SSLUtils.isRestSSLEnabled(config); LOG.info("Enabling ssl for the artifact server"); try { sslFactory = SSLUtils.createRestServerSSLEngineFactory(config); } catch (Exception e) { throw new IOException("Failed to initialize SSLContext for the artifact server", e);
/** * Creates a factory for SSL Server Sockets from the given configuration. * SSL Server Sockets are always part of internal communication. */ public static ServerSocketFactory createSSLServerSocketFactory(Configuration config) throws Exception { SSLContext sslContext = createInternalSSLContext(config); if (sslContext == null) { throw new IllegalConfigurationException("SSL is not enabled"); } String[] protocols = getEnabledProtocols(config); String[] cipherSuites = getEnabledCipherSuites(config); SSLServerSocketFactory factory = sslContext.getServerSocketFactory(); return new ConfiguringSSLServerSocketFactory(factory, protocols, cipherSuites); }
private static SSLEngineFactory createSSLEngineFactory( final Configuration config, final boolean clientMode) throws Exception { final SSLContext sslContext = clientMode ? createSSLClientContext(config) : createSSLServerContext(config); checkState(sslContext != null, "%s it not enabled", SecurityOptions.SSL_ENABLED.key()); return new SSLEngineFactory( sslContext, getEnabledProtocols(config), getEnabledCipherSuites(config), clientMode); }
/** * Creates a {@link SSLHandlerFactory} to be used by the REST Servers. * * @param config The application configuration. */ public static SSLHandlerFactory createRestServerSSLEngineFactory(final Configuration config) throws Exception { SSLContext sslContext = createRestServerSSLContext(config); if (sslContext == null) { throw new IllegalConfigurationException("SSL is not enabled for REST endpoints."); } return new SSLHandlerFactory( sslContext, getEnabledProtocols(config), getEnabledCipherSuites(config), false, isRestSSLAuthenticationEnabled(config), -1, -1); }
/** * Creates a {@link SSLHandlerFactory} to be used by the REST Clients. * * @param config The application configuration. */ public static SSLHandlerFactory createRestClientSSLEngineFactory(final Configuration config) throws Exception { SSLContext sslContext = createRestClientSSLContext(config); if (sslContext == null) { throw new IllegalConfigurationException("SSL is not enabled for REST endpoints."); } return new SSLHandlerFactory( sslContext, getEnabledProtocols(config), getEnabledCipherSuites(config), true, isRestSSLAuthenticationEnabled(config), -1, -1); }
/** * Checks whether mutual SSL authentication for the external REST endpoint is enabled. */ public static boolean isRestSSLAuthenticationEnabled(Configuration sslConfig) { checkNotNull(sslConfig, "sslConfig"); return isRestSSLEnabled(sslConfig) && sslConfig.getBoolean(SecurityOptions.SSL_REST_AUTHENTICATION_ENABLED); }
if (SSLUtils.isRestSSLEnabled(config)) { try { sslHandlerFactory = SSLUtils.createRestClientSSLEngineFactory(config); } catch (Exception e) { throw new ConfigurationException("Failed to initialize SSLContext for the REST client", e);
checkNotNull(config, "config"); if (!isRestSSLEnabled(config)) { return null; String keystoreFilePath = getAndCheckOption( config, SecurityOptions.SSL_REST_KEYSTORE, SecurityOptions.SSL_KEYSTORE); String keystorePassword = getAndCheckOption( config, SecurityOptions.SSL_REST_KEYSTORE_PASSWORD, SecurityOptions.SSL_KEYSTORE_PASSWORD); String certPassword = getAndCheckOption( config, SecurityOptions.SSL_REST_KEY_PASSWORD, SecurityOptions.SSL_KEY_PASSWORD); String trustStoreFilePath = getAndCheckOption( config, SecurityOptions.SSL_REST_TRUSTSTORE, SecurityOptions.SSL_TRUSTSTORE); String trustStorePassword = getAndCheckOption( config, SecurityOptions.SSL_REST_TRUSTSTORE_PASSWORD, SecurityOptions.SSL_TRUSTSTORE_PASSWORD);
public boolean getSSLEnabled() { return config.getBoolean(ConfigConstants.TASK_MANAGER_DATA_SSL_ENABLED, ConfigConstants.DEFAULT_TASK_MANAGER_DATA_SSL_ENABLED) && SSLUtils.getSSLEnabled(config); }
