本文整理匯總了Java中org.eclipse.jetty.util.ssl.SslContextFactory.setTrustStorePath方法的典型用法代碼示例。如果您正苦於以下問題:Java SslContextFactory.setTrustStorePath方法的具體用法?Java SslContextFactory.setTrustStorePath怎麽用?Java SslContextFactory.setTrustStorePath使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在類org.eclipse.jetty.util.ssl.SslContextFactory的用法示例。
在下文中一共展示了SslContextFactory.setTrustStorePath方法的13個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Java代碼示例。
示例1: getSslContextFactory
import org.eclipse.jetty.util.ssl.SslContextFactory; //導入方法依賴的package包/類
public SslContextFactory getSslContextFactory() throws GeneralSecurityException, IOException {
SslContextFactory sslContextFactory = new SslContextFactory();
KeyStore keyStore = KeyStore.getInstance(properties.getProperty(MINIFI_C2_SERVER_KEYSTORE_TYPE));
Path keyStorePath = Paths.get(C2_SERVER_HOME).resolve(properties.getProperty(MINIFI_C2_SERVER_KEYSTORE)).toAbsolutePath();
logger.debug("keystore path: " + keyStorePath);
try (InputStream inputStream = Files.newInputStream(keyStorePath)) {
keyStore.load(inputStream, properties.getProperty(MINIFI_C2_SERVER_KEYSTORE_PASSWD).toCharArray());
}
sslContextFactory.setKeyStore(keyStore);
sslContextFactory.setKeyManagerPassword(properties.getProperty(MINIFI_C2_SERVER_KEY_PASSWD));
sslContextFactory.setWantClientAuth(true);
String trustStorePath = Paths.get(C2_SERVER_HOME).resolve(properties.getProperty(MINIFI_C2_SERVER_TRUSTSTORE)).toAbsolutePath().toFile().getAbsolutePath();
logger.debug("truststore path: " + trustStorePath);
sslContextFactory.setTrustStorePath(trustStorePath);
sslContextFactory.setTrustStoreType(properties.getProperty(MINIFI_C2_SERVER_TRUSTSTORE_TYPE));
sslContextFactory.setTrustStorePassword(properties.getProperty(MINIFI_C2_SERVER_TRUSTSTORE_PASSWD));
try {
sslContextFactory.start();
} catch (Exception e) {
throw new IOException(e);
}
return sslContextFactory;
}
示例2: createSSLServerConnector
import org.eclipse.jetty.util.ssl.SslContextFactory; //導入方法依賴的package包/類
private ServerConnector createSSLServerConnector(Connector connectorConfig)
{
SslContextFactory sslFact = new SslContextFactory();
if (StringUtils.isNotBlank(connectorConfig.getKeyStorePath()))
{
sslFact.setKeyStorePath(connectorConfig.getKeyStorePath());
}
if (StringUtils.isNotBlank(connectorConfig.getKeyStorePassword()))
{
sslFact.setKeyStorePassword(connectorConfig.getKeyStorePassword());
}
if (StringUtils.isNotBlank(connectorConfig.getKeyManagerPassword()))
{
sslFact.setKeyManagerPassword(connectorConfig.getKeyManagerPassword());
}
if (StringUtils.isNotBlank(connectorConfig.getTrustStorePath()))
{
sslFact.setTrustStorePath(connectorConfig.getTrustStorePath());
}
if (StringUtils.isNotBlank(connectorConfig.getTrustStorePassword()))
{
sslFact.setTrustStorePassword(connectorConfig.getTrustStorePassword());
}
return new ServerConnector(internal, sslFact);
}
示例3: addHttpsConnector
import org.eclipse.jetty.util.ssl.SslContextFactory; //導入方法依賴的package包/類
