public static SSLContext createSslContext(boolean allowInsecureConnection, String trustCertsFilePath, String certFilePath, String keyFilePath) throws GeneralSecurityException { X509Certificate[] trustCertificates = loadCertificatesFromPemFile(trustCertsFilePath); X509Certificate[] certificates = loadCertificatesFromPemFile(certFilePath); PrivateKey privateKey = loadPrivateKeyFromPemFile(keyFilePath); return createSslContext(allowInsecureConnection, trustCertificates, certificates, privateKey); }
public static SslContext createNettySslContext(boolean allowInsecureConnection, String trustCertsFilePath, String certFilePath, String keyFilePath) throws GeneralSecurityException, SSLException, FileNotFoundException { X509Certificate[] certificates = loadCertificatesFromPemFile(certFilePath); PrivateKey privateKey = loadPrivateKeyFromPemFile(keyFilePath); return createNettySslContext(allowInsecureConnection, trustCertsFilePath, certificates, privateKey); }
public AuthenticationDataTls(String certFilePath, String keyFilePath) throws KeyManagementException { if (certFilePath == null) { throw new IllegalArgumentException("certFilePath must not be null"); } if (keyFilePath == null) { throw new IllegalArgumentException("keyFilePath must not be null"); } certificates = SecurityUtility.loadCertificatesFromPemFile(certFilePath); privateKey = SecurityUtility.loadPrivateKeyFromPemFile(keyFilePath); }
.loadCertificatesFromPemFile(pulsarConfig.getTlsTrustCertsFilePath()); sslCtx = SecurityUtility.createSslContext(pulsarConfig.isTlsAllowInsecureConnection(), trustCertificates, authData.getTlsCertificates(), authData.getTlsPrivateKey()); } else { sslCtx = SecurityUtility.createSslContext(pulsarConfig.isTlsAllowInsecureConnection(), trustCertificates);
public static SSLContext createSslContext(boolean allowInsecureConnection, Certificate[] trustCertificates) throws GeneralSecurityException { return createSslContext(allowInsecureConnection, trustCertificates, (Certificate[]) null, (PrivateKey) null); }
public static SslContext createNettySslContext(boolean allowInsecureConnection, String trustCertsFilePath) throws GeneralSecurityException, SSLException, FileNotFoundException { return createNettySslContext(allowInsecureConnection, trustCertsFilePath, (Certificate[]) null, (PrivateKey) null); }
public ServerManager(ServiceConfig config) { this.webServiceExecutor = Executors.newFixedThreadPool(32, new DefaultThreadFactory("pulsar-external-web")); this.server = new Server(new ExecutorThreadPool(webServiceExecutor)); this.externalServicePort = config.getWebServicePort(); List<ServerConnector> connectors = Lists.newArrayList(); ServerConnector connector = new ServerConnector(server, 1, 1); connector.setPort(externalServicePort); connectors.add(connector); if (config.isTlsEnabled()) { SslContextFactory sslCtxFactory = new SslContextFactory(); try { SSLContext sslCtx = SecurityUtility.createSslContext(false, null, config.getTlsCertificateFilePath(), config.getTlsKeyFilePath()); sslCtxFactory.setSslContext(sslCtx); } catch (GeneralSecurityException e) { throw new RestException(e); } sslCtxFactory.setWantClientAuth(false); ServerConnector tlsConnector = new ServerConnector(server, 1, 1, sslCtxFactory); tlsConnector.setPort(config.getWebServicePortTls()); connectors.add(tlsConnector); } // Limit number of concurrent HTTP connections to avoid getting out of file descriptors connectors.stream().forEach(c -> c.setAcceptQueueSize(1024 / connectors.size())); server.setConnectors(connectors.toArray(new ServerConnector[connectors.size()])); }
sslCtx = SecurityUtility.createNettySslContext(tlsAllowInsecureConnection, tlsTrustCertsFilePath, authData.getTlsCertificates(), authData.getTlsPrivateKey()); } else { sslCtx = SecurityUtility.createNettySslContext(tlsAllowInsecureConnection, tlsTrustCertsFilePath);
SecurityUtility.createSslContext( pulsar.getConfiguration().isTlsAllowInsecureConnection(), pulsar.getConfiguration().getTlsTrustCertsFilePath(),