io.netty.handler.ssl.SslContextBuilder Java Examples
The following examples show how to use
io.netty.handler.ssl.SslContextBuilder.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: ReactorGuiceServer.java From reactor-guice with Apache License 2.0 | 7 votes |
|
public ReactorGuiceServer setHttps (File jksFile, String jksPassword, String jksSecret) {
try {
// ssl
KeyStore keyStore = KeyStore.getInstance("JKS");
keyStore.load(new FileInputStream(jksFile), jksPassword.toCharArray());
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyManagerFactory.init(keyStore, jksSecret.toCharArray());
sslContext = SslContextBuilder.forServer(keyManagerFactory).build();
}
catch(Exception e) {
e.printStackTrace();
sslContext = null;
}
// SelfSignedCertificate cert = new SelfSignedCertificate();
// SslContextBuilder serverOptions = SslContextBuilder.forServer(cert.certificate(), cert.privateKey());
return this;
}
Example #2
| Source File: TcpSslUriHandler.java From alibaba-rsocket-broker with Apache License 2.0 | 6 votes |
|
@Override
public Optional<ClientTransport> buildClient(URI uri) {
Objects.requireNonNull(uri, "uri must not be null");
if (!SCHEME.equals(uri.getScheme())) {
return Optional.empty();
}
try {
SslContext context = SslContextBuilder
.forClient()
.protocols(protocols)
.sslProvider(getSslProvider())
.trustManager(trustManagerFactory).build();
TcpClient tcpClient = TcpClient.create()
.host(uri.getHost())
.port(uri.getPort())
.secure(ssl -> ssl.sslContext(context));
return Optional.of(TcpClientTransport.create(tcpClient));
} catch (Exception e) {
return Optional.empty();
}
}
Example #3
| Source File: MySqlConnectionConfigurationTest.java From r2dbc-mysql with Apache License 2.0 | 6 votes |
|
@Test
void sslContextBuilderCustomizer() {
String message = "Worked!";
Function<SslContextBuilder, SslContextBuilder> customizer = ignored -> {
throw new IllegalStateException(message);
};
MySqlConnectionConfiguration configuration = MySqlConnectionConfiguration.builder()
.host(HOST)
.user(USER)
.sslMode(SslMode.REQUIRED)
.sslContextBuilderCustomizer(customizer)
.build();
assertThatIllegalStateException()
.isThrownBy(() -> configuration.getSsl().customizeSslContext(SslContextBuilder.forClient()))
.withMessage(message);
}
Example #4
| Source File: SslUtil.java From hivemq-community-edition with Apache License 2.0 | 6 votes |
|
@NotNull
public SslContext createSslServerContext(@NotNull final KeyManagerFactory kmf, @Nullable final TrustManagerFactory tmFactory, @Nullable final List<String> cipherSuites, @Nullable final List<String> protocols) throws SSLException {
final SslContextBuilder sslContextBuilder = SslContextBuilder.forServer(kmf);
sslContextBuilder.sslProvider(SslProvider.JDK).trustManager(tmFactory);
if (protocols != null && !protocols.isEmpty()) {
sslContextBuilder.protocols(protocols.toArray(new String[0]));
}
//set chosen cipher suites if available
if (cipherSuites != null && cipherSuites.size() > 0) {
sslContextBuilder.ciphers(cipherSuites, SupportedCipherSuiteFilter.INSTANCE);
} else {
sslContextBuilder.ciphers(null, SupportedCipherSuiteFilter.INSTANCE);
}
return sslContextBuilder.build();
}
Example #5
| Source File: SocketSslGreetingTest.java From netty-4.1.22 with Apache License 2.0 | 6 votes |
|
@Parameters(name = "{index}: serverEngine = {0}, clientEngine = {1}")
public static Collection<Object[]> data() throws Exception {
List<SslContext> serverContexts = new ArrayList<SslContext>();
serverContexts.add(SslContextBuilder.forServer(CERT_FILE, KEY_FILE).sslProvider(SslProvider.JDK).build());
List<SslContext> clientContexts = new ArrayList<SslContext>();
clientContexts.add(SslContextBuilder.forClient().sslProvider(SslProvider.JDK).trustManager(CERT_FILE).build());
boolean hasOpenSsl = OpenSsl.isAvailable();
if (hasOpenSsl) {
serverContexts.add(SslContextBuilder.forServer(CERT_FILE, KEY_FILE)
.sslProvider(SslProvider.OPENSSL).build());
clientContexts.add(SslContextBuilder.forClient().sslProvider(SslProvider.OPENSSL)
.trustManager(CERT_FILE).build());
} else {
logger.warn("OpenSSL is unavailable and thus will not be tested.", OpenSsl.unavailabilityCause());
}
List<Object[]> params = new ArrayList<Object[]>();
for (SslContext sc: serverContexts) {
for (SslContext cc: clientContexts) {
params.add(new Object[] { sc, cc });
}
}
return params;
}
Example #6
| Source File: TelnetServer.java From tools-journey with Apache License 2.0 | 6 votes |
|
public static void main(String[] args) throws Exception {
// Configure SSL.