public static void addHttpsConnector(Server server, int port) throws IOException, URISyntaxException {
String keyStoreFile = resourceAsFile("ssltest-keystore.jks").getAbsolutePath();
SslContextFactory sslContextFactory = new SslContextFactory(keyStoreFile);
sslContextFactory.setKeyStorePassword("changeit");
String trustStoreFile = resourceAsFile("ssltest-cacerts.jks").getAbsolutePath();
sslContextFactory.setTrustStorePath(trustStoreFile);
sslContextFactory.setTrustStorePassword("changeit");
HttpConfiguration httpsConfig = new HttpConfiguration();
httpsConfig.setSecureScheme("https");
httpsConfig.setSecurePort(port);
httpsConfig.addCustomizer(new SecureRequestCustomizer());
ServerConnector connector = new ServerConnector(server, new SslConnectionFactory(sslContextFactory, "http/1.1"), new HttpConnectionFactory(httpsConfig));
connector.setPort(port);
server.addConnector(connector);
}
示例4: createSecureConnector
import org.eclipse.jetty.util.ssl.SslContextFactory; //導入方法依賴的package包/類
private void createSecureConnector(Properties properties) {
SslContextFactory ssl = new SslContextFactory();
if (properties.getProperty(KEYSTORE_LOCATION_KEY) != null) {
ssl.setKeyStorePath(properties.getProperty(KEYSTORE_LOCATION_KEY));
ssl.setKeyStorePassword(properties.getProperty(KEYSTORE_PASSWORD_KEY));
ssl.setKeyStoreType(properties.getProperty(KEYSTORE_TYPE_KEY));
}
if (properties.getProperty(TRUSTSTORE_LOCATION_KEY) != null) {
ssl.setTrustStorePath(properties.getProperty(TRUSTSTORE_LOCATION_KEY));
ssl.setTrustStorePassword(properties.getProperty(TRUSTSTORE_PASSWORD_KEY));
ssl.setTrustStoreType(properties.getProperty(TRUSTSTORE_TYPE_KEY));
ssl.setNeedClientAuth(Boolean.parseBoolean(properties.getProperty(NEED_CLIENT_AUTH_KEY, "true")));
}
// build the connector
final ServerConnector https = new ServerConnector(jetty, ssl);
// set host and port
https.setPort(Integer.parseInt(properties.getProperty(PORT_KEY, "0")));
https.setHost(properties.getProperty(HOST_KEY, "localhost"));
// Severely taxed environments may have significant delays when executing.
https.setIdleTimeout(30000L);
// add the connector
jetty.addConnector(https);
logger.info("Added an https connector on the host '{}' and port '{}'", new Object[]{https.getHost(), https.getPort()});
}
示例5: setUp
import org.eclipse.jetty.util.ssl.SslContextFactory; //導入方法依賴的package包/類
@BeforeClass
public static void setUp() throws Exception {
PullHttpChangeIngestorCommonTest.init();
SslContextFactory ssl = new SslContextFactory();
ssl.setKeyStorePath("./src/test/resources/localhost-ks.jks");
ssl.setKeyStorePassword("localtest");
ssl.setKeyStoreType("JKS");
ssl.setTrustStorePath("./src/test/resources/localhost-ts.jks");
ssl.setTrustStorePassword("localtest");
ssl.setTrustStoreType("JKS");
ssl.setNeedClientAuth(true);
// build the connector
final ServerConnector https = new ServerConnector(jetty, ssl);
// set host and port
https.setPort(0);
https.setHost("localhost");
// Severely taxed environments may have significant delays when executing.
