本文整理汇总了Java中io.netty.handler.ssl.SslContextBuilder.forClient方法的典型用法代码示例。如果您正苦于以下问题:Java SslContextBuilder.forClient方法的具体用法?Java SslContextBuilder.forClient怎么用?Java SslContextBuilder.forClient使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类io.netty.handler.ssl.SslContextBuilder
的用法示例。
在下文中一共展示了SslContextBuilder.forClient方法的13个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: shouldEnableSslWithSslContextProgrammaticallySpecified
import io.netty.handler.ssl.SslContextBuilder; //导入方法依赖的package包/类
@Test
public void shouldEnableSslWithSslContextProgrammaticallySpecified() throws Exception {
// just for testing - this is not good for production use
final SslContextBuilder builder = SslContextBuilder.forClient();
builder.trustManager(InsecureTrustManagerFactory.INSTANCE);
builder.sslProvider(SslProvider.JDK);
final Cluster cluster = Cluster.build().enableSsl(true).sslContext(builder.build()).create();
final Client client = cluster.connect();
try {
// this should return "nothing" - there should be no exception
assertEquals("test", client.submit("'test'").one().getString());
} finally {
cluster.close();
}
}
示例2: getUpstreamServerSslContext
import io.netty.handler.ssl.SslContextBuilder; //导入方法依赖的package包/类
/**
* Creates a netty SslContext for use when connecting to upstream servers. Retrieves the list of trusted root CAs
* from the trustSource. When trustSource is true, no upstream certificate verification will be performed.
* <b>This will make it possible for attackers to MITM communications with the upstream server</b>, so always
* supply an appropriate trustSource except in extraordinary circumstances (e.g. testing with dynamically-generated
* certificates).
*
* @param cipherSuites cipher suites to allow when connecting to the upstream server
* @param trustSource the trust store that will be used to validate upstream servers' certificates, or null to accept all upstream server certificates
* @return an SSLContext to connect to upstream servers with
*/
public static SslContext getUpstreamServerSslContext(Collection<String> cipherSuites, TrustSource trustSource) {
SslContextBuilder sslContextBuilder = SslContextBuilder.forClient();
if (trustSource == null) {
log.warn("Disabling upstream server certificate verification. This will allow attackers to intercept communications with upstream servers.");
sslContextBuilder.trustManager(InsecureTrustManagerFactory.INSTANCE);
} else {
sslContextBuilder.trustManager(trustSource.getTrustedCAs());
}
sslContextBuilder.ciphers(cipherSuites, SupportedCipherSuiteFilter.INSTANCE);
try {
return sslContextBuilder.build();
} catch (SSLException e) {
throw new SslContextInitializationException("Error creating new SSL context for connection to upstream server", e);
}
}
示例3: NettyCenter
import io.netty.handler.ssl.SslContextBuilder; //导入方法依赖的package包/类
/**
* 私有构造函数
*/
private NettyCenter() {
int maybeThreadSize = Runtime.getRuntime().availableProcessors();
if (maybeThreadSize == 1) maybeThreadSize += 2;
else if (maybeThreadSize == 8) maybeThreadSize = 2;
else if (maybeThreadSize > 8) maybeThreadSize /= 2;
/**
* 构造事件循环组
*/
eventLoopGroup = new NioEventLoopGroup(maybeThreadSize, new DefaultThreadFactory("NettyNioLoopGroup"));
/**
* 构造定时器
*/
hashedWheelTimer = new HashedWheelTimer(new DefaultThreadFactory("NettyHashedWheelTimer"));
/**
* 构造 SSL 环境
*/
try {
SslContextBuilder sslContextBuilder = SslContextBuilder.forClient();
sslContextBuilder.clientAuth(ClientAuth.OPTIONAL);
simpleClientSslContext = sslContextBuilder.build();
} catch (Throwable e) {
log.error("NettyCenter :: initialize client sslcontext error!", e);
}
}
示例4: shouldEnableSslWithSslContextProgrammaticallySpecified
import io.netty.handler.ssl.SslContextBuilder; //导入方法依赖的package包/类
@Test
public void shouldEnableSslWithSslContextProgrammaticallySpecified() throws Exception {
// just for testing - this is not good for production use
final SslContextBuilder builder = SslContextBuilder.forClient();
builder.trustManager(InsecureTrustManagerFactory.INSTANCE);
builder.sslProvider(SslProvider.JDK);
final Cluster cluster = TestClientFactory.build().enableSsl(true).sslContext(builder.build()).create();
final Client client = cluster.connect();
try {
// this should return "nothing" - there should be no exception
assertEquals("test", client.submit("'test'").one().getString());
} finally {
cluster.close();
}
}
示例5: newSession
import io.netty.handler.ssl.SslContextBuilder; //导入方法依赖的package包/类
@Override
public CassandraSession newSession(CassandraSinkConnectorConfig config) {
Cluster.Builder clusterBuilder = Cluster.builder()
.withPort(config.port)
.addContactPoints(config.contactPoints)
.withProtocolVersion(ProtocolVersion.NEWEST_SUPPORTED);
if (config.securityEnabled) {
clusterBuilder.withCredentials(config.username, config.password);