final SslContext sslCtx;
if (SSL) {
SelfSignedCertificate ssc = new SelfSignedCertificate();
sslCtx = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey()).build();
} else {
sslCtx = null;
}
EventLoopGroup bossGroup = new NioEventLoopGroup(1);
EventLoopGroup workerGroup = new NioEventLoopGroup();
try {
ServerBootstrap b = new ServerBootstrap();
b.group(bossGroup, workerGroup)
.channel(NioServerSocketChannel.class)
.handler(new LoggingHandler(LogLevel.INFO))
.childHandler(new TelnetServerInitializer(sslCtx));
b.bind(PORT).sync().channel().closeFuture().sync();
} finally {
bossGroup.shutdownGracefully();
workerGroup.shutdownGracefully();
}
}
Example #7
| Source File: Ssl.java From zbus-server with MIT License | 6 votes |
|
private static SslContext buildSslContext() {
try {
SslContextBuilder sslContextBuilder = SslContextBuilder.forClient()
.sslProvider(SslProvider.JDK)
.sessionCacheSize(0)
.sessionTimeout(0);
String[] protocols = new String[] { "TLSv1.2", "TLSv1.1", "TLSv1" };
sslContextBuilder.protocols(protocols);
SslContext sslContext = sslContextBuilder.build();
return sslContext;
} catch (Exception e) {
e.printStackTrace();
return null;
}
}
Example #8
| Source File: HttpCorsServer.java From HttpProxy with MIT License | 6 votes |
|
public static void main(String[] args) throws Exception {
// Configure SSL.
final SslContext sslCtx;
if (SSL) {
SelfSignedCertificate ssc = new SelfSignedCertificate();
sslCtx = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey()).build();
} else {
sslCtx = null;
}
EventLoopGroup bossGroup = new NioEventLoopGroup(1);
EventLoopGroup workerGroup = new NioEventLoopGroup();
try {
ServerBootstrap b = new ServerBootstrap();
b.group(bossGroup, workerGroup)
.channel(NioServerSocketChannel.class)
.handler(new LoggingHandler(LogLevel.INFO))
.childHandler(new HttpCorsServerInitializer(sslCtx));
b.bind(PORT).sync().channel().closeFuture().sync();
} finally {
bossGroup.shutdownGracefully();
workerGroup.shutdownGracefully();
}
}
Example #9
| Source File: TitusWebClientAddOns.java From titus-control-plane with Apache License 2.0 | 6 votes |
|
public static WebClient.Builder addTitusDefaults(WebClient.Builder clientBuilder,
boolean secure,
WebClientMetric webClientMetric) {
HttpClient httpClient = HttpClient.create();
// SSL
if (secure) {
try {
SslContext sslContext = SslContextBuilder.forClient().build();
httpClient = httpClient.secure(spec -> spec.sslContext(sslContext));
} catch (SSLException e) {
logger.error("Unable configure Docker registry client SSL context: {}", e.getMessage());
throw new RuntimeException("Error configuring SSL context", e);
}
}
return addTitusDefaults(clientBuilder, httpClient, webClientMetric);
}
Example #10
| Source File: RntbdTransportClientTest.java From azure-cosmosdb-java with MIT License | 6 votes |
|
private static RntbdTransportClient getRntbdTransportClientUnderTest(
final UserAgentContainer userAgent,
final Duration requestTimeout,
final RntbdResponse expected
) {
final RntbdTransportClient.Options options = new RntbdTransportClient.Options.Builder(requestTimeout)
.userAgent(userAgent)
.build();
final SslContext sslContext;
try {
sslContext = SslContextBuilder.forClient().build();
} catch (final Exception error) {
throw new AssertionError(String.format("%s: %s", error.getClass(), error.getMessage()));
}
return new RntbdTransportClient(new FakeEndpoint.Provider(options, sslContext, expected));
}
Example #11
| Source File: GrafanaAuth.java From timely with Apache License 2.0 | 5 votes |
|
protected SslContext createSSLContext(GrafanaAuthConfiguration config) throws Exception {
ServerSsl sslCfg = config.getSecurity().getServerSsl();
Boolean generate = sslCfg.isUseGeneratedKeypair();
SslContextBuilder ssl;
if (generate) {
LOG.warn("Using generated self signed server certificate");
Date begin = new Date();
Date end = new Date(begin.getTime() + 86400000);
SelfSignedCertificate ssc = new SelfSignedCertificate("localhost", begin, end);
ssl = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey());
} else {
String cert = sslCfg.getCertificateFile();
String key = sslCfg.getKeyFile();
String keyPass = sslCfg.getKeyPassword();
if (null == cert || null == key) {
throw new IllegalArgumentException("Check your SSL properties, something is wrong.");
}
ssl = SslContextBuilder.forServer(new File(cert), new File(key), keyPass);
}
ssl.ciphers(sslCfg.getUseCiphers());
// Can't set to REQUIRE because the CORS pre-flight requests will fail.