https.setIdleTimeout(30000L);
// add the connector
jetty.addConnector(https);
jetty.start();
Thread.sleep(1000);
if (!jetty.isStarted()) {
throw new IllegalStateException("Jetty server not started");
}
}
示例6: createServer
import org.eclipse.jetty.util.ssl.SslContextFactory; //導入方法依賴的package包/類
private Server createServer(URI endpointURI, boolean needClientAuth) {
if ("ws".equals(endpointURI.getScheme())) {
return new Server(endpointURI.getPort());
}
else if ("wss".equals(endpointURI.getScheme())) {
// see http://git.eclipse.org/c/jetty/org.eclipse.jetty.project.git/tree/examples/embedded/src/main/java/org/eclipse/jetty/embedded/ManyConnectors.java
// http://git.eclipse.org/c/jetty/org.eclipse.jetty.project.git/tree/examples/embedded/src/main/java/org/eclipse/jetty/embedded/LikeJettyXml.java
Server server = new Server();
SslContextFactory sslContextFactory = new SslContextFactory();
sslContextFactory.setKeyStorePath(getStorePath("serverKeyStore.jks"));
sslContextFactory.setKeyStorePassword("passw0rd");
sslContextFactory.setKeyManagerPassword("passw0rd");
sslContextFactory.setCertAlias("default");
sslContextFactory.setNeedClientAuth(needClientAuth);
sslContextFactory.setTrustStorePath(getStorePath("serverTrustStore.jks"));
sslContextFactory.setTrustStorePassword("passw0rd");
HttpConfiguration httpsConfig = new HttpConfiguration();
httpsConfig.addCustomizer(new SecureRequestCustomizer());
ServerConnector https= new ServerConnector(server,
new SslConnectionFactory(sslContextFactory,
HttpVersion.HTTP_1_1.asString()),
new HttpConnectionFactory(httpsConfig));
https.setPort(endpointURI.getPort());
server.addConnector(https);
return server;
}
else
throw new IllegalArgumentException("unrecognized uri: "+endpointURI);
}
示例7: createSSLContextObject
import org.eclipse.jetty.util.ssl.SslContextFactory; //導入方法依賴的package包/類
SslContextFactory createSSLContextObject() {
String keyStorePath = System.getProperty(ZMS_KEYSTORE_PATH);
String keyStorePassword = System.getProperty(ZMS_KEYSTORE_PASSWORD);
String keyStoreType = System.getProperty(ZMS_KEYSTORE_TYPE, "PKCS12");
String trustStorePath = System.getProperty(ZMS_TRUSTSTORE_PATH);
String trustStorePassword = System.getProperty(ZMS_TRUSTSTORE_PASSWORD);
String trustStoreType = System.getProperty(ZMS_TRUSTSTORE_TYPE, "PKCS12");
SslContextFactory sslContextFactory = new SslContextFactory();
if (keyStorePath != null) {
sslContextFactory.setKeyStorePath(keyStorePath);
}
if (keyStorePassword != null) {
sslContextFactory.setKeyStorePassword(keyStorePassword);
}
sslContextFactory.setKeyStoreType(keyStoreType);
if (trustStorePath != null) {
sslContextFactory.setTrustStorePath(trustStorePath);
}
if (trustStorePassword != null) {
sslContextFactory.setTrustStorePassword(trustStorePassword);
}
sslContextFactory.setTrustStoreType(trustStoreType);
sslContextFactory.setWantClientAuth(true);
return sslContextFactory;
}
示例8: createSslContextFactory
import org.eclipse.jetty.util.ssl.SslContextFactory; //導入方法依賴的package包/類
private SslContextFactory createSslContextFactory() {
final SslContextFactory contextFactory = new SslContextFactory();
// if needClientAuth is false then set want to true so we can optionally use certs
if (properties.getNeedClientAuth()) {
logger.info("Setting Jetty's SSLContextFactory needClientAuth to true");
contextFactory.setNeedClientAuth(true);
} else {
logger.info("Setting Jetty's SSLContextFactory wantClientAuth to true");
contextFactory.setWantClientAuth(true);
}
/* below code sets JSSE system properties when values are provided */
// keystore properties
if (StringUtils.isNotBlank(properties.getKeyStorePath())) {
contextFactory.setKeyStorePath(properties.getKeyStorePath());
}
if (StringUtils.isNotBlank(properties.getKeyStoreType())) {
contextFactory.setKeyStoreType(properties.getKeyStoreType());
}
final String keystorePassword = properties.getKeyStorePassword();
final String keyPassword = properties.getKeyPassword();
if (StringUtils.isNotBlank(keystorePassword)) {
// if no key password was provided, then assume the keystore password is the same as the key password.
