sslConfig.getTrustStoreType() == null ? System.getProperty("javax.net.ssl.trustStoreType", "JKS") : sslConfig.getTrustStoreType(); String trustStorePwd = sslConfig.getTrustStorePassword() == null ? masterPassword : sslConfig.getTrustStorePassword(); File trustStore = sslConfig.getTrustStore() == null ? new File(System.getProperty("javax.net.ssl.trustStore")) : new File(sslConfig.getTrustStore()); sslConfig.getTrustStoreType() == null ? System.getProperty("javax.net.ssl.keyStoreType", "JKS") : sslConfig.getKeyStoreType(); String keyStorePwd = sslConfig.getTrustStorePassword() == null ? masterPassword : sslConfig.getKeyStorePassword(); File keyStore = sslConfig.getTrustStore() == null ? new File(System.getProperty("javax.net.ssl.keyStore")) : new File(sslConfig.getKeyStore()); sslParams.setTrustAlgorithm(sslConfig.getTrustAlgorithm()); sslParams.setCertNickname(sslConfig.getCertNickname()); sslParams.setCrlFile(sslConfig.getCrlFile()); sslParams.setClientAuthEnabled(sslConfig.getClientAuthEnabled()); sslParams.setClientAuth(sslConfig.getClientAuth()); sslParams.setKeyAlgorithm(sslConfig.getKeyAlgorithm()); sslParams.setKeyStore(keyStore.getAbsolutePath()); sslParams.setKeyStorePassword(keyStorePwd); sslParams.setKeyStoreType(keyStoreType); sslParams.setSsl2Ciphers(sslConfig.getSsl2Ciphers()); sslParams.setSsl2Enabled(sslConfig.getSsl2Enabled()); sslParams.setSsl3Enabled(sslConfig.getSsl3Enabled()); sslParams.setSsl3TlsCiphers(sslConfig.getSsl3TlsCiphers()); sslParams.setTlsEnabled(sslConfig.getTlsEnabled());
private static boolean isNeedClientAuth(final Ssl ssl) { if (Boolean.parseBoolean(ssl.getClientAuthEnabled())) { return true; } final String auth = ssl.getClientAuth(); return auth != null && "need".equalsIgnoreCase(auth.trim()); }
final ServerSocketFactory serverSF = getSslImplementation().getServerSocketFactory(); if (ssl != null) { if (ssl.getCrlFile() != null) { setAttribute(serverSF, "crlFile", ssl.getCrlFile(), null, null); if (ssl.getTrustAlgorithm() != null) { setAttribute(serverSF, "truststoreAlgorithm", ssl.getTrustAlgorithm(), null, null); if (ssl.getKeyAlgorithm() != null) { setAttribute(serverSF, "algorithm", ssl.getKeyAlgorithm(), null, null); setAttribute(serverSF, "trustMaxCertLength", ssl.getTrustMaxCertLength(), null, null); setAttribute(serverSF, "keystore", ssl != null ? ssl.getKeyStore() : null, "javax.net.ssl.keyStore", null); setAttribute(serverSF, "keystoreType", ssl != null ? ssl.getKeyStoreType() : null, "javax.net.ssl.keyStoreType", "JKS"); setAttribute(serverSF, "keystorePass", ssl != null ? getKeyStorePassword(ssl) : null, "javax.net.ssl.keyStorePassword", "changeit"); setAttribute(serverSF, "truststore", ssl != null ? ssl.getTrustStore() : null, "javax.net.ssl.trustStore", null); setAttribute(serverSF, "truststoreType", ssl != null ? ssl.getTrustStoreType() : null, "javax.net.ssl.trustStoreType", "JKS"); setAttribute(serverSF, "truststorePass", ssl != null ? getTrustStorePassword(ssl) : null, "javax.net.ssl.trustStorePassword", "changeit"); serverSF.setAttribute("keyAlias", ssl != null ? ssl.getCertNickname() : null); serverSF.init(); newSslContext = serverSF.getSSLContext();
if (Boolean.parseBoolean(ssl.getSsl2Enabled())) { tmpSSLArtifactsList.add("SSLv2"); if (Boolean.parseBoolean(ssl.getSsl3Enabled())) { tmpSSLArtifactsList.add("SSLv3"); if (Boolean.parseBoolean(ssl.getTlsEnabled())) { tmpSSLArtifactsList.add("TLSv1"); if (Boolean.parseBoolean(ssl.getTls11Enabled())) { tmpSSLArtifactsList.add("TLSv1.1"); if (Boolean.parseBoolean(ssl.getTls12Enabled())) { tmpSSLArtifactsList.add("TLSv1.2"); if (Boolean.parseBoolean(ssl.getSsl3Enabled()) || Boolean.parseBoolean(ssl.getTlsEnabled())) { tmpSSLArtifactsList.add("SSLv2Hello"); final String ssl3Ciphers = ssl.getSsl3TlsCiphers(); if (ssl3Ciphers != null && ssl3Ciphers.length() > 0) { final String[] ssl3CiphersArray = ssl3Ciphers.split(","); final String ssl2Ciphers = ssl.getSsl2Ciphers(); if (ssl2Ciphers != null && ssl2Ciphers.length() > 0) { final String[] ssl2CiphersArray = ssl2Ciphers.split(",");
