/** * Enables HTTPS for the given {@link NettyHttpService.Builder} based on the configuration in this class. * * @param builder the builder to update * @param <T> type of the builder * @return the builder from the parameter * @throws IllegalArgumentException if keystore is missing * @throws RuntimeException if failed to enable HTTPS */ public <T extends NettyHttpService.Builder> T enable(T builder) { try { KeyManagerFactory kmf = keyManagerFactory; if (kmf == null) { throw new IllegalArgumentException("Missing keystore to enable HTTPS for NettyHttpService"); } // Initialize the SslContext to work with our key managers. SslContextBuilder contextBuilder = SslContextBuilder.forServer(kmf); TrustManagerFactory tmf = this.trustManagerFactory; boolean hasTrustManager = tmf != null && tmf != InsecureTrustManagerFactory.INSTANCE; if (hasTrustManager) { contextBuilder = contextBuilder.trustManager(tmf); } builder.enableSSL(new CustomSSLHandlerFactory(contextBuilder.build(), hasTrustManager)); return builder; } catch (SSLException e) { throw new RuntimeException("Failed to enable HTTPS for NettyHttpService", e); } }
@Override void addSSLConfig(NettyHttpService.Builder builder, Configuration conf) { boolean enableSSL = conf.getBoolean(Constants.EXTERNAL_ENABLE_SSL); if (enableSSL) { builder.enableSSL(getSSLConfig(conf, Constants.EXTERNAL_SSL_KEYSTORE_PATH, Constants.EXTERNAL_SSL_KEYSTORE_PASSWORD, Constants.EXTERNAL_SSL_KEYPASSWORD, Constants.EXTERNAL_SSL_TRUST_KEYSTORE_PATH, Constants.EXTERNAL_SSL_TRUST_KEYPASSWORD)); } } }
@Override void addSSLConfig(NettyHttpService.Builder builder, Configuration conf) { boolean enableSSL = conf.getBoolean(Constants.INTERNAL_ENABLE_SSL); if (enableSSL) { builder.enableSSL(getSSLConfig(conf, Constants.INTERNAL_SSL_KEYSTORE_PATH, Constants.INTERNAL_SSL_KEYSTORE_PASSWORD, Constants.INTERNAL_SSL_KEYPASSWORD, Constants.INTERNAL_SSL_TRUST_KEYSTORE_PATH, Constants.INTERNAL_SSL_TRUST_KEYPASSWORD)); } } }
/** * Enable SSL by using the provided SSL information. * * @param sslConfig the SSL configuration * @return instance of {@code Builder}. */ public Builder enableSSL(SSLConfig sslConfig) { return enableSSL(new SSLHandlerFactory(sslConfig)); }