final String defaultKeyPassword = (StringUtils.isBlank(keyPassword)) ? keystorePassword : keyPassword;
contextFactory.setKeyManagerPassword(keystorePassword);
contextFactory.setKeyStorePassword(defaultKeyPassword);
} else if (StringUtils.isNotBlank(keyPassword)) {
// since no keystore password was provided, there will be no keystore integrity check
contextFactory.setKeyStorePassword(keyPassword);
}
// truststore properties
if (StringUtils.isNotBlank(properties.getTrustStorePath())) {
contextFactory.setTrustStorePath(properties.getTrustStorePath());
}
if (StringUtils.isNotBlank(properties.getTrustStoreType())) {
contextFactory.setTrustStoreType(properties.getTrustStoreType());
}
if (StringUtils.isNotBlank(properties.getTrustStorePassword())) {
contextFactory.setTrustStorePassword(properties.getTrustStorePassword());
}
return contextFactory;
}
示例9: run
import org.eclipse.jetty.util.ssl.SslContextFactory; //導入方法依賴的package包/類
public static Server run(ResourceConfig application, Properties properties, int port, String originFilter,
String aliasName, File keystoreFile, String password, String frontendRoot, String apiPathPattern, boolean copyWebDir) {
try {
QueuedThreadPool threadPool = new QueuedThreadPool(
Integer.valueOf(properties.getProperty("jetty.maxThreads")),
Integer.valueOf(properties.getProperty("jetty.minThreads")),
Integer.valueOf(properties.getProperty("jetty.idleTimeout")),
new ArrayBlockingQueue<>(Integer.valueOf(properties.getProperty("jetty.maxQueueSize"))));
Server server = new Server(threadPool);
HttpConfiguration config = new HttpConfiguration();
if (keystoreFile != null) {
log.info("Jetty runner {}. SSL enabled.", application.getClass());
SslContextFactory sslFactory = new SslContextFactory();
sslFactory.setCertAlias(aliasName);
String path = keystoreFile.getAbsolutePath();
if (!keystoreFile.exists()) {
log.error("Couldn't load keystore file: {}", path);
return null;
}
sslFactory.setKeyStorePath(path);
sslFactory.setKeyStorePassword(password);
sslFactory.setKeyManagerPassword(password);
sslFactory.setTrustStorePath(path);
sslFactory.setTrustStorePassword(password);
config.setSecureScheme("https");
config.setSecurePort(port);
config.addCustomizer(new SecureRequestCustomizer());
ServerConnector https = new ServerConnector(server,
new SslConnectionFactory(sslFactory, "http/1.1"),
new HttpConnectionFactory(config));
https.setPort(port);
server.setConnectors(new Connector[]{https});
} else {
ServerConnector http = new ServerConnector(server, new HttpConnectionFactory(config));
http.setPort(port);
server.setConnectors(new Connector[]{http});
}
Handler handler = ContainerFactory.createContainer(JettyHttpContainer.class, application);
if (originFilter != null)
handler = new CrossDomainFilter(handler, originFilter);
if (frontendRoot != null) {
WebAppContext htmlHandler = new WebAppContext();
htmlHandler.setResourceBase(frontendRoot);
htmlHandler.setCopyWebDir(copyWebDir);
Map<Pattern, Handler> pathToHandler = new HashMap<>();
pathToHandler.put(Pattern.compile(apiPathPattern), handler);
SessionManager sm = new HashSessionManager();
SessionHandler sh = new SessionHandler(sm);
htmlHandler.setSessionHandler(sh);
DefaultServlet defaultServlet = new DefaultServlet();
ServletHolder holder = new ServletHolder(defaultServlet);
holder.setInitParameter("useFileMappedBuffer", Boolean.toString(!copyWebDir));
holder.setInitParameter("cacheControl", "no-store,no-cache,must-revalidate,max-age=-1,public");
htmlHandler.addServlet(holder, "/");
handler = new RequestsRouter(htmlHandler, pathToHandler, frontendRoot);
}
server.setHandler(handler);
server.start();
while (!server.isStarted()) {
Thread.sleep(50);
}
log.info("Jetty server started {} on port {}", application.getClass(), port);
return server;
} catch (Exception e) {
log.error(String.format("Jetty start failed %s.", application.getClass()), e);
return null;
}
}
示例10: getSslContainer
import org.eclipse.jetty.util.ssl.SslContextFactory; //導入方法依賴的package包/類
@Override
public WebSocketContainer getSslContainer(Properties config) {
// With jetty, can't directly use ContainerProvider.getWebSocketContainer()
// as it's "too late" to inject SslContextFactory into the mix.
