private static TrustManagerFactory getTrustManagerFactory( Ssl ssl, @Nullable SslStoreProvider sslStoreProvider) throws Exception { final KeyStore store; if (sslStoreProvider != null) { store = sslStoreProvider.getTrustStore(); } else { store = loadKeyStore(ssl.getTrustStoreType(), ssl.getTrustStore(), ssl.getTrustStorePassword()); } final TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); trustManagerFactory.init(store); return trustManagerFactory; }
@Override protected URLConnection openConnection(URL url) throws IOException { try { if (KEY_STORE_PATH.equals(url.getPath())) { return new KeyStoreUrlConnection(url, SslStoreProviderUrlStreamHandlerFactory.this.sslStoreProvider .getKeyStore()); } if (TRUST_STORE_PATH.equals(url.getPath())) { return new KeyStoreUrlConnection(url, SslStoreProviderUrlStreamHandlerFactory.this.sslStoreProvider .getTrustStore()); } } catch (Exception ex) { throw new IOException(ex); } throw new IOException("Invalid path: " + url.getPath()); } };
private KeyStore getTrustStore(Ssl ssl, SslStoreProvider sslStoreProvider) throws Exception { if (sslStoreProvider != null) { return sslStoreProvider.getTrustStore(); } return loadKeyStore(ssl.getTrustStoreType(), ssl.getTrustStoreProvider(), ssl.getTrustStore(), ssl.getTrustStorePassword()); }
private KeyStore getTrustStore(Ssl ssl, SslStoreProvider sslStoreProvider) throws Exception { if (sslStoreProvider != null) { return sslStoreProvider.getTrustStore(); } return loadKeyStore(ssl.getTrustStoreType(), ssl.getTrustStoreProvider(), ssl.getTrustStore(), ssl.getTrustStorePassword()); }
protected void configureSslStoreProvider(AbstractHttp11JsseProtocol<?> protocol, SslStoreProvider sslStoreProvider) { Assert.isInstanceOf(Http11NioProtocol.class, protocol, "SslStoreProvider can only be used with Http11NioProtocol"); TomcatURLStreamHandlerFactory instance = TomcatURLStreamHandlerFactory .getInstance(); instance.addUserFactory( new SslStoreProviderUrlStreamHandlerFactory(sslStoreProvider)); try { if (sslStoreProvider.getKeyStore() != null) { protocol.setKeystorePass(""); protocol.setKeystoreFile( SslStoreProviderUrlStreamHandlerFactory.KEY_STORE_URL); } if (sslStoreProvider.getTrustStore() != null) { protocol.setTruststorePass(""); protocol.setTruststoreFile( SslStoreProviderUrlStreamHandlerFactory.TRUST_STORE_URL); } } catch (Exception ex) { throw new WebServerException("Could not load store: " + ex.getMessage(), ex); } }
try { factory.setKeyStore(sslStoreProvider.getKeyStore()); factory.setTrustStore(sslStoreProvider.getTrustStore());