@Override public void customize(Undertow.Builder builder) { try { SSLContext sslContext = SSLContext.getInstance(this.ssl.getProtocol()); sslContext.init(getKeyManagers(this.ssl, this.sslStoreProvider), getTrustManagers(this.ssl, this.sslStoreProvider), null); builder.addHttpsListener(this.port, getListenAddress(), sslContext); builder.setSocketOption(Options.SSL_CLIENT_AUTH_MODE, getSslClientAuthMode(this.ssl)); if (this.ssl.getEnabledProtocols() != null) { builder.setSocketOption(Options.SSL_ENABLED_PROTOCOLS, Sequence.of(this.ssl.getEnabledProtocols())); } if (this.ssl.getCiphers() != null) { builder.setSocketOption(Options.SSL_ENABLED_CIPHER_SUITES, Sequence.of(this.ssl.getCiphers())); } } catch (NoSuchAlgorithmException | KeyManagementException ex) { throw new IllegalStateException(ex); } }
protected SslContextBuilder getContextBuilder() { SslContextBuilder builder = SslContextBuilder .forServer(getKeyManagerFactory(this.ssl, this.sslStoreProvider)) .trustManager(getTrustManagerFactory(this.ssl, this.sslStoreProvider)); if (this.ssl.getEnabledProtocols() != null) { builder.protocols(this.ssl.getEnabledProtocols()); } if (this.ssl.getCiphers() != null) { builder.ciphers(Arrays.asList(this.ssl.getCiphers())); } if (this.ssl.getClientAuth() == Ssl.ClientAuth.NEED) { builder.clientAuth(ClientAuth.REQUIRE); } else if (this.ssl.getClientAuth() == Ssl.ClientAuth.WANT) { builder.clientAuth(ClientAuth.OPTIONAL); } return builder; }
final String[] ciphers = ssl.getCiphers(); if (ciphers != null) { sslBuilder.ciphers(ImmutableList.copyOf(ciphers));
configureSslPasswords(factory, ssl); factory.setCertAlias(ssl.getKeyAlias()); if (!ObjectUtils.isEmpty(ssl.getCiphers())) { factory.setIncludeCipherSuites(ssl.getCiphers()); factory.setExcludeCipherSuites();
protocol.setKeyPass(ssl.getKeyPassword()); protocol.setKeyAlias(ssl.getKeyAlias()); String ciphers = StringUtils.arrayToCommaDelimitedString(ssl.getCiphers()); if (StringUtils.hasText(ciphers)) { protocol.setCiphers(ciphers);
scsp.setSecureSocketProtocols(sspp); CipherSuitesParameters csp = new CipherSuitesParameters(); csp.setCipherSuite(Arrays.asList(sslConfig.getCiphers())); scsp.setCipherSuites(csp);