String trustStore = config.getProperty("ws.trustStore",
System.getProperty("javax.net.ssl.trustStore"));
String trustStorePassword = config.getProperty("ws.trustStorePassword",
System.getProperty("javax.net.ssl.trustStorePassword"));
String keyStore = config.getProperty("ws.keyStore",
System.getProperty("javax.net.ssl.keyStore"));
String keyStorePassword = config.getProperty("ws.keyStorePassword",
System.getProperty("javax.net.ssl.keyStorePassword"));
String keyPassword = config.getProperty("ws.keyPassword", keyStorePassword);
String certAlias = config.getProperty("ws.keyCertificateAlias", "default");
// create ClientContainer as usual
ClientContainer container = new ClientContainer();
// tweak before starting it
SslContextFactory scf = container.getClient().getSslContextFactory();
if (trustStore != null) {
// System.out.println("setting " + trustStore);
scf.setTrustStorePath(trustStore);
scf.setTrustStorePassword(trustStorePassword);
}
if (keyStore != null) {
// System.out.println("setting " + keyStore);
scf.setKeyStorePath(keyStore);
scf.setKeyStorePassword(keyStorePassword);
scf.setKeyManagerPassword(keyPassword);
scf.setCertAlias(certAlias);
}
// start as usual
try {
container.start();
return container;
}
catch (Exception e)
{
throw new RuntimeException("Unable to start Client Container", e);
}
}
示例11: createSSLContextObject
import org.eclipse.jetty.util.ssl.SslContextFactory; //導入方法依賴的package包/類
SslContextFactory createSSLContextObject(boolean needClientAuth) {
String keyStorePath = System.getProperty(AthenzConsts.ATHENZ_PROP_KEYSTORE_PATH);
String keyStorePasswordAppName = System.getProperty(AthenzConsts.ATHENZ_PROP_KEYSTORE_PASSWORD_APPNAME);
String keyStorePassword = System.getProperty(AthenzConsts.ATHENZ_PROP_KEYSTORE_PASSWORD);
String keyStoreType = System.getProperty(AthenzConsts.ATHENZ_PROP_KEYSTORE_TYPE, "PKCS12");
String keyManagerPassword = System.getProperty(AthenzConsts.ATHENZ_PROP_KEYMANAGER_PASSWORD);
String keyManagerPasswordAppName = System.getProperty(AthenzConsts.ATHENZ_PROP_KEYMANAGER_PASSWORD_APPNAME);
String trustStorePath = System.getProperty(AthenzConsts.ATHENZ_PROP_TRUSTSTORE_PATH);
String trustStorePassword = System.getProperty(AthenzConsts.ATHENZ_PROP_TRUSTSTORE_PASSWORD);
String trustStorePasswordAppName = System.getProperty(AthenzConsts.ATHENZ_PROP_TRUSTSTORE_PASSWORD_APPNAME);
String trustStoreType = System.getProperty(AthenzConsts.ATHENZ_PROP_TRUSTSTORE_TYPE, "PKCS12");
String includedCipherSuites = System.getProperty(AthenzConsts.ATHENZ_PROP_INCLUDED_CIPHER_SUITES);
String excludedCipherSuites = System.getProperty(AthenzConsts.ATHENZ_PROP_EXCLUDED_CIPHER_SUITES);
String excludedProtocols = System.getProperty(AthenzConsts.ATHENZ_PROP_EXCLUDED_PROTOCOLS,
ATHENZ_DEFAULT_EXCLUDED_PROTOCOLS);
SslContextFactory sslContextFactory = new SslContextFactory();
if (keyStorePath != null) {
LOG.info("Using SSL KeyStore path: {}", keyStorePath);
sslContextFactory.setKeyStorePath(keyStorePath);
}
if (keyStorePassword != null) {
//default implementation should just return the same
