trustStoreFactory.setPassword(truststorePassword); final SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setKeyManagerFactoryKeyStore(ks); sslContextFactory.setTrustManagerFactoryKeyStore(ts); sslContextFactory.setKeyManagerFactoryKeyStorePassword(keystorePassword); sslContext = sslContextFactory.newInstance(); log.debug("SSL provider is: {}", sslContext.getProvider());
@Resource(name = "securityContext") public void setSecurityContext(SecurityContext securityContext) { vhostKeySelector = new VirtualHostKeySelector(); try { vhostKeySelector.init(securityContext.getKeyStore(), securityContext.getKeyStorePassword()); } catch (KeyStoreException e) { throw new RuntimeException(e); } try { sslContextFactory = new SslContextFactory(); sslContextFactory.setTrustManagerFactoryKeyStore(securityContext.getTrustStore()); //sslContextFactory.setTrustManagerFactoryKeyStorePassword(trustStorePassword); char[] keyStorePassword = securityContext.getKeyStorePassword(); sslContextFactory.setKeyManagerFactoryKeyStorePassword(keyStorePassword == null ? null : new String(keyStorePassword)); sslContextFactory.setKeyManagerFactoryKeyStore(securityContext.getKeyStore()); // Create a new SslProvider to select certificates based on // various key selection criteria KeyManagerFactory kmf = KeyManagerFactory.getInstance("SslTransport", new SslProvider()); sslContextFactory.setKeyManagerFactory(kmf); // avoid caching SSLSession in shared SSLContextFactory instance // Note: SSLSessionContext.setSessionCacheSize(0) means unlimited, // so we use 1 instead sslContextFactory.setClientSessionCacheSize(1); } catch (NoSuchAlgorithmException ne) { throw new RuntimeException(ne); } }
@Resource(name = "securityContext") public void setSecurityContext(SecurityContext securityContext) { vhostKeySelector = new VirtualHostKeySelector(); try { vhostKeySelector.init(securityContext.getKeyStore(), securityContext.getKeyStorePassword()); } catch (KeyStoreException e) { throw new RuntimeException(e); } try { sslContextFactory = new SslContextFactory(); sslContextFactory.setTrustManagerFactoryKeyStore(securityContext.getTrustStore()); //sslContextFactory.setTrustManagerFactoryKeyStorePassword(trustStorePassword); char[] keyStorePassword = securityContext.getKeyStorePassword(); sslContextFactory.setKeyManagerFactoryKeyStorePassword(keyStorePassword == null ? null : new String(keyStorePassword)); sslContextFactory.setKeyManagerFactoryKeyStore(securityContext.getKeyStore()); // Create a new SslProvider to select certificates based on // various key selection criteria KeyManagerFactory kmf = KeyManagerFactory.getInstance("SslTransport", new SslProvider()); sslContextFactory.setKeyManagerFactory(kmf); // avoid caching SSLSession in shared SSLContextFactory instance // Note: SSLSessionContext.setSessionCacheSize(0) means unlimited, // so we use 1 instead sslContextFactory.setServerSessionCacheSize(1); } catch (NoSuchAlgorithmException ne) { throw new RuntimeException(ne); } }
@Override protected void init() { super.init(); try { sslContext = sslContextFactory.newInstance(); } catch (Exception e) { logger.error("Exception while creating SSL context: ", e); } certificateSelection = new SslCertificateSelectionFilter(true); }
@Override protected void init() { super.init(); try { sslContext = sslContextFactory.newInstance(); } catch (UnrecoverableKeyException uke) { // Catch these exceptions separately, so that we can throw // a RuntimeException and cause the Gateway to not start up. // The likely cause is that the keystore contains keys that // are encrypted using a passphrase which differs from the // passphrase protecting the keystore itself (see KG-6925). throw new RuntimeException("Unable to load necessary certificate keys from keystore; perhaps your keys are protected by passwords that are different from the keystore password?", uke); } catch (Exception e) { logger.error("Exception while creating SSL context: ", e); } certificateSelection = new SslCertificateSelectionFilter(false); }
if (keyStore.exists() && trustStore.exists()) { final SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setKeyManagerFactoryKeyStore(ks); sslContextFactory.setTrustManagerFactoryKeyStore(ts); sslContextFactory.setKeyManagerFactoryKeyStorePassword(keystorePassword); sslContext = sslContextFactory.newInstance(); log.debug("SSL provider: {}", sslContext.getProvider());
final SSLContext sslContext = sslFactory.newInstance (); if ( startInactive )
final SslContextFactory factory = new SslContextFactory (); trustStoreFactory.setPassword ( trustStorePassword ); factory.setKeyManagerFactoryKeyStore ( keyStoreFactory.newInstance () ); factory.setTrustManagerFactoryKeyStore ( trustStoreFactory.newInstance () ); factory.setKeyManagerFactoryKeyStorePassword ( keyPassword );
final SSLContext sslContext = sslFactory.newInstance (); if ( startInactive )
final SslContextFactory factory = new SslContextFactory (); trustStoreFactory.setPassword ( trustStorePassword ); factory.setKeyManagerFactoryKeyStore ( keyStoreFactory.newInstance () ); factory.setTrustManagerFactoryKeyStore ( trustStoreFactory.newInstance () ); factory.setKeyManagerFactoryKeyStorePassword ( keyPassword );