}
if (config.sslEnabled) {
final SslContextBuilder sslContextBuilder = SslContextBuilder.forClient();
sslContextBuilder.sslProvider(config.sslProvider);
final SslContext context;
try {
context = sslContextBuilder.build();
} catch (SSLException e) {
throw new ConnectException(e);
}
final SSLOptions sslOptions = new RemoteEndpointAwareNettySSLOptions(context);
clusterBuilder.withSSL(sslOptions);
}
clusterBuilder.withCompression(config.compression);
Cluster cluster = clusterBuilder.build();
log.info("Creating session");
final Session session = cluster.newSession();
return new CassandraSessionImpl(config, cluster, session);
}
示例6: getSSLSocketFactory
import io.netty.handler.ssl.SslContextBuilder; //导入方法依赖的package包/类
protected SSLSocketFactory getSSLSocketFactory() throws Exception {
SslContextBuilder builder = SslContextBuilder.forClient();
builder.applicationProtocolConfig(ApplicationProtocolConfig.DISABLED);
// Use server cert / key on client side
builder.keyManager(serverCert.key(), (String) null, serverCert.cert());
builder.sslProvider(SslProvider.JDK);
builder.trustManager(clientTrustStoreFile); // Trust the server cert
SslContext ctx = builder.build();
Assert.assertEquals(JdkSslClientContext.class, ctx.getClass());
JdkSslContext jdk = (JdkSslContext) ctx;
SSLContext jdkSslContext = jdk.context();
return jdkSslContext.getSocketFactory();
}
示例7: getSSLSocketFactory
import io.netty.handler.ssl.SslContextBuilder; //导入方法依赖的package包/类
protected SSLSocketFactory getSSLSocketFactory() throws Exception {
SslContextBuilder builder = SslContextBuilder.forClient();
builder.applicationProtocolConfig(ApplicationProtocolConfig.DISABLED);
// Use server cert / key on client side.
builder.keyManager(serverCert.key(), (String) null, serverCert.cert());
builder.sslProvider(SslProvider.JDK);
builder.trustManager(clientTrustStoreFile); // Trust the server cert
SslContext ctx = builder.build();
Assert.assertEquals(JdkSslClientContext.class, ctx.getClass());
JdkSslContext jdk = (JdkSslContext) ctx;
SSLContext jdkSslContext = jdk.context();
return jdkSslContext.getSocketFactory();
}
示例8: setupSslCtx
import io.netty.handler.ssl.SslContextBuilder; //导入方法依赖的package包/类
private void setupSslCtx() throws Exception {
Assert.assertNotNull(clientTrustStoreFile);
SslContextBuilder builder = SslContextBuilder.forClient();
builder.applicationProtocolConfig(ApplicationProtocolConfig.DISABLED);
builder.sslProvider(SslProvider.JDK);
builder.trustManager(clientTrustStoreFile); // Trust the server cert
SslContext ctx = builder.build();
Assert.assertEquals(JdkSslClientContext.class, ctx.getClass());
JdkSslContext jdk = (JdkSslContext) ctx;
sslCtx = jdk.context();
}
示例9: usingNetty
import io.netty.handler.ssl.SslContextBuilder; //导入方法依赖的package包/类
static ClientHttpRequestFactory usingNetty(ClientOptions options,
SslConfiguration sslConfiguration) throws GeneralSecurityException,
IOException {
final Netty4ClientHttpRequestFactory requestFactory = new Netty4ClientHttpRequestFactory();
if (hasSslConfiguration(sslConfiguration)) {
SslContextBuilder sslContextBuilder = SslContextBuilder //
.forClient();
if (sslConfiguration.getTrustStoreConfiguration().isPresent()) {
sslContextBuilder
.trustManager(createTrustManagerFactory(sslConfiguration
.getTrustStoreConfiguration()));
}
if (sslConfiguration.getKeyStoreConfiguration().isPresent()) {
sslContextBuilder.keyManager(createKeyManagerFactory(sslConfiguration
.getKeyStoreConfiguration()));
}
requestFactory.setSslContext(sslContextBuilder.sslProvider(
SslProvider.JDK).build());
}
requestFactory.setConnectTimeout(Math.toIntExact(options
.getConnectionTimeout().toMillis()));
requestFactory.setReadTimeout(Math.toIntExact(options.getReadTimeout()
.toMillis()));
return requestFactory;
}
示例10: createNettySslContext
import io.netty.handler.ssl.SslContextBuilder; //导入方法依赖的package包/类
public static SslContext createNettySslContext(boolean allowInsecureConnection, String trustCertsFilePath,
Certificate[] certificates, PrivateKey privateKey) throws GeneralSecurityException, SSLException, FileNotFoundException {
SslContextBuilder builder = SslContextBuilder.forClient();
if (allowInsecureConnection) {
builder.trustManager(InsecureTrustManagerFactory.INSTANCE);
} else {
if (trustCertsFilePath != null && trustCertsFilePath.length() != 0) {
builder.trustManager(new FileInputStream(trustCertsFilePath));
}
}
builder.keyManager(privateKey, (X509Certificate[]) certificates);
return builder.build();
}
示例11: sslSupport
import io.netty.handler.ssl.SslContextBuilder; //导入方法依赖的package包/类
/**
* Enable default sslContext support and enable further customization via the passed
* configurator. The builder will then produce the {@link SslContext} to be passed to
* {@link #sslContext(SslContext)}.