sslContextFactory.setKeyStorePassword(this.privateKeyStore.getApplicationSecret(keyStorePasswordAppName, keyStorePassword));
}
sslContextFactory.setKeyStoreType(keyStoreType);
if (keyManagerPassword != null) {
sslContextFactory.setKeyManagerPassword(this.privateKeyStore.getApplicationSecret(keyManagerPasswordAppName, keyManagerPassword));
}
if (trustStorePath != null) {
LOG.info("Using SSL TrustStore path: {}", trustStorePath);
sslContextFactory.setTrustStorePath(trustStorePath);
}
if (trustStorePassword != null) {
sslContextFactory.setTrustStorePassword(this.privateKeyStore.getApplicationSecret(trustStorePasswordAppName, trustStorePassword));
}
sslContextFactory.setTrustStoreType(trustStoreType);
if (includedCipherSuites != null && !includedCipherSuites.isEmpty()) {
sslContextFactory.setIncludeCipherSuites(includedCipherSuites.split(","));
}
if (excludedCipherSuites != null && !excludedCipherSuites.isEmpty()) {
sslContextFactory.setExcludeCipherSuites(excludedCipherSuites.split(","));
}
if (!excludedProtocols.isEmpty()) {
sslContextFactory.setExcludeProtocols(excludedProtocols.split(","));
}
if (needClientAuth) {
sslContextFactory.setNeedClientAuth(true);
} else {
sslContextFactory.setWantClientAuth(true);
}
return sslContextFactory;
}
示例12: createHttpsJettyServer
import org.eclipse.jetty.util.ssl.SslContextFactory; //導入方法依賴的package包/類
private static JettyServer createHttpsJettyServer(boolean clientAuth) throws MalformedURLException, IOException {
Server server = new Server();
HttpConfiguration https_config = new HttpConfiguration();
https_config.setSecureScheme("https");
int port = 0;
try (ServerSocket socket = new ServerSocket(0)) {
port = socket.getLocalPort();
}
https_config.setSecurePort(port);
https_config.setOutputBufferSize(32768);
String keystorePath = DEFAULT_SERVER_KEY_STORE;
SslContextFactory sslContextFactory = new SslContextFactory();
File keystoreFile = new File(keystorePath);
if (!keystoreFile.exists()) {
throw new FileNotFoundException();
}
String trustStorePath = DEFAULT_CA_TRUST_STORE;
File trustStoreFile = new File(trustStorePath);
if (!trustStoreFile.exists()) {
throw new FileNotFoundException();
}
sslContextFactory.setTrustStorePath(trustStorePath);
sslContextFactory.setTrustStoreType(DEFAULT_SSL_STORE_TYPE);
sslContextFactory.setTrustStorePassword(DEFAULT_CERT_PWD);
sslContextFactory.setKeyStorePath(keystoreFile.getAbsolutePath());
sslContextFactory.setKeyStoreType(DEFAULT_SSL_STORE_TYPE);
sslContextFactory.setKeyStorePassword(DEFAULT_CERT_PWD);
sslContextFactory.setProtocol(DEFAULT_SSL_PROTOCOL);
sslContextFactory.setNeedClientAuth(clientAuth);
ServerConnector https = new ServerConnector(server,
new SslConnectionFactory(sslContextFactory,HttpVersion.HTTP_1_1.asString()),
new HttpConnectionFactory(https_config));
https.setPort(port);
https.setIdleTimeout(500000);
server.setConnectors(new Connector[] { https });
HandlerList handlers = new HandlerList();
ResourceHandler resourceHandler = new ResourceHandler();
resourceHandler.setBaseResource(Resource.newResource("."));
handlers.setHandlers(new Handler[]
{ resourceHandler, new DefaultHandler() });
server.setHandler(handlers);
