@Bean @Profile("production") EmbeddedServletContainerCustomizer containerCustomizer( @Value("${keystore.file}") Resource keystoreFile, @Value("${keystore.pass}") String keystorePass) throws Exception { String absoluteKeystoreFile = keystoreFile.getFile().getAbsolutePath(); return (ConfigurableEmbeddedServletContainer container) -> { TomcatEmbeddedServletContainerFactory tomcat = (TomcatEmbeddedServletContainerFactory) container; tomcat.addConnectorCustomizers( (connector) -> { connector.setPort(8443); connector.setSecure(true); connector.setScheme("https"); Http11NioProtocol proto = (Http11NioProtocol) connector.getProtocolHandler(); proto.setSSLEnabled(true); proto.setKeystoreFile(absoluteKeystoreFile); proto.setKeystorePass(keystorePass); proto.setKeystoreType("PKCS12"); proto.setKeyAlias("tomcat"); } ); }; }
@Profile("https") @Bean EmbeddedServletContainerCustomizer https(@Value("${keystore.file}") Resource keystoreFile, @Value("${keystore.pass}") String keystorePass) throws Exception { String absoluteKeystoreFile = keystoreFile.getFile().getAbsolutePath(); return (ConfigurableEmbeddedServletContainer container) -> { if (container instanceof TomcatEmbeddedServletContainerFactory) { TomcatEmbeddedServletContainerFactory tomcat = (TomcatEmbeddedServletContainerFactory) container; tomcat.addConnectorCustomizers( (connector) -> { connector.setPort(8443); connector.setSecure(true); connector.setScheme("https"); Http11NioProtocol proto = (Http11NioProtocol) connector.getProtocolHandler(); proto.setSSLEnabled(true); proto.setKeystoreFile(absoluteKeystoreFile); proto.setKeystorePass(keystorePass); proto.setKeystoreType("PKCS12"); proto.setKeyAlias("tomcat"); } ); } }; }
connector.setScheme("https"); Http11NioProtocol proto = (Http11NioProtocol) connector.getProtocolHandler(); proto.setSSLEnabled(true); proto.setKeystoreFile(absoluteKeystoreFile); proto.setKeystorePass(keystorePass);
private Connector createSslConnector() { Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol"); Http11NioProtocol protocol = (Http11NioProtocol) connector.getProtocolHandler(); try { File truststore = new File("/Users/liaokailin/software/ca1/keystore"); connector.setScheme("https"); protocol.setSSLEnabled(true); connector.setSecure(true); connector.setPort(8443); protocol.setKeystoreFile(truststore.getAbsolutePath()); protocol.setKeystorePass("123456"); protocol.setKeyAlias("springboot"); return connector; } catch (Exception ex) { throw new IllegalStateException("cant access keystore: [" + "keystore" + "] ", ex); } }
private Connector createSslConnector() { Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol"); Http11NioProtocol protocol = (Http11NioProtocol) connector.getProtocolHandler(); try { File keystore = new ClassPathResource(keystorePath).getFile(); connector.setScheme(HTTPS_SCHEME); connector.setSecure(true); connector.setPort(Integer.parseInt(httpsPort)); protocol.setSSLEnabled(true); protocol.setKeystoreFile(keystore.getAbsolutePath()); protocol.setKeystorePass(keystorePasswd); protocol.setTruststoreFile(keystore.getAbsolutePath()); protocol.setTruststorePass(truststorePasswd); protocol.setKeyAlias(keyAlias); return connector; } catch (IOException ex) { throw new IllegalStateException("cant access keystore: [" + "keystore" + "] or truststore: [" + "keystore" + "]", ex); } } }
/** * Configures ssl connector * * @return */ Connector createSslConnector() { log.info("About to start ssl connector at port {} with {} keystoreFile", tlsPort, keystoreFile); final String absoluteKeystoreFile = new File(keystoreFile).getAbsolutePath(); Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol"); connector.setPort(tlsPort); connector.setSecure(true); connector.setScheme("https"); Http11NioProtocol proto = (Http11NioProtocol) connector.getProtocolHandler(); proto.setSSLEnabled(true); proto.setKeystoreFile(absoluteKeystoreFile); proto.setKeystorePass(keystorePass); proto.setKeystoreType("PKCS12"); proto.setSslProtocol("TLSv1.2"); proto.setKeyAlias("tomcat"); return connector; }