boolean ssl2Enabled = Boolean.valueOf(ssl.getSsl2Enabled()); boolean tlsEnabled = Boolean.valueOf(ssl.getTlsEnabled()); boolean ssl3Enabled = Boolean.valueOf(ssl.getSsl3Enabled()); sslInfo = init(ssl.getCertNickname(), ssl2Enabled, ssl.getSsl2Ciphers(), ssl3Enabled, ssl.getSsl3TlsCiphers(), tlsEnabled); } else { Ssl outboundSsl = iiopBean.getSslClientConfig().getSsl(); if (outboundSsl != null) { boolean ssl2Enabled = Boolean.valueOf(outboundSsl.getSsl2Enabled()); boolean ssl3Enabled = Boolean.valueOf(outboundSsl.getSsl3Enabled()); boolean tlsEnabled = Boolean.valueOf(outboundSsl.getTlsEnabled()); clientSslInfo = init(outboundSsl.getCertNickname(), ssl2Enabled, outboundSsl.getSsl2Ciphers(), ssl3Enabled, outboundSsl.getSsl3TlsCiphers(), tlsEnabled);
private int getServerPort(String mech) { List<IiopListener> listenersList = IIOPUtils.getInstance(). getIiopService().getIiopListener(); IiopListener[] iiopListenerBeans = listenersList.toArray( new IiopListener[listenersList.size()]); for (IiopListener ilisten : iiopListenerBeans) { if (mech.equalsIgnoreCase("SSL")) { if (ilisten.getSecurityEnabled().equalsIgnoreCase("true") && ilisten.getSsl() != null && !ilisten.getSsl().getClientAuthEnabled().equalsIgnoreCase("true")) { return Integer.parseInt(ilisten.getPort()); } } else if (mech.equalsIgnoreCase("SSL_MUTUALAUTH")) { if (ilisten.getSecurityEnabled().equalsIgnoreCase("true") && ilisten.getSsl() != null && ilisten.getSsl().getClientAuthEnabled().equalsIgnoreCase("true")) { return Integer.parseInt(ilisten.getPort()); } } else if (!ilisten.getSecurityEnabled().equalsIgnoreCase("true")) { return Integer.parseInt(ilisten.getPort()); } } return -1; } }
private static boolean isWantClientAuth(final Ssl ssl) { final String auth = ssl.getClientAuth(); return auth != null && "want".equalsIgnoreCase(auth.trim()); }
final ServerSocketFactory serverSF = getSslImplementation().getServerSocketFactory(); if (ssl != null) { if (ssl.getCrlFile() != null) { setAttribute(serverSF, "crlFile", ssl.getCrlFile(), null, null); if (ssl.getTrustAlgorithm() != null) { setAttribute(serverSF, "truststoreAlgorithm", ssl.getTrustAlgorithm(), null, null); if (ssl.getKeyAlgorithm() != null) { setAttribute(serverSF, "algorithm", ssl.getKeyAlgorithm(), null, null); setAttribute(serverSF, "trustMaxCertLength", ssl.getTrustMaxCertLength(), null, null); setAttribute(serverSF, "keystore", ssl != null ? ssl.getKeyStore() : null, "javax.net.ssl.keyStore", null); setAttribute(serverSF, "keystoreType", ssl != null ? ssl.getKeyStoreType() : null, "javax.net.ssl.keyStoreType", "JKS"); setAttribute(serverSF, "keystorePass", ssl != null ? getKeyStorePassword(ssl) : null, "javax.net.ssl.keyStorePassword", "changeit"); setAttribute(serverSF, "truststore", ssl != null ? ssl.getTrustStore() : null, "javax.net.ssl.trustStore", null); setAttribute(serverSF, "truststoreType", ssl != null ? ssl.getTrustStoreType() : null, "javax.net.ssl.trustStoreType", "JKS"); setAttribute(serverSF, "truststorePass", ssl != null ? getTrustStorePassword(ssl) : null, "javax.net.ssl.trustStorePassword", "changeit"); serverSF.setAttribute("keyAlias", ssl != null ? ssl.getCertNickname() : null); serverSF.init(); newSslContext = serverSF.getSSLContext();
if (Boolean.parseBoolean(ssl.getSsl2Enabled())) { tmpSSLArtifactsList.add("SSLv2"); if (Boolean.parseBoolean(ssl.getSsl3Enabled())) { tmpSSLArtifactsList.add("SSLv3"); if (Boolean.parseBoolean(ssl.getTlsEnabled())) { tmpSSLArtifactsList.add("TLSv1"); if (Boolean.parseBoolean(ssl.getTls11Enabled())) { tmpSSLArtifactsList.add("TLSv1.1"); if (Boolean.parseBoolean(ssl.getTls12Enabled())) { tmpSSLArtifactsList.add("TLSv1.2"); if (Boolean.parseBoolean(ssl.getSsl3Enabled()) || Boolean.parseBoolean(ssl.getTlsEnabled())) { tmpSSLArtifactsList.add("SSLv2Hello"); final String ssl3Ciphers = ssl.getSsl3TlsCiphers(); if (ssl3Ciphers != null && ssl3Ciphers.length() > 0) { final String[] ssl3CiphersArray = ssl3Ciphers.split(","); final String ssl2Ciphers = ssl.getSsl2Ciphers(); if (ssl2Ciphers != null && ssl2Ciphers.length() > 0) { final String[] ssl2CiphersArray = ssl2Ciphers.split(",");
private static boolean isNeedClientAuth(final Ssl ssl) { if (Boolean.parseBoolean(ssl.getClientAuthEnabled())) { return true; } final String auth = ssl.getClientAuth(); return auth != null && "need".equalsIgnoreCase(auth.trim()); }
sslBean.getClientAuthEnabled() ) ; String type = clientAuth ? SSL_MUTUALAUTH : SSL ; addAcceptor( orb, isLazy, host, type, port ) ;
private static boolean isWantClientAuth(final Ssl ssl) { final String auth = ssl.getClientAuth(); return auth != null && "want".equalsIgnoreCase(auth.trim()); }