return new JettyServer(server, port);
}
示例13: createSSLContextObject
import org.eclipse.jetty.util.ssl.SslContextFactory; //導入方法依賴的package包/類
public static SslContextFactory createSSLContextObject(String[] clientProtocols, PrivateKeyStore privateKeyStore) {
String keyStorePath = System.getProperty(ZTSConsts.ZTS_PROP_KEYSTORE_PATH);
String keyStorePasswordAppName = System.getProperty(ZTSConsts.ZTS_PROP_KEYSTORE_PASSWORD_APPNAME);
String keyStorePassword = System.getProperty(ZTSConsts.ZTS_PROP_KEYSTORE_PASSWORD);
String keyStoreType = System.getProperty(ZTSConsts.ZTS_PROP_KEYSTORE_TYPE, "PKCS12");
String keyManagerPassword = System.getProperty(ZTSConsts.ZTS_PROP_KEYMANAGER_PASSWORD);
String keyManagerPasswordAppName = System.getProperty(ZTSConsts.ZTS_PROP_KEYMANAGER_PASSWORD_APPNAME);
String trustStorePath = System.getProperty(ZTSConsts.ZTS_PROP_TRUSTSTORE_PATH);
String trustStorePassword = System.getProperty(ZTSConsts.ZTS_PROP_TRUSTSTORE_PASSWORD);
String trustStorePasswordAppName = System.getProperty(ZTSConsts.ZTS_PROP_TRUSTSTORE_PASSWORD_APPNAME);
String trustStoreType = System.getProperty(ZTSConsts.ZTS_PROP_TRUSTSTORE_TYPE, "PKCS12");
String excludedCipherSuites = System.getProperty(ZTSConsts.ZTS_PROP_EXCLUDED_CIPHER_SUITES,
ZTS_DEFAULT_EXCLUDED_CIPHER_SUITES);
String excludedProtocols = System.getProperty(ZTSConsts.ZTS_PROP_EXCLUDED_PROTOCOLS,
ZTS_DEFAULT_EXCLUDED_PROTOCOLS);
Boolean wantClientAuth = Boolean.parseBoolean(System.getProperty(ZTSConsts.ZTS_PROP_WANT_CLIENT_CERT, "false"));
SslContextFactory sslContextFactory = new SslContextFactory();
if (keyStorePath != null) {
LOGGER.info("createSSLContextObject: using SSL KeyStore path: " + keyStorePath);
sslContextFactory.setKeyStorePath(keyStorePath);
}
if (keyStorePassword != null) {
if (null != privateKeyStore) {
keyStorePassword = privateKeyStore.getApplicationSecret(keyStorePasswordAppName, keyStorePassword);
}
sslContextFactory.setKeyStorePassword(keyStorePassword);
}
sslContextFactory.setKeyStoreType(keyStoreType);
if (keyManagerPassword != null) {
if (null != privateKeyStore) {
keyManagerPassword = privateKeyStore.getApplicationSecret(keyManagerPasswordAppName, keyManagerPassword);
}
sslContextFactory.setKeyManagerPassword(keyManagerPassword);
}
if (trustStorePath != null) {
LOGGER.info("createSSLContextObject: using SSL TrustStore path: " + trustStorePath);
sslContextFactory.setTrustStorePath(trustStorePath);
}
if (trustStorePassword != null) {
if (null != privateKeyStore) {
trustStorePassword = privateKeyStore.getApplicationSecret(trustStorePasswordAppName, trustStorePassword);
}
sslContextFactory.setTrustStorePassword(trustStorePassword);
}
sslContextFactory.setTrustStoreType(trustStoreType);
if (excludedCipherSuites.length() != 0) {
sslContextFactory.setExcludeCipherSuites(excludedCipherSuites.split(","));
}
if (excludedProtocols.length() != 0) {
sslContextFactory.setExcludeProtocols(excludedProtocols.split(","));
}
sslContextFactory.setWantClientAuth(wantClientAuth);
if (clientProtocols != null) {
sslContextFactory.setIncludeProtocols(clientProtocols);
}
return sslContextFactory;
}