ssl.clientAuth(ClientAuth.OPTIONAL);
Boolean useOpenSSL = sslCfg.isUseOpenssl();
if (useOpenSSL) {
ssl.sslProvider(SslProvider.OPENSSL);
} else {
ssl.sslProvider(SslProvider.JDK);
}
String trustStore = sslCfg.getTrustStoreFile();
if (null != trustStore) {
if (!trustStore.isEmpty()) {
ssl.trustManager(new File(trustStore));
}
}
return ssl.build();
}
Example #12
| Source File: SslContextUtil.java From ext-opensource-netty with Mozilla Public License 2.0 | 5 votes |
|
public static SslContext createSSLServerContext(String sslFilePath,
String sslPassword, String sslType, String algorithmName) {
try {
KeyStore keyStore = KeyStore.getInstance(sslType);
KeyManagerFactory kmf = KeyManagerFactory
.getInstance(algorithmName);
InputStream ksInputStream = new FileInputStream(
getFileInputStream(sslFilePath));
try {
keyStore.load(ksInputStream, sslPassword.toCharArray());
kmf.init(keyStore, sslPassword.toCharArray());
} finally {
ksInputStream.close();
}
///both-client
KeyStore ts = KeyStore.getInstance(sslType);
TrustManagerFactory tf = TrustManagerFactory
.getInstance(algorithmName);
InputStream tsInputStreamx = new FileInputStream(
getFileInputStream(sslFilePath));
try {
ts.load(tsInputStreamx, sslPassword.toCharArray());
tf.init(ts);
} finally {
tsInputStreamx.close();
}
return SslContextBuilder.forServer(kmf).trustManager(tf).build();
} catch (Exception ex) {
ex.printStackTrace();
return null;
}
}
Example #13
| Source File: WebSocketServer.java From tools-journey with Apache License 2.0 | 5 votes |
|
public static void main(String[] args) throws Exception {
// Configure SSL.
final SslContext sslCtx;
if (SSL) {
SelfSignedCertificate ssc = new SelfSignedCertificate();
sslCtx = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey()).build();
} else {
sslCtx = null;
}
EventLoopGroup bossGroup = new NioEventLoopGroup(1);
EventLoopGroup workerGroup = new NioEventLoopGroup();
try {
ServerBootstrap b = new ServerBootstrap();
b.group(bossGroup, workerGroup)
.channel(NioServerSocketChannel.class)
.handler(new LoggingHandler(LogLevel.INFO))
.childHandler(new WebSocketServerInitializer(sslCtx));
Channel ch = b.bind(PORT).sync().channel();
System.out.println("Open your web browser and navigate to " +
(SSL ? "https" : "http") + "://127.0.0.1:" + PORT + '/');
ch.closeFuture().sync();
} finally {
bossGroup.shutdownGracefully();
workerGroup.shutdownGracefully();
}
}
Example #14
| Source File: HttpUploadServer.java From netty-4.1.22 with Apache License 2.0 | 5 votes |
|
public static void main(String[] args) throws Exception {
// Configure SSL.
