io.grpc.netty.shaded.io.netty.handler.ssl.SslContextBuilder Java Examples

The following examples show how to use io.grpc.netty.shaded.io.netty.handler.ssl.SslContextBuilder. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: ShadingTest.java    From grpc-nebula-java with Apache License 2.0 6 votes vote down vote up
@Test
public void tcnative() throws Exception {
  server = NettyServerBuilder.forPort(0)
      .useTransportSecurity(TestUtils.loadCert("server1.pem"), TestUtils.loadCert("server1.key"))
      .addService(new SimpleServiceImpl())
      .build().start();
  channel = NettyChannelBuilder
      .forAddress("localhost", server.getPort())
      .sslContext(
          GrpcSslContexts.configure(SslContextBuilder.forClient(), SslProvider.OPENSSL)
              .trustManager(TestUtils.loadCert("ca.pem")).build())
      .overrideAuthority("foo.test.google.fr")
      .build();
  SimpleServiceBlockingStub stub = SimpleServiceGrpc.newBlockingStub(channel);
  assertThat(SimpleResponse.getDefaultInstance())
      .isEqualTo(stub.unaryRpc(SimpleRequest.getDefaultInstance()));
}
 
Example #2
Source File: GrpcConfig.java    From benchmarks with Apache License 2.0 6 votes vote down vote up
public static NettyServerBuilder getServerBuilder()
{
    final NettyServerBuilder serverBuilder =
        NettyServerBuilder.forAddress(new InetSocketAddress(getServerHost(), getServerPort()));
    if (getBoolean(TLS))
    {
        final Path certificatesDir = Configuration.certificatesDirectory();
        final SslContextBuilder sslClientContextBuilder = SslContextBuilder.forServer(
            certificatesDir.resolve("server.pem").toFile(), certificatesDir.resolve("server.key").toFile())
            .trustManager(certificatesDir.resolve("ca.pem").toFile())
            .clientAuth(ClientAuth.REQUIRE);
        GrpcSslContexts.configure(sslClientContextBuilder);

        try
        {
            serverBuilder.sslContext(sslClientContextBuilder.build());
        }
        catch (final SSLException ex)
        {
            LangUtil.rethrowUnchecked(ex);
        }
    }
    return serverBuilder;
}
 
Example #3
Source File: ShadingTest.java    From grpc-java with Apache License 2.0 6 votes vote down vote up
@Test
public void tcnative() throws Exception {
  server = NettyServerBuilder.forPort(0)
      .useTransportSecurity(TestUtils.loadCert("server1.pem"), TestUtils.loadCert("server1.key"))
      .addService(new SimpleServiceImpl())
      .build().start();
  channel = NettyChannelBuilder
      .forAddress("localhost", server.getPort())
      .sslContext(
          GrpcSslContexts.configure(SslContextBuilder.forClient(), SslProvider.OPENSSL)
              .trustManager(TestUtils.loadCert("ca.pem")).build())
      .overrideAuthority("foo.test.google.fr")
      .build();
  SimpleServiceBlockingStub stub = SimpleServiceGrpc.newBlockingStub(channel);
  assertThat(SimpleResponse.getDefaultInstance())
      .isEqualTo(stub.unaryRpc(SimpleRequest.getDefaultInstance()));
}
 
Example #4
Source File: GrpcExecutionFactory.java    From buck with Apache License 2.0 6 votes vote down vote up
private static NettyChannelBuilder createSecureChannel(
    String host, int port, Optional<Path> certPath, Optional<Path> keyPath, Optional<Path> caPath)
    throws SSLException {

  SslContextBuilder contextBuilder = GrpcSslContexts.forClient();
  if (certPath.isPresent() && keyPath.isPresent()) {
    contextBuilder.keyManager(certPath.get().toFile(), keyPath.get().toFile());
  }
  if (caPath.isPresent()) {
    contextBuilder.trustManager(caPath.get().toFile());
  }

  return channelBuilder(host, port)
      .sslContext(contextBuilder.build())
      .negotiationType(NegotiationType.TLS);
}
 
Example #5
Source File: GrpcConfig.java    From flair-engine with Apache License 2.0 5 votes vote down vote up
private SslContextBuilder getSslContextBuilder() {
    log.info("Grpc config: Configuring ssl cert {} key {} trust {}",
            grpcProperties.getTls().getCertChainFile(), grpcProperties.getTls().getPrivateKeyFile(), grpcProperties.getTls().getTrustCertCollectionFile());

    SslContextBuilder sslClientContextBuilder = SslContextBuilder.forServer(
            new File(grpcProperties.getTls().getCertChainFile()),
            new File(grpcProperties.getTls().getPrivateKeyFile())
    );

    if (grpcProperties.getTls().getTrustCertCollectionFile() != null) {
        sslClientContextBuilder.trustManager(new File(grpcProperties.getTls().getTrustCertCollectionFile()));
        sslClientContextBuilder.clientAuth(ClientAuth.REQUIRE);
    }
    return GrpcSslContexts.configure(sslClientContextBuilder, SslProvider.OPENSSL);
}
 
Example #6
Source File: ClientGrpcConfig.java    From flair-engine with Apache License 2.0 5 votes vote down vote up
private static SslContext buildSslContext(String trustCertCollectionFilePath,
                                          String clientCertChainFilePath,
                                          String clientPrivateKeyFilePath) throws SSLException {
    SslContextBuilder builder = GrpcSslContexts.forClient();
    if (trustCertCollectionFilePath != null) {
        builder.trustManager(new File(trustCertCollectionFilePath));
    }
    if (clientCertChainFilePath != null && clientPrivateKeyFilePath != null) {
        builder.keyManager(new File(clientCertChainFilePath), new File(clientPrivateKeyFilePath));
    }
    return builder.build();
}
 
Example #7
Source File: BrokerServer.java    From gcp-token-broker with Apache License 2.0 5 votes vote down vote up
private SslContextBuilder getSslContextBuilder() {
    String certChainFilePath = AppSettings.getInstance().getString(AppSettings.TLS_CERTIFICATE_PATH);
    String privateKeyFilePath = AppSettings.getInstance().getString(AppSettings.TLS_PRIVATE_KEY_PATH);
    SslContextBuilder sslClientContextBuilder = SslContextBuilder.forServer(
        new File(certChainFilePath),
        new File(privateKeyFilePath));
    return GrpcSslContexts.configure(
        sslClientContextBuilder,
        SslProvider.OPENSSL);
}
 
Example #8
Source File: GrpcConfig.java    From benchmarks with Apache License 2.0 5 votes vote down vote up
public static ManagedChannel getServerChannel()
{
    final NettyChannelBuilder channelBuilder =
        NettyChannelBuilder.forAddress(getServerHost(), getServerPort());
    if (getBoolean(TLS))
    {
        final Path certificatesDir = Configuration.certificatesDirectory();
        final SslContextBuilder sslClientContextBuilder = GrpcSslContexts.forClient()
            .trustManager(certificatesDir.resolve("ca.pem").toFile())
            .keyManager(
            certificatesDir.resolve("client.pem").toFile(), certificatesDir.resolve("client.key").toFile());

        try
        {
            channelBuilder.sslContext(sslClientContextBuilder.build());
        }
        catch (final SSLException ex)
        {
            LangUtil.rethrowUnchecked(ex);
        }
    }
    else
    {
        channelBuilder.usePlaintext();
    }
    return channelBuilder.build();
}