*
* @param configurator builder callback for further customization.
* @return {@code this}
*/
public final BUILDER sslSupport(Consumer<? super SslContextBuilder> configurator) {
Objects.requireNonNull(configurator, "configurator");
try {
SslContextBuilder builder = SslContextBuilder.forClient();
configurator.accept(builder);
return sslContext(builder.build());
}
catch (Exception sslException) {
throw Exceptions.bubble(sslException);
}
}
示例12: HttpClientPipelineConfigurator
import io.netty.handler.ssl.SslContextBuilder; //导入方法依赖的package包/类
HttpClientPipelineConfigurator(HttpClientFactory clientFactory, SessionProtocol sessionProtocol) {
this.clientFactory = clientFactory;
if (sessionProtocol == HTTP || sessionProtocol == HTTPS) {
httpPreference = HttpPreference.HTTP2_PREFERRED;
} else if (sessionProtocol == H1 || sessionProtocol == H1C) {
httpPreference = HttpPreference.HTTP1_REQUIRED;
} else if (sessionProtocol == H2 || sessionProtocol == H2C) {
httpPreference = HttpPreference.HTTP2_REQUIRED;
} else {
// Should never reach here.
throw new Error();
}
if (sessionProtocol.isTls()) {
try {
final SslContextBuilder builder = SslContextBuilder.forClient();
builder.sslProvider(
Flags.useOpenSsl() ? SslProvider.OPENSSL : SslProvider.JDK);
clientFactory.sslContextCustomizer().accept(builder);
if (httpPreference == HttpPreference.HTTP2_REQUIRED ||
httpPreference == HttpPreference.HTTP2_PREFERRED) {
builder.ciphers(Http2SecurityUtil.CIPHERS, SupportedCipherSuiteFilter.INSTANCE)
.applicationProtocolConfig(new ApplicationProtocolConfig(
ApplicationProtocolConfig.Protocol.ALPN,
// NO_ADVERTISE is currently the only mode supported by both OpenSsl and
// JDK providers.
ApplicationProtocolConfig.SelectorFailureBehavior.NO_ADVERTISE,
// ACCEPT is currently the only mode supported by both OpenSsl and JDK
// providers.
ApplicationProtocolConfig.SelectedListenerFailureBehavior.ACCEPT,
ApplicationProtocolNames.HTTP_2));
}
sslCtx = builder.build();
} catch (SSLException e) {
throw new IllegalStateException("failed to create an SslContext", e);
}
} else {
sslCtx = null;
}
}
示例13: build
import io.netty.handler.ssl.SslContextBuilder; //导入方法依赖的package包/类
@Override
public SSLOptions build() {
SslContextBuilder sslContextBuilder = SslContextBuilder.forClient();
if (provider != null) {
sslContextBuilder.sslProvider(provider);
}
if (ciphers != null) {
sslContextBuilder.ciphers(ciphers);
}
if (clientAuth != null) {
sslContextBuilder.clientAuth(clientAuth);
}
if (sessionCacheSize != null) {
sslContextBuilder.sessionCacheSize(sessionCacheSize);
}
if (sessionTimeout != null) {
sslContextBuilder.sessionTimeout(sessionTimeout.toSeconds());
}
if (trustCertChainFile != null) {
sslContextBuilder.trustManager(trustCertChainFile);
}
if (keyManager != null) {
sslContextBuilder.keyManager(
keyManager.getKeyCertChainFile(),
keyManager.getKeyFile(),
keyManager.getKeyPassword());
}
SslContext sslContext;
try {
sslContext = sslContextBuilder.build();
} catch (SSLException e) {
throw new RuntimeException("Unable to build Netty SslContext", e);
}
return new NettySSLOptions(sslContext);
}