@Test(timeout = 20000) public void testConnectWithSslToNonSslServerFails(TestContext context) throws Exception { Async async = context.async(); // Create a server that doesn't use ssl ProtonServerOptions serverOptions = new ProtonServerOptions(); serverOptions.setSsl(false); mockServer = new MockServer(vertx, conn -> { handleBridgeStartupProcess(conn, context); }, serverOptions); // Try to start the bridge and expect it to fail AmqpBridgeOptions bridgeOptions = new AmqpBridgeOptions(); bridgeOptions.setSsl(true); PfxOptions pfxOptions = new PfxOptions().setPath(TRUSTSTORE).setPassword(PASSWORD); bridgeOptions.setPfxTrustOptions(pfxOptions); AmqpBridge bridge = AmqpBridge.create(vertx, bridgeOptions); bridge.start("localhost", mockServer.actualPort(), res -> { // Expect start to fail due to remote peer not doing SSL context.assertFalse(res.succeeded(), "expected start to fail due to server not using secure transport"); async.complete(); }); async.awaitSuccess(); }
bridgeOptions.setSsl(true); PfxOptions clientPfxOptions = new PfxOptions().setPath(TRUSTSTORE).setPassword(PASSWORD); bridgeOptions.setPfxTrustOptions(clientPfxOptions);
@Test(timeout = 20000) public void testConnectWithSslSucceeds(TestContext context) throws Exception { Async async = context.async(); ProtonServerOptions serverOptions = new ProtonServerOptions(); serverOptions.setSsl(true); PfxOptions serverPfxOptions = new PfxOptions().setPath(KEYSTORE).setPassword(PASSWORD); serverOptions.setPfxKeyCertOptions(serverPfxOptions); mockServer = new MockServer(vertx, conn -> { handleBridgeStartupProcess(conn, context); }, serverOptions); // Start the bridge and verify is succeeds AmqpBridgeOptions bridgeOptions = new AmqpBridgeOptions(); bridgeOptions.setSsl(true); PfxOptions clientPfxOptions = new PfxOptions().setPath(TRUSTSTORE).setPassword(PASSWORD); bridgeOptions.setPfxTrustOptions(clientPfxOptions); AmqpBridge bridge = AmqpBridge.create(vertx, bridgeOptions); bridge.start("localhost", mockServer.actualPort(), res -> { // Expect start to succeed context.assertTrue(res.succeeded(), "expected start to suceed"); async.complete(); }); async.awaitSuccess(); }
@Test(timeout = 20000) public void testConnectWithSslToServerWithUntrustedKeyFails(TestContext context) throws Exception { Async async = context.async(); ProtonServerOptions serverOptions = new ProtonServerOptions(); serverOptions.setSsl(true); PfxOptions serverPfxOptions = new PfxOptions().setPath(KEYSTORE).setPassword(PASSWORD); serverOptions.setPfxKeyCertOptions(serverPfxOptions); mockServer = new MockServer(vertx, conn -> { handleBridgeStartupProcess(conn, context); }, serverOptions); // Try to start the bridge and expect it to fail due to not trusting the server AmqpBridgeOptions bridgeOptions = new AmqpBridgeOptions(); bridgeOptions.setSsl(true); PfxOptions pfxOptions = new PfxOptions().setPath(OTHER_CA_TRUSTSTORE).setPassword(PASSWORD); bridgeOptions.setPfxTrustOptions(pfxOptions); AmqpBridge bridge = AmqpBridge.create(vertx, bridgeOptions); bridge.start("localhost", mockServer.actualPort(), res -> { // Expect start to fail due to remote peer not being trusted context.assertFalse(res.succeeded(), "expected start to fail due to untrusted server"); async.complete(); }); async.awaitSuccess(); }
bridgeOptions.setPfxTrustOptions(pfxOptions);