@Override public void customize(Undertow.Builder builder) { try { SSLContext sslContext = SSLContext.getInstance(this.ssl.getProtocol()); sslContext.init(getKeyManagers(this.ssl, this.sslStoreProvider), getTrustManagers(this.ssl, this.sslStoreProvider), null); builder.addHttpsListener(this.port, getListenAddress(), sslContext); builder.setSocketOption(Options.SSL_CLIENT_AUTH_MODE, getSslClientAuthMode(this.ssl)); if (this.ssl.getEnabledProtocols() != null) { builder.setSocketOption(Options.SSL_ENABLED_PROTOCOLS, Sequence.of(this.ssl.getEnabledProtocols())); } if (this.ssl.getCiphers() != null) { builder.setSocketOption(Options.SSL_ENABLED_CIPHER_SUITES, Sequence.of(this.ssl.getCiphers())); } } catch (NoSuchAlgorithmException | KeyManagementException ex) { throw new IllegalStateException(ex); } }
protected SslContextBuilder getContextBuilder() { SslContextBuilder builder = SslContextBuilder .forServer(getKeyManagerFactory(this.ssl, this.sslStoreProvider)) .trustManager(getTrustManagerFactory(this.ssl, this.sslStoreProvider)); if (this.ssl.getEnabledProtocols() != null) { builder.protocols(this.ssl.getEnabledProtocols()); } if (this.ssl.getCiphers() != null) { builder.ciphers(Arrays.asList(this.ssl.getCiphers())); } if (this.ssl.getClientAuth() == Ssl.ClientAuth.NEED) { builder.clientAuth(ClientAuth.REQUIRE); } else if (this.ssl.getClientAuth() == Ssl.ClientAuth.WANT) { builder.clientAuth(ClientAuth.OPTIONAL); } return builder; }
.trustManager(getTrustManagerFactory(ssl, sslStoreProvider)); final String[] enabledProtocols = ssl.getEnabledProtocols(); if (enabledProtocols != null) { sslBuilder.protocols(enabledProtocols.clone());
factory.setExcludeCipherSuites(); if (ssl.getEnabledProtocols() != null) { factory.setIncludeProtocols(ssl.getEnabledProtocols());
protocol.setCiphers(ciphers); if (ssl.getEnabledProtocols() != null) { for (SSLHostConfig sslHostConfig : protocol.findSslHostConfigs()) { sslHostConfig.setProtocols(StringUtils .arrayToCommaDelimitedString(ssl.getEnabledProtocols()));
sspp.setSecureSocketProtocol(Arrays.asList(sslConfig.getEnabledProtocols())); scsp.setSecureSocketProtocols(sspp); CipherSuitesParameters csp = new CipherSuitesParameters();