@Bean public EmbeddedServletContainerFactory servletContainer() { TomcatEmbeddedServletContainerFactory tomcat = new TomcatEmbeddedServletContainerFactory(); tomcat.addConnectorCustomizers((TomcatConnectorCustomizer) connector -> { connector.setScheme("https"); connector.setPort(cfg.getPort()); Http11NioProtocol protocol = (Http11NioProtocol) connector.getProtocolHandler(); protocol.setSSLEnabled(true); protocol.setSSLCertificateKeyFile(cfg.getKey()); protocol.setSSLCertificateFile(cfg.getCert()); cfg.getChain().ifPresent(protocol::setSSLCertificateChainFile); }); return tomcat; }
private Connector createSslConnector() { Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol"); Http11NioProtocol protocol = (Http11NioProtocol) connector.getProtocolHandler(); try { connector.setScheme("https"); connector.setSecure(true); connector.setPort(tlsPort); File keystore = getKeyStoreFile(); File truststore = keystore; protocol.setSSLEnabled(true); protocol.setKeystoreFile(keystore.getAbsolutePath()); protocol.setKeystorePass(sslKeystorePassword); protocol.setTruststoreFile(truststore.getAbsolutePath()); protocol.setTruststorePass(sslKeystorePassword); protocol.setKeyAlias(sslKeystoreAlias); return connector; } catch (IOException ex) { throw new IllegalStateException( "can't access keystore: [" + "keystore" + "] or truststore: [" + "keystore" + "]", ex); } }
private void customizeConnector(Connector connector, JFrogServerBootstrap bootstrap) { connector.setPort(bootstrap.getHttpPort()); if (!bootstrap.isHttpTlsEnabled()) { return; } connector.setScheme("https"); connector.setSecure(true); Http11NioProtocol protocol = (Http11NioProtocol) connector.getProtocolHandler(); protocol.setSSLEnabled(true); protocol.setKeystoreType("PKCS12"); protocol.setKeystoreFile(bootstrap.getKeyStoreFile().getAbsolutePath()); protocol.setKeystorePass(bootstrap.getKeyStorePassword()); protocol.setKeyPass(bootstrap.getKeyStorePassword()); protocol.setKeyAlias(bootstrap.getKeyStoreCertificateAlias()); } }
private Connector createSslConnector(EmbeddedArgs args) { System.out.println("Creating SSL connector on port " + args.getSecurePort()); Connector connector = new Connector(Http11NioProtocol.class.getName()); Http11NioProtocol protocol = (Http11NioProtocol)connector.getProtocolHandler(); connector.setScheme("https"); connector.setSecure(true); connector.setPort(args.getSecurePort()); protocol.setSSLEnabled(true); if (EmbeddedUtils.isNotBlank(args.getKeystoreFile())) { protocol.setKeystoreFile(args.getKeystoreFile()); } if (EmbeddedUtils.isNotBlank(args.getKeystorePass())) { protocol.setKeystorePass(args.getKeystorePass()); } if (EmbeddedUtils.isNotBlank(args.getTruststoreFile())) { protocol.setTruststoreFile(args.getTruststoreFile()); } if (EmbeddedUtils.isNotBlank(args.getTruststorePass())) { protocol.setTruststorePass(args.getTruststorePass()); } if (EmbeddedUtils.isNotBlank(args.getKeyAlias())) { protocol.setKeyAlias(args.getKeyAlias()); } return connector; }
private Connector createSslConnector(EmbeddedArgs args) { System.out.println("Creating SSL connector on port " + args.getSecurePort()); Connector connector = new Connector(Http11NioProtocol.class.getName()); Http11NioProtocol protocol = (Http11NioProtocol)connector.getProtocolHandler(); connector.setScheme("https"); connector.setSecure(true); connector.setPort(args.getSecurePort()); protocol.setSSLEnabled(true); if (StringUtils.isNotBlank(args.getKeystoreFile())) { protocol.setKeystoreFile(args.getKeystoreFile()); } if (StringUtils.isNotBlank(args.getKeystorePass())) { protocol.setKeystorePass(args.getKeystorePass()); } if (StringUtils.isNotBlank(args.getTruststoreFile())) { protocol.setTruststoreFile(args.getTruststoreFile()); } if (StringUtils.isNotBlank(args.getTruststorePass())) { protocol.setTruststorePass(args.getTruststorePass()); } if (StringUtils.isNotBlank(args.getKeyAlias())) { protocol.setKeyAlias(args.getKeyAlias()); } return connector; }