sslProperties.getTrustStorePass().ifPresent(pass->sslContext.setTrustStorePass(pass));
/** * Start SSL-secured HTTP test server. * * @throws IOException in case there is an error while reading server key store or trust store. * @return an instance of the started SSL-secured HTTP test server. */ public static Server start() throws IOException { // Grizzly ssl configuration SSLContextConfigurator sslContext = new SSLContextConfigurator(); // set up security context sslContext.setKeyStoreFile(KEYSTORE_SERVER_FILE); // contains server keypair sslContext.setKeyStorePass(KEYSTORE_SERVER_PWD); sslContext.setTrustStoreFile(TRUSTORE_SERVER_FILE); // contains client certificate sslContext.setTrustStorePass(TRUSTORE_SERVER_PWD); ResourceConfig rc = new ResourceConfig(); rc.registerClasses(RootResource.class, SecurityFilter.class, AuthenticationExceptionMapper.class); final HttpServer grizzlyServer = GrizzlyHttpServerFactory.createHttpServer( getBaseURI(), rc, true, new SSLEngineConfigurator(sslContext).setClientMode(false).setNeedClientAuth(true) ); // start Grizzly embedded server // LOGGER.info("Jersey app started. Try out " + BASE_URI + "\nHit CTRL + C to stop it..."); grizzlyServer.start(); return new Server(grizzlyServer); }
/** * Initialize server side SSL configuration. * * @return server side {@link SSLEngineConfigurator}. */ private static SSLEngineConfigurator initializeSSL() { // Initialize SSLContext configuration SSLContextConfigurator sslContextConfig = new SSLContextConfigurator(); // Set key store ClassLoader cl = SSLEchoServer.class.getClassLoader(); URL cacertsUrl = cl.getResource("ssltest-cacerts.jks"); if (cacertsUrl != null) { sslContextConfig.setTrustStoreFile(cacertsUrl.getFile()); sslContextConfig.setTrustStorePass("changeit"); } // Set trust store URL keystoreUrl = cl.getResource("ssltest-keystore.jks"); if (keystoreUrl != null) { sslContextConfig.setKeyStoreFile(keystoreUrl.getFile()); sslContextConfig.setKeyStorePass("changeit"); } // Create SSLEngine configurator return new SSLEngineConfigurator(sslContextConfig.createSSLContext(), false, false, false); } }
/** * Initialize server side SSL configuration. * * @return server side {@link SSLEngineConfigurator}. */ private static SSLEngineConfigurator initializeSSL() { // Initialize SSLContext configuration SSLContextConfigurator sslContextConfig = new SSLContextConfigurator(); // Set key store ClassLoader cl = SSLEchoClient.class.getClassLoader(); URL cacertsUrl = cl.getResource("ssltest-cacerts.jks"); if (cacertsUrl != null) { sslContextConfig.setTrustStoreFile(cacertsUrl.getFile()); sslContextConfig.setTrustStorePass("changeit"); } // Set trust store URL keystoreUrl = cl.getResource("ssltest-keystore.jks"); if (keystoreUrl != null) { sslContextConfig.setKeyStoreFile(keystoreUrl.getFile()); sslContextConfig.setKeyStorePass("changeit"); } // Create SSLEngine configurator return new SSLEngineConfigurator(sslContextConfig.createSSLContext(), false, false, false); } }
sslCon.setTrustStorePass(truststorePassword);
private SSLContextConfigurator createSSLContextConfigurator() { SSLContextConfigurator sslContextConfigurator = new SSLContextConfigurator(); ClassLoader cl = getClass().getClassLoader(); // override system properties URL cacertsUrl = cl.getResource("ssltest-cacerts.jks"); if (cacertsUrl != null) { sslContextConfigurator.setTrustStoreFile(cacertsUrl.getFile()); sslContextConfigurator.setTrustStorePass("changeit"); } // override system properties URL keystoreUrl = cl.getResource("ssltest-keystore.jks"); if (keystoreUrl != null) { sslContextConfigurator.setKeyStoreFile(keystoreUrl.getFile()); sslContextConfigurator.setKeyStorePass("changeit"); } return sslContextConfigurator; }
