com.github.dockerjava.core.util.CertificateUtils Java Examples

The following examples show how to use com.github.dockerjava.core.util.CertificateUtils. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: DockerServerCredentialsSSLConfig.java    From docker-swarm-plugin with MIT License 6 votes vote down vote up
@Override
public SSLContext getSSLContext()
        throws KeyManagementException, UnrecoverableKeyException, NoSuchAlgorithmException, KeyStoreException {

    try {
        final KeyStore keyStore = CertificateUtils.createKeyStore(credentials.getClientKey(),
                credentials.getClientCertificate());
        final KeyManagerFactory keyManagerFactory = KeyManagerFactory
                .getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(keyStore, "docker".toCharArray());
        final KeyStore trustStore = CertificateUtils.createTrustStore(credentials.getServerCaCertificate());
        final TrustManagerFactory trustManagerFactory = TrustManagerFactory
                .getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(trustStore);

        final SSLContext context = SSLContext.getInstance("TLS");
        context.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);
        return context;
    } catch (CertificateException | InvalidKeySpecException | IOException e) {
        throw new KeyStoreException("Can't build keystore from provided client key/certificate", e);
    }
}
 
Example #2
Source File: DockerServerCredentialsSSLConfig.java    From docker-plugin with MIT License 6 votes vote down vote up
@Override
public SSLContext getSSLContext() throws KeyManagementException, UnrecoverableKeyException, NoSuchAlgorithmException, KeyStoreException {

    try {
        final KeyStore keyStore = CertificateUtils.createKeyStore(credentials.getClientKey(), credentials.getClientCertificate());
        final KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(keyStore, "docker".toCharArray());
        final KeyStore trustStore = CertificateUtils.createTrustStore(credentials.getServerCaCertificate());
        final TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(trustStore);

                final SSLContext context = SSLContext.getInstance("TLS");
        context.init(keyManagerFactory.getKeyManagers(),
                        trustManagerFactory.getTrustManagers(), null);
        return context;
    } catch (CertificateException | InvalidKeySpecException | IOException e) {
        throw new KeyStoreException("Can't build keystore from provided client key/certificate", e);
    }
}
 
Example #3
Source File: LocalDirectorySSLConfig.java    From docker-java with Apache License 2.0 2 votes vote down vote up
@Override
public SSLContext getSSLContext() {

    boolean certificatesExist = CertificateUtils.verifyCertificatesExist(dockerCertPath);

    if (certificatesExist) {

        try {

            Security.addProvider(new BouncyCastleProvider());

            String caPemPath = dockerCertPath + File.separator + "ca.pem";
            String keyPemPath = dockerCertPath + File.separator + "key.pem";
            String certPemPath = dockerCertPath + File.separator + "cert.pem";

            String keypem = new String(Files.readAllBytes(Paths.get(keyPemPath)));
            String certpem = new String(Files.readAllBytes(Paths.get(certPemPath)));
            String capem = new String(Files.readAllBytes(Paths.get(caPemPath)));

            String kmfAlgorithm = AccessController.doPrivileged(getSystemProperty("ssl.keyManagerFactory.algorithm",
                KeyManagerFactory.getDefaultAlgorithm()));
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(kmfAlgorithm);
            keyManagerFactory.init(CertificateUtils.createKeyStore(keypem, certpem), "docker".toCharArray());

            String tmfAlgorithm = AccessController.doPrivileged(getSystemProperty("ssl.trustManagerFactory.algorithm",
                TrustManagerFactory.getDefaultAlgorithm()));
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(tmfAlgorithm);
            trustManagerFactory.init(CertificateUtils.createTrustStore(capem));

            SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
            sslContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);

            return sslContext;

        } catch (Exception e) {
            throw new DockerClientException(e.getMessage(), e);
        }

    }

    return null;

}