if (config.getBoolean(HistoryServerOptions.HISTORY_SERVER_WEB_SSL_ENABLED) && SSLUtils.getSSLEnabled(config)) { LOG.info("Enabling SSL for the history server."); try { this.serverSSLContext = SSLUtils.createSSLServerContext(config); } catch (Exception e) { throw new IOException("Failed to initialize SSLContext for the history server.", e);
serverSSLContext = SSLUtils.createSSLServerContext(config); } catch (Exception e) { throw new IOException("Failed to initialize SSLContext for the blob server", e); throw new IOException("Unable to allocate socket for blob server in specified port range: " + serverPortRange); } else { SSLUtils.setSSLVerAndCipherSuites(socketAttempt, config); this.serverSocket = socketAttempt;
/** * Sets SSL version and cipher suites for SSLEngine. * * @param engine SSLEngine to be handled * @param config The application configuration * @deprecated Use {@link #createClientSSLEngineFactory(Configuration)} or * {@link #createServerSSLEngineFactory(Configuration)}. */ @Deprecated public static void setSSLVerAndCipherSuites(SSLEngine engine, Configuration config) { engine.setEnabledProtocols(getEnabledProtocols(config)); engine.setEnabledCipherSuites(getEnabledCipherSuites(config)); }
public void setSSLVerAndCipherSuites(SSLEngine engine) { SSLUtils.setSSLVerAndCipherSuites(engine, config); }
public SSLContext createServerSSLContext() throws Exception { // Create SSL Context from config SSLContext serverSSLContext = null; if (getSSLEnabled()) { serverSSLContext = SSLUtils.createSSLServerContext(config); } return serverSSLContext; }
/** * Creates a factory for SSL Client Sockets from the given configuration. * SSL Client Sockets are always part of internal communication. */ public static SocketFactory createSSLClientSocketFactory(Configuration config) throws Exception { SSLContext sslContext = createInternalSSLContext(config); if (sslContext == null) { throw new IllegalConfigurationException("SSL is not enabled"); } return sslContext.getSocketFactory(); }
@Nullable public SSLHandlerFactory createServerSSLEngineFactory() throws Exception { return getSSLEnabled() ? SSLUtils.createInternalServerSSLEngineFactory(config) : null; }
@Nullable public SSLHandlerFactory createClientSSLEngineFactory() throws Exception { return getSSLEnabled() ? SSLUtils.createInternalClientSSLEngineFactory(config) : null; }
/** * Creates a factory for SSL Server Sockets from the given configuration. * SSL Server Sockets are always part of internal communication. */ public static ServerSocketFactory createSSLServerSocketFactory(Configuration config) throws Exception { SSLContext sslContext = createInternalSSLContext(config); if (sslContext == null) { throw new IllegalConfigurationException("SSL is not enabled"); } String[] protocols = getEnabledProtocols(config); String[] cipherSuites = getEnabledCipherSuites(config); SSLServerSocketFactory factory = sslContext.getServerSocketFactory(); return new ConfiguringSSLServerSocketFactory(factory, protocols, cipherSuites); }
/** * Creates a {@link SSLHandlerFactory} to be used by the REST Servers. * * @param config The application configuration. */ public static SSLHandlerFactory createRestServerSSLEngineFactory(final Configuration config) throws Exception { SSLContext sslContext = createRestServerSSLContext(config); if (sslContext == null) { throw new IllegalConfigurationException("SSL is not enabled for REST endpoints."); } return new SSLHandlerFactory( sslContext, getEnabledProtocols(config), getEnabledCipherSuites(config), false, isRestSSLAuthenticationEnabled(config), -1, -1); }
/** * Creates a {@link SSLHandlerFactory} to be used by the REST Clients. * * @param config The application configuration. */ public static SSLHandlerFactory createRestClientSSLEngineFactory(final Configuration config) throws Exception { SSLContext sslContext = createRestClientSSLContext(config); if (sslContext == null) { throw new IllegalConfigurationException("SSL is not enabled for REST endpoints."); } return new SSLHandlerFactory( sslContext, getEnabledProtocols(config), getEnabledCipherSuites(config), true, isRestSSLAuthenticationEnabled(config), -1, -1); }