SSLContextConfigurator sslContextConfigurator = new SSLContextConfigurator(); // set up security context sslContextConfigurator.setKeyStoreFile(configuration.getKeystore()); // contains the server keypair sslContextConfigurator.setKeyStorePass(configuration.getKeystorePassword()); sslContextConfigurator.setKeyStoreType(configuration.getKeystoreType()); sslContextConfigurator.setKeyPass(configuration.getKeystoreKeypass()); sslContextConfigurator.setTrustStoreFile(configuration.getTruststore()); // contains the list of trusted certificates sslContextConfigurator.setTrustStorePass(configuration.getTruststorePassword()); sslContextConfigurator.setTrustStoreType(configuration.getTruststoreType()); if (!sslContextConfigurator.validateConfiguration(true)) throw new Exception("Invalid SSL configuration");
@SuppressWarnings("squid:S2177") private SSLContextConfigurator getSslConfig() throws IOException { SSLContextConfigurator defaultConfig = SSLContextConfigurator.DEFAULT_CONFIG; if (!defaultConfig.validateConfiguration(true)) { String keystoreServer = createCertificateStore("keystore_server"); String truststoreServer = createCertificateStore("truststore_server"); defaultConfig.setKeyStoreFile(keystoreServer); defaultConfig.setKeyStorePass("secret"); defaultConfig.setTrustStoreFile(truststoreServer); defaultConfig.setTrustStorePass("secret"); } return defaultConfig; }
private SSLContextConfigurator getSslConfig() throws IOException { if(SSLContextConfigurator.DEFAULT_CONFIG.validateConfiguration(true)) { return SSLContextConfigurator.DEFAULT_CONFIG; } SSLContextConfigurator defaultConfig = SSLContextConfigurator.DEFAULT_CONFIG; String keystore_server = createCertificateStore("keystore_server"); String truststore_server = createCertificateStore("truststore_server"); defaultConfig.setKeyStoreFile(keystore_server); defaultConfig.setKeyStorePass("secret"); defaultConfig.setTrustStoreFile(truststore_server); defaultConfig.setTrustStorePass("secret"); return defaultConfig; }
sslProperties.getTrustStorePass().ifPresent(pass->sslContext.setTrustStorePass(pass));
sslProperties.getTrustStorePass().ifPresent(pass->sslContext.setTrustStorePass(pass));
private static SSLEngineConfigurator createSSLConfig() throws Exception { final SSLContextConfigurator sslContextConfigurator = new SSLContextConfigurator(); final ClassLoader cl = GrizzlyFeedableBodyGeneratorTest.class.getClassLoader(); // override system properties final URL cacertsUrl = cl.getResource("ssltest-cacerts.jks"); if (cacertsUrl != null) { sslContextConfigurator.setTrustStoreFile(cacertsUrl.getFile()); sslContextConfigurator.setTrustStorePass("changeit"); } // override system properties final URL keystoreUrl = cl.getResource("ssltest-keystore.jks"); if (keystoreUrl != null) { sslContextConfigurator.setKeyStoreFile(keystoreUrl.getFile()); sslContextConfigurator.setKeyStorePass("changeit"); } return new SSLEngineConfigurator( sslContextConfigurator.createSSLContext(false), false, false, false); }
if (cacerts != null) { sslContextConfigurator.setTrustStoreFile(cacerts.getAbsolutePath()); sslContextConfigurator.setTrustStorePass(TRUSTSTORE_PASSWORD);
if (cacerts != null) { sslContextConfigurator.setTrustStoreFile(cacerts.getAbsolutePath()); sslContextConfigurator.setTrustStorePass(TRUSTSTORE_PASSWORD);
private static SSLContextConfigurator createSSLContextConfigurator() { SSLContextConfigurator sslContextConfigurator = new SSLContextConfigurator(); ClassLoader cl = SNITest.class.getClassLoader(); // override system properties URL cacertsUrl = cl.getResource("ssltest-cacerts.jks"); if (cacertsUrl != null) { sslContextConfigurator.setTrustStoreFile(cacertsUrl.getFile()); sslContextConfigurator.setTrustStorePass("changeit"); } // override system properties URL keystoreUrl = cl.getResource("ssltest-keystore.jks"); if (keystoreUrl != null) { sslContextConfigurator.setKeyStoreFile(keystoreUrl.getFile()); sslContextConfigurator.setKeyStorePass("changeit"); } return sslContextConfigurator; } }
sslContext.setKeyStorePass("password"); sslContext.setTrustStoreFile("path_to_my_truststore"); sslContext.setTrustStorePass("password"); sslContext.setSecurityProtocol("TLSv1.2"); SSLEngineConfigurator sslEngineConfigurator = new SSLEngineConfigurator(sslContext);
sslContextConfigurator.setTrustStorePass(serverConfig.sslTrustStorePass);