final SslContext sslCtx;
if (SSL) {
SelfSignedCertificate ssc = new SelfSignedCertificate();
sslCtx = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey()).build();
} else {
sslCtx = null;
}
EventLoopGroup bossGroup = new NioEventLoopGroup(1);
EventLoopGroup workerGroup = new NioEventLoopGroup();
try {
ServerBootstrap b = new ServerBootstrap();
b.group(bossGroup, workerGroup);
b.channel(NioServerSocketChannel.class);
b.handler(new LoggingHandler(LogLevel.INFO));
b.childHandler(new HttpUploadServerInitializer(sslCtx));
Channel ch = b.bind(PORT).sync().channel();
System.err.println("Open your web browser and navigate to " +
(SSL? "https" : "http") + "://127.0.0.1:" + PORT + '/');
ch.closeFuture().sync();
} finally {
bossGroup.shutdownGracefully();
workerGroup.shutdownGracefully();
}
}
Example #15
| Source File: EmeraldTransport.java From etherjar with Apache License 2.0 | 5 votes |
|
/**
* Setup client certificate
*
* @param certificate x509 certificate
* @param key private key for the certificate in PKCS8 format
* @return builder
*/
public Builder clientCertificate(File certificate, File key) {
if (sslContextBuilder == null) {
sslContextBuilder = SslContextBuilder.forClient();
channelBuilder.useTransportSecurity();
}
sslContextBuilder = sslContextBuilder.keyManager(certificate, key);
return this;
}
Example #16
| Source File: ModelServerTest.java From multi-model-server with Apache License 2.0 | 5 votes |
|
private Channel connect(boolean management) {
Logger logger = LoggerFactory.getLogger(ModelServerTest.class);
final Connector connector = configManager.getListener(management);
try {
Bootstrap b = new Bootstrap();
final SslContext sslCtx =
SslContextBuilder.forClient()
.trustManager(InsecureTrustManagerFactory.INSTANCE)
.build();
b.group(Connector.newEventLoopGroup(1))
.channel(connector.getClientChannel())
.option(ChannelOption.CONNECT_TIMEOUT_MILLIS, 10000)
.handler(
new ChannelInitializer<Channel>() {
@Override
public void initChannel(Channel ch) {
ChannelPipeline p = ch.pipeline();
if (connector.isSsl()) {
p.addLast(sslCtx.newHandler(ch.alloc()));
}
p.addLast(new ReadTimeoutHandler(30));
p.addLast(new HttpClientCodec());
p.addLast(new HttpContentDecompressor());
p.addLast(new ChunkedWriteHandler());
p.addLast(new HttpObjectAggregator(6553600));
p.addLast(new TestHandler());
}
});
return b.connect(connector.getSocketAddress()).sync().channel();
} catch (Throwable t) {
logger.warn("Connect error.", t);
}
return null;
}
Example #17
| Source File: NettySslFactory.java From ambry with Apache License 2.0 | 5 votes |
|
/**
* @param config the {@link SSLConfig}
* @return a configured {@link SslContext} object for a server.
* @throws GeneralSecurityException
* @throws IOException
*/
private static SslContext getClientSslContext(SSLConfig config) throws GeneralSecurityException, IOException {
logger.info("Using {} provider for client SslContext", SslContext.defaultClientProvider());
return SslContextBuilder.forClient()
.keyManager(getKeyManagerFactory(config))
.trustManager(getTrustManagerFactory(config))
.ciphers(getCipherSuites(config))
.protocols(getEnabledProtocols(config))
.build();
}
Example #18
| Source File: HelloWorldTlsServiceTest.java From quarkus with Apache License 2.0 | 5 votes |
|
@BeforeEach
public void init() throws SSLException {
SslContextBuilder builder = GrpcSslContexts.forClient();
builder.trustManager(new File("src/main/resources/tls/ca.pem"));
SslContext context = builder.build();
channel = NettyChannelBuilder.forAddress("localhost", 9000)
.sslContext(context)
.build();
}
Example #19
| Source File: HttpSnoopServer.java From netty-4.1.22 with Apache License 2.0 | 5 votes |
|
public static void main(String[] args) throws Exception {
// Configure SSL.
final SslContext sslCtx;
if (SSL) {
SelfSignedCertificate ssc = new SelfSignedCertificate();
sslCtx = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey()).build();
} else {
sslCtx = null;
}
// Configure the server.
