOnYarnConfig.HTTP_PORT));
private ServerConnector createHttpsChannelConnector( Server server, HttpConfiguration httpConfig) { httpConfig.setSecureScheme(HTTPS_SCHEME); httpConfig.addCustomizer(new SecureRequestCustomizer()); ServerConnector conn = createHttpChannelConnector(server, httpConfig); SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setNeedClientAuth(needsClientAuth); sslContextFactory.setKeyManagerPassword(keyPassword); if (keyStore != null) { sslContextFactory.setKeyStorePath(keyStore); sslContextFactory.setKeyStoreType(keyStoreType); sslContextFactory.setKeyStorePassword(keyStorePassword); } if (trustStore != null) { sslContextFactory.setTrustStorePath(trustStore); sslContextFactory.setTrustStoreType(trustStoreType); sslContextFactory.setTrustStorePassword(trustStorePassword); } if(null != excludeCiphers && !excludeCiphers.isEmpty()) { sslContextFactory.setExcludeCipherSuites( StringUtils.getTrimmedStrings(excludeCiphers)); LOG.info("Excluded Cipher List:" + excludeCiphers); } conn.addFirstConnectionFactory(new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString())); return conn; } }
String trustStorePath, String trustStoreData, String trustStorePassword, String[] excludedCipherSuites) throws Exception { SslContextFactory sslContextFactory = new SslContextFactory(); keyManagerPassword = keyStorePassword; sslContextFactory.setTrustAll(true); sslContextFactory.setKeyStore(keyStore); sslContextFactory.setKeyStorePassword(keyStorePassword); if(StringUtils.isBlank(keyManagerPassword)){ ServerConnector connector = new ServerConnector(server, new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.toString()), new HttpConnectionFactory() ); connector.setHost(address.getHostName()); connector.setPort(address.getPort());
HttpConfiguration httpsConfig = new HttpConfiguration(httpConfig); httpsConfig.setSecureScheme("https"); httpsConfig.setSecurePort(httpsPort); httpsConfig.addCustomizer(new SecureRequestCustomizer()); sslConnector = new ServerConnector(server, new ProxyConnectionFactory(), new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(httpsConfig)); } else { sslConnector = new ServerConnector(server, new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(httpsConfig)); sslConnector.setPort(httpsPort); sslConnector.setIdleTimeout(idleTimeout); if (listenHost != null) {