/** * Produce an SslContext that will record metrics, based on the provided configuration. * * @param httpsConnectorConfig configuration * @param metricRegistry metric registry * @return SslContext */ public static SslContext newSSLContext(HttpsConnectorConfig httpsConnectorConfig, MetricRegistry metricRegistry) { SslContext sslContext = newSSLContext(httpsConnectorConfig); registerOpenSslStats(sslContext, metricRegistry); return sslContext; }
/** * Produce an SslContext based on the provided configuration. * * @param httpsConnectorConfig configuration * @return SslContext */ public static SslContext newSSLContext(HttpsConnectorConfig httpsConnectorConfig) { SslContextBuilder builder = httpsConnectorConfig.isConfigured() ? sslContextFromConfiguration(httpsConnectorConfig) : sslContextFromSelfSignedCertificate(httpsConnectorConfig); try { return builder.build(); } catch (SSLException e) { throw propagate(e); } }
private static SslContextBuilder sslContextFromSelfSignedCertificate(HttpsConnectorConfig httpsConnectorConfig) { SelfSignedCertificate certificate = newSelfSignedCertificate(); return SslContextBuilder.forServer(certificate.certificate(), certificate.privateKey()) .protocols(toProtocolsOrDefault(httpsConnectorConfig.protocols())) .ciphers(toCiphersOrDefault(httpsConnectorConfig.ciphers())) .sslProvider(SslProvider.valueOf(httpsConnectorConfig.sslProvider())); }
private SslHandler sslHandler(Channel channel) { SslContext sslContext = newSSLContext((HttpsConnectorConfig) config); return sslContext.newHandler(channel.alloc()); }
private static SslContextBuilder sslContextFromConfiguration(HttpsConnectorConfig httpsConnectorConfig) { return SslContextBuilder.forServer(new File(httpsConnectorConfig.certificateFile()), new File(httpsConnectorConfig.certificateKeyFile())) .sslProvider(SslProvider.valueOf(httpsConnectorConfig.sslProvider())) .ciphers(toCiphersOrDefault(httpsConnectorConfig.ciphers())) .sessionTimeout(MILLISECONDS.toSeconds(httpsConnectorConfig.sessionTimeoutMillis())) .sessionCacheSize(httpsConnectorConfig.sessionCacheSize()) .protocols(toProtocolsOrDefault(httpsConnectorConfig.protocols())); }
private ProxyConnector(HttpConnectorConfig config, NettyServerConfig serverConfig, MetricRegistry metrics, HttpErrorStatusListener errorStatusListener, String unwiseCharacters, ResponseEnhancer responseEnhancer, boolean requestTracking) { this.responseEnhancer = requireNonNull(responseEnhancer); this.config = requireNonNull(config); this.serverConfig = requireNonNull(serverConfig); this.metrics = requireNonNull(metrics); this.httpErrorStatusListener = requireNonNull(errorStatusListener); this.channelStatsHandler = new ChannelStatisticsHandler(metrics); this.requestStatsCollector = new RequestStatsCollector(metrics.scope("requests")); this.excessConnectionRejector = new ExcessConnectionRejector(new DefaultChannelGroup(GlobalEventExecutor.INSTANCE), serverConfig.maxConnectionsCount()); this.unwiseCharEncoder = new ConfigurableUnwiseCharsEncoder(unwiseCharacters); if (isHttps()) { this.sslContext = Optional.of(newSSLContext((HttpsConnectorConfig) config, metrics)); } else { this.sslContext = Optional.empty(); } this.requestTracker = requestTracking ? CurrentRequestTracker.INSTANCE : RequestTracker.NO_OP; }