EventLoopGroup bossGroup = new NioEventLoopGroup(1);
EventLoopGroup workerGroup = new NioEventLoopGroup();
try {
ServerBootstrap b = new ServerBootstrap();
b.group(bossGroup, workerGroup)
.channel(NioServerSocketChannel.class)
.handler(new LoggingHandler(LogLevel.INFO))
.childHandler(new HttpSnoopServerInitializer(sslCtx));
Channel ch = b.bind(PORT).sync().channel();
System.err.println("Open your web browser and navigate to " +
(SSL? "https" : "http") + "://127.0.0.1:" + PORT + '/');
ch.closeFuture().sync();
} finally {
bossGroup.shutdownGracefully();
workerGroup.shutdownGracefully();
}
}
Example #20
| Source File: HelloWorldServerTls.java From grpc-java with Apache License 2.0 | 5 votes |
|
private SslContextBuilder getSslContextBuilder() {
SslContextBuilder sslClientContextBuilder = SslContextBuilder.forServer(new File(certChainFilePath),
new File(privateKeyFilePath));
if (trustCertCollectionFilePath != null) {
sslClientContextBuilder.trustManager(new File(trustCertCollectionFilePath));
sslClientContextBuilder.clientAuth(ClientAuth.REQUIRE);
}
return GrpcSslContexts.configure(sslClientContextBuilder);
}
Example #21
| Source File: GrpcSslContexts.java From grpc-java with Apache License 2.0 | 5 votes |
|
/**
* Set ciphers and APN appropriate for gRPC. Precisely what is set is permitted to change, so if
* an application requires particular settings it should override the options set here.
*/
@CanIgnoreReturnValue
public static SslContextBuilder configure(SslContextBuilder builder, Provider jdkProvider) {
ApplicationProtocolConfig apc;
if (SUN_PROVIDER_NAME.equals(jdkProvider.getName())) {
// Jetty ALPN/NPN only supports one of NPN or ALPN
if (JettyTlsUtil.isJettyAlpnConfigured()) {
apc = ALPN;
} else if (JettyTlsUtil.isJettyNpnConfigured()) {
apc = NPN;
} else if (JettyTlsUtil.isJava9AlpnAvailable()) {
apc = ALPN;
} else {
throw new IllegalArgumentException(
SUN_PROVIDER_NAME + " selected, but Java 9+ and Jetty NPN/ALPN unavailable");
}
} else if (ConscryptLoader.isConscrypt(jdkProvider)) {
apc = ALPN;
} else {
throw new IllegalArgumentException("Unknown provider; can't configure: " + jdkProvider);
}
return builder
.sslProvider(SslProvider.JDK)
.ciphers(Http2SecurityUtil.CIPHERS, SupportedCipherSuiteFilter.INSTANCE)
.applicationProtocolConfig(apc)
.sslContextProvider(jdkProvider);
}
Example #22
| Source File: EchoClient.java From blog with BSD 2-Clause "Simplified" License | 5 votes |
|
public static void main(String[] args) throws Exception {
// Configure SSL.git
final SslContext sslCtx;
if (SSL) {
sslCtx = SslContextBuilder.forClient()
.trustManager(InsecureTrustManagerFactory.INSTANCE).build();
} else {
sslCtx = null;
}
// Configure the client.
EventLoopGroup group = new NioEventLoopGroup();
try {
Bootstrap b = new Bootstrap();
b.group(group)
.channel(NioSocketChannel.class)
.option(ChannelOption.TCP_NODELAY, true)
.handler(new ChannelInitializer<SocketChannel>() {
@Override
public void initChannel(SocketChannel ch) throws Exception {
ChannelPipeline p = ch.pipeline();
if (sslCtx != null) {
p.addLast(sslCtx.newHandler(ch.alloc(), HOST, PORT));
}
//p.addLast(new LoggingHandler(LogLevel.INFO));
p.addLast(new EchoClientHandler());
}
});
// Start the client.
ChannelFuture f = b.connect(HOST, PORT).sync();
// Wait until the connection is closed.
f.channel().closeFuture().sync();
} finally {
// Shut down the event loop to terminate all threads.
