Java Code Examples for org.apache.tomcat.util.net.SSLHostConfig

The following are top voted examples for showing how to use org.apache.tomcat.util.net.SSLHostConfig. These examples are extracted from open source projects. You can vote up the examples you like and your votes will be used in our system to generate more good examples.
Example 1
Project: https-github.com-g0t4-jenkins2-course-spring-boot   File: TomcatEmbeddedServletContainerFactoryTests.java   View source code 6 votes vote down vote up
@Test
public void sslCiphersConfiguration() throws Exception {
	Ssl ssl = new Ssl();
	ssl.setKeyStore("test.jks");
	ssl.setKeyStorePassword("secret");
	ssl.setCiphers(new String[] { "ALPHA", "BRAVO", "CHARLIE" });

	TomcatEmbeddedServletContainerFactory factory = getFactory();
	factory.setSsl(ssl);

	Tomcat tomcat = getTomcat(factory);
	Connector connector = tomcat.getConnector();

	SSLHostConfig[] sslHostConfigs = connector.getProtocolHandler()
			.findSslHostConfigs();
	assertThat(sslHostConfigs[0].getCiphers()).isEqualTo("ALPHA:BRAVO:CHARLIE");
}
 
Example 2
Project: https-github.com-g0t4-jenkins2-course-spring-boot   File: TomcatEmbeddedServletContainerFactoryTests.java   View source code 6 votes vote down vote up
@Test
public void sslEnabledMultipleProtocolsConfiguration() throws Exception {
	Ssl ssl = getSsl(null, "password", "src/test/resources/test.jks");
	ssl.setEnabledProtocols(new String[] { "TLSv1.1", "TLSv1.2" });
	ssl.setCiphers(new String[] { "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", "BRAVO" });

	TomcatEmbeddedServletContainerFactory factory = getFactory();
	factory.setSsl(ssl);

	this.container = factory
			.getEmbeddedServletContainer(sessionServletRegistration());
	this.container.start();
	Tomcat tomcat = ((TomcatEmbeddedServletContainer) this.container).getTomcat();
	Connector connector = tomcat.getConnector();

	SSLHostConfig sslHostConfig = connector.getProtocolHandler()
			.findSslHostConfigs()[0];
	assertThat(sslHostConfig.getSslProtocol()).isEqualTo("TLS");
	assertThat(sslHostConfig.getEnabledProtocols())
			.containsExactlyInAnyOrder("TLSv1.1", "TLSv1.2");
}
 
Example 3
Project: https-github.com-g0t4-jenkins2-course-spring-boot   File: TomcatEmbeddedServletContainerFactoryTests.java   View source code 6 votes vote down vote up
@Test
public void sslEnabledProtocolsConfiguration() throws Exception {
	Ssl ssl = getSsl(null, "password", "src/test/resources/test.jks");
	ssl.setEnabledProtocols(new String[] { "TLSv1.2" });
	ssl.setCiphers(new String[] { "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", "BRAVO" });

	TomcatEmbeddedServletContainerFactory factory = getFactory();
	factory.setSsl(ssl);

	this.container = factory
			.getEmbeddedServletContainer(sessionServletRegistration());
	Tomcat tomcat = ((TomcatEmbeddedServletContainer) this.container).getTomcat();
	Connector connector = tomcat.getConnector();

	this.container.start();
	SSLHostConfig sslHostConfig = connector.getProtocolHandler()
			.findSslHostConfigs()[0];
	assertThat(sslHostConfig.getSslProtocol()).isEqualTo("TLS");
	assertThat(sslHostConfig.getEnabledProtocols()).containsExactly("TLSv1.2");
}
 
Example 4
Project: oryx2   File: ServingLayer.java   View source code 5 votes vote down vote up
private Connector makeConnector() {
  Connector connector = new Connector(Http11Nio2Protocol.class.getName());

  if (keystoreFile == null) {

    // HTTP connector
    connector.setPort(port);
    connector.setSecure(false);
    connector.setScheme("http");

  } else {

    // HTTPS connector
    connector.setPort(securePort);
    connector.setSecure(true);
    connector.setScheme("https");
    connector.setAttribute("SSLEnabled", "true");
    SSLHostConfig sslHostConfig = new SSLHostConfig();
    SSLHostConfigCertificate cert =
        new SSLHostConfigCertificate(sslHostConfig, SSLHostConfigCertificate.Type.RSA);
    cert.setCertificateKeystoreFile(keystoreFile.toAbsolutePath().toString());
    cert.setCertificateKeystorePassword(keystorePassword);
    cert.setCertificateKeyAlias(keyAlias);
    sslHostConfig.addCertificate(cert);
    connector.addSslHostConfig(sslHostConfig);
  }

  connector.addUpgradeProtocol(new Http2Protocol());

  // Keep quiet about the server type
  connector.setXpoweredBy(false);

  // Basic tuning params:
  connector.setAttribute("maxThreads", 400);
  connector.setAttribute("acceptCount", 50);
  //connector.setAttribute("connectionTimeout", 2000);
  connector.setAttribute("maxKeepAliveRequests", 100);

  // Avoid running out of ephemeral ports under heavy load?
  connector.setAttribute("socket.soReuseAddress", true);

  connector.setMaxPostSize(0);
  connector.setAttribute("disableUploadTimeout", false);

  // Allow long URLs
  connector.setAttribute("maxHttpHeaderSize", 65536);