group.shutdownGracefully();
}
}
Example #23
| Source File: Http2ConnectionInfoTests.java From reactor-netty with Apache License 2.0 | 5 votes |
|
@Override
protected HttpServer customizeServerOptions(HttpServer httpServer) {
try {
SslContext ctx = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey()).build();
return httpServer.protocol(HttpProtocol.H2)
.secure(ssl -> ssl.sslContext(ctx));
}
catch (SSLException e) {
throw new RuntimeException(e);
}
}
Example #24
| Source File: SslClientInitializer.java From nomulus with Apache License 2.0 | 5 votes |
|
@Override
protected void initChannel(C channel) throws Exception {
checkNotNull(hostProvider.apply(channel), "Cannot obtain SSL host for channel: %s", channel);
checkNotNull(portProvider.apply(channel), "Cannot obtain SSL port for channel: %s", channel);
SslContextBuilder sslContextBuilder =
SslContextBuilder.forClient()
.sslProvider(sslProvider)
.trustManager(
trustedCertificates == null || trustedCertificates.isEmpty()
? null
: trustedCertificates.toArray(new X509Certificate[0]));
if (privateKeySupplier != null && certificateChainSupplier != null) {
sslContextBuilder.keyManager(
privateKeySupplier.get(), certificateChainSupplier.get().toArray(new X509Certificate[0]));
}
SslHandler sslHandler =
sslContextBuilder
.build()
.newHandler(channel.alloc(), hostProvider.apply(channel), portProvider.apply(channel));
// Enable hostname verification.
SSLEngine sslEngine = sslHandler.engine();
SSLParameters sslParameters = sslEngine.getSSLParameters();
sslParameters.setEndpointIdentificationAlgorithm("HTTPS");
sslEngine.setSSLParameters(sslParameters);
channel.pipeline().addLast(sslHandler);
}
Example #25
| Source File: ZalySSLContext.java From openzaly with Apache License 2.0 | 5 votes |
|
public static SslContext getSSLContext() {
try {
if (sslContext == null) {
sslContext = SslContextBuilder.forClient().trustManager(ZalyTrustManagerFactory.INSTANCE).build();
}
} catch (Exception e) {
throw new Error("Failed to initialize platform SSLContext", e);
}
return sslContext;
}
Example #26
| Source File: TcpSecureMetricsTests.java From reactor-netty with Apache License 2.0 | 5 votes |
|
@Override
protected TcpClient customizeClientOptions(TcpClient tcpClient) {
try {
SslContext ctx = SslContextBuilder.forClient()
.trustManager(InsecureTrustManagerFactory.INSTANCE)
.sslProvider(SslProvider.JDK)
.build();
return tcpClient.secure(ssl -> ssl.sslContext(ctx)).wiretap(true);
}
catch (SSLException e) {
throw new RuntimeException(e);
}
}
Example #27
| Source File: TcpSecureMetricsTests.java From reactor-netty with Apache License 2.0 | 5 votes |
|
@Override
protected TcpServer customizeServerOptions(TcpServer tcpServer) {
try {
SslContext ctx = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey())
.sslProvider(SslProvider.JDK)
.build();
return tcpServer.secure(ssl -> ssl.sslContext(ctx)).wiretap(true);
}
catch (SSLException e) {
throw new RuntimeException(e);
}
}
Example #28
| Source File: GrpcEngine.java From saluki with Apache License 2.0 | 5 votes |
|
private SslContext buildServerSslContext() {
try {
InputStream certs = SslUtil.loadInputStreamCert("server.pem");
InputStream keys = SslUtil.loadInputStreamCert("server_pkcs8.key");
return GrpcSslContexts.configure(SslContextBuilder.forServer(certs, keys)).build();
} catch (SSLException e) {
throw new RpcFrameworkException(e);
}
}
Example #29
| Source File: WebSocketClientIT.java From timely with Apache License 2.0 | 5 votes |
|
private void setupSslCtx() throws Exception {
Assert.assertNotNull(clientTrustStoreFile);
SslContextBuilder builder = SslContextBuilder.forClient();
builder.applicationProtocolConfig(ApplicationProtocolConfig.DISABLED);
builder.sslProvider(SslProvider.JDK);
builder.trustManager(clientTrustStoreFile); // Trust the server cert
SslContext ctx = builder.build();
Assert.assertTrue(ctx.isClient());
Assert.assertTrue(ctx instanceof JdkSslContext);
JdkSslContext jdk = (JdkSslContext) ctx;
sslCtx = jdk.context();
}
Example #30
| Source File: HelloWorldMutualTlsServiceTest.java From quarkus with Apache License 2.0 | 5 votes |
|
@BeforeEach
public void init() throws SSLException {
SslContextBuilder builder = GrpcSslContexts.forClient();
builder.trustManager(new File("src/main/resources/tls/ca.pem"));
builder.keyManager(new File("src/main/resources/tls/client.pem"),
new File("src/main/resources/tls/client.key"));
SslContext context = builder.build();
channel = NettyChannelBuilder.forAddress("localhost", 9000)
.sslContext(context)
.build();
}