  // Enable response compression
  connector.setAttribute("compression", "on");
  // Defaults are text/html,text/xml,text/plain,text/css
  connector.setAttribute("compressableMimeType", "text/html,text/xml,text/plain,text/css,text/csv,application/json");

  return connector;
}
 
Example 5
Project: psi-probe   File: SslHostConfigHelper.java   View source code 5 votes vote down vote up
/**
 * Instantiates a new SSL host config helper.
 *
 * @param protocol the protocol
 * @param info the info
 * @throws IllegalAccessException the illegal access exception
 * @throws InvocationTargetException the invocation target exception
 */
public SslHostConfigHelper(AbstractHttp11JsseProtocol<?> protocol, ConnectorInfo info)
    throws IllegalAccessException, InvocationTargetException {
  SSLHostConfig[] sslHostConfigs = protocol.findSslHostConfigs();
  List<SslHostConfigInfo> sslHostConfigInfos = new ArrayList<>(sslHostConfigs.length);
  info.setSslHostConfigInfos(sslHostConfigInfos);

  for (SSLHostConfig sslHostConfig : sslHostConfigs) {
    sslHostConfigInfos.add(toSslHostConfigInfo(sslHostConfig));
  }
}
 
Example 6
Project: psi-probe   File: SslHostConfigHelper.java   View source code 5 votes vote down vote up
/**
 * To SslHostConfig info.
 * 
 * @param sslHostConfig the SslHostConfig
 * @return the SslHostConfig info
 * @throws IllegalAccessException the illegal access exception
 * @throws InvocationTargetException the invocation target exception
 */
private SslHostConfigInfo toSslHostConfigInfo(SSLHostConfig sslHostConfig)
    throws IllegalAccessException, InvocationTargetException {
  SslHostConfigInfo sslHostConfigInfo = new SslHostConfigInfo();
  BeanUtils.copyProperties(sslHostConfigInfo, sslHostConfig);

  Set<SSLHostConfigCertificate> certificates = sslHostConfig.getCertificates();
  List<CertificateInfo> certificateInfos = new ArrayList<>(certificates.size());
  sslHostConfigInfo.setCertificateInfos(certificateInfos);
  for (SSLHostConfigCertificate sslHostConfigCertificate : certificates) {
    certificateInfos.add(toCertificateInfo(sslHostConfigCertificate));
  }

  return sslHostConfigInfo;
}
 
Example 7
Project: https-github.com-g0t4-jenkins2-course-spring-boot   File: TomcatEmbeddedServletContainerFactory.java   View source code 4 votes vote down vote up
/**
 * Configure Tomcat's {@link AbstractHttp11JsseProtocol} for SSL.
 * @param protocol the protocol
 * @param ssl the ssl details
 */
protected void configureSsl(AbstractHttp11JsseProtocol<?> protocol, Ssl ssl) {
	protocol.setSSLEnabled(true);
	protocol.setSslProtocol(ssl.getProtocol());
	configureSslClientAuth(protocol, ssl);
	protocol.setKeystorePass(ssl.getKeyStorePassword());
	protocol.setKeyPass(ssl.getKeyPassword());
	protocol.setKeyAlias(ssl.getKeyAlias());
	String ciphers = StringUtils.arrayToCommaDelimitedString(ssl.getCiphers());
	protocol.setCiphers(StringUtils.hasText(ciphers) ? ciphers : null);
	if (ssl.getEnabledProtocols() != null) {
		try {
			for (SSLHostConfig sslHostConfig : protocol.findSslHostConfigs()) {
				sslHostConfig.setProtocols(StringUtils
						.arrayToCommaDelimitedString(ssl.getEnabledProtocols()));
			}
		}
		catch (NoSuchMethodError ex) {
			// Tomcat 8.0.x or earlier
			Assert.isTrue(
					protocol.setProperty("sslEnabledProtocols",
							StringUtils.arrayToCommaDelimitedString(
									ssl.getEnabledProtocols())),
					"Failed to set sslEnabledProtocols");
		}
	}
	if (getSslStoreProvider() != null) {
		TomcatURLStreamHandlerFactory instance = TomcatURLStreamHandlerFactory
				.getInstance();
		instance.addUserFactory(
				new SslStoreProviderUrlStreamHandlerFactory(getSslStoreProvider()));
		protocol.setKeystoreFile(
				SslStoreProviderUrlStreamHandlerFactory.KEY_STORE_URL);
		protocol.setTruststoreFile(
				SslStoreProviderUrlStreamHandlerFactory.TRUST_STORE_URL);
	}
	else {
		configureSslKeyStore(protocol, ssl);
		configureSslTrustStore(protocol, ssl);
	}
}
 
Example 8
Project: armeria   File: Tomcat85ProtocolHandler.java   View source code 4 votes vote down vote up
@Override
public void addSslHostConfig(SSLHostConfig sslHostConfig) {}
 
Example 9
Project: armeria   File: Tomcat85ProtocolHandler.java   View source code 4 votes vote down vote up
@Override
@SuppressWarnings("ZeroLengthArrayAllocation")
public SSLHostConfig[] findSslHostConfigs() {
    return new SSLHostConfig[0];
}
 
Example 10
Project: swutils   File: EncryptedSslHttp11NioProtocolTest.java   View source code 4 votes vote down vote up
private SSLHostConfig getSslHostConfig(EncryptedSslHttp11NioProtocol protocol) {
    SSLHostConfig[] sslHostConfigs = protocol.getEndpoint().findSslHostConfigs();
    return sslHostConfigs[0];
}
 
Example 11
Project: swutils   File: EncryptedSslHttp11Nio2ProtocolTest.java   View source code 4 votes vote down vote up
private SSLHostConfig getSslHostConfig(EncryptedSslHttp11Nio2Protocol protocol) {
    SSLHostConfig[] sslHostConfigs = protocol.getEndpoint().findSslHostConfigs();
    return sslHostConfigs[0];
}