@Override public HttpServerOptions setSsl(boolean ssl) { super.setSsl(ssl); return this; }
options.setUsePooledBuffers(usePooledBuffers); options.setIdleTimeout(idleTimeout); options.setSsl(ssl); options.setKeyStoreOptions(keyStoreOptions); options.setTrustStoreOptions(trustStoreOptions);
@Override public void start() throws Exception { NetServerOptions options = new NetServerOptions() .setSsl(true).setKeyStoreOptions(new JksOptions().setPath("server-keystore.jks").setPassword("wibble")); vertx.createNetServer(options).connectHandler(sock -> { // Create a pump Pump.pump(sock, sock).start(); }).listen(1234); System.out.println("Echo server is now listening"); } }
assertEquals(options, options.setSsl(true)); assertTrue(options.isSsl());
@Override public HttpServerOptions setSsl(boolean ssl) { super.setSsl(ssl); return this; }
@Test public void testTLSHostnameCertCheckIncorrect() { server.close(); server = vertx.createNetServer(new NetServerOptions().setSsl(true).setPort(4043) .setKeyCertOptions(Cert.SERVER_JKS_ROOT_CA.get())); server.connectHandler(netSocket -> netSocket.close()).listen(ar -> { NetClientOptions options = new NetClientOptions() .setHostnameVerificationAlgorithm("HTTPS") .setTrustOptions(Trust.SERVER_JKS_ROOT_CA.get()); NetClient client = vertx.createNetClient(options); client.connect(4043, "127.0.0.1", arSocket -> { if (arSocket.succeeded()) { NetSocket ns = arSocket.result(); ns.closeHandler(v -> { testComplete(); }); ns.upgradeToSsl(v -> { fail("this test should fail"); }); } else { fail(ar.cause()); } }); }); await(); }
@Test public void testNetServerInternalTLS() throws Exception { server.close(); server = vertx.createNetServer(new NetServerOptions() .setPort(1234) .setHost("localhost") .setSsl(true) .setKeyStoreOptions(Cert.SERVER_JKS.get())); testNetServerInternal_(new HttpClientOptions() .setSsl(true) .setTrustStoreOptions(Trust.SERVER_JKS.get()) , true); }
@Test public void testTLSHostnameCertCheckCorrect() { server.close(); server = vertx.createNetServer(new NetServerOptions().setSsl(true).setPort(4043) .setKeyCertOptions(Cert.SERVER_JKS_ROOT_CA.get())); server.connectHandler(netSocket -> netSocket.close()).listen(ar -> { NetClientOptions options = new NetClientOptions() .setHostnameVerificationAlgorithm("HTTPS") .setTrustOptions(Trust.SERVER_JKS_ROOT_CA.get()); NetClient client = vertx.createNetClient(options); client.connect(4043, "localhost", arSocket -> { if (arSocket.succeeded()) { NetSocket ns = arSocket.result(); ns.exceptionHandler(th -> { fail(th); }); ns.upgradeToSsl(v -> { testComplete(); }); } else { fail(ar.cause()); } }); }); await(); }
NetServerOptions options = new NetServerOptions(); if (!startTLS) { options.setSsl(true);
@Test public void testHostVerificationHttpsNotMatching() { server.close(); NetServerOptions options = new NetServerOptions() .setPort(1234) .setHost("localhost") .setSsl(true) .setKeyStoreOptions(new JksOptions().setPath("tls/mim-server-keystore.jks").setPassword("wibble")); NetServer server = vertx.createNetServer(options); NetClientOptions clientOptions = new NetClientOptions() .setSsl(true) .setTrustAll(true) .setHostnameVerificationAlgorithm("HTTPS"); NetClient client = vertx.createNetClient(clientOptions); server.connectHandler(sock -> { }); server.listen(ar -> { assertTrue(ar.succeeded()); client.connect(1234, "localhost", ar2 -> { //Should not be able to connect assertTrue(ar2.failed()); testComplete(); }); }); await(); }
@Test public void testHostVerificationHttpsMatching() { server.close(); NetServerOptions options = new NetServerOptions() .setPort(1234) .setHost("localhost") .setSsl(true) .setKeyStoreOptions(new JksOptions().setPath("tls/server-keystore.jks").setPassword("wibble")); NetServer server = vertx.createNetServer(options); NetClientOptions clientOptions = new NetClientOptions() .setSsl(true) .setTrustAll(true) .setHostnameVerificationAlgorithm("HTTPS"); NetClient client = vertx.createNetClient(clientOptions); server.connectHandler(sock -> { }); server.listen(ar -> { assertTrue(ar.succeeded()); client.connect(1234, "localhost", ar2 -> { //Should be able to connect assertTrue(ar2.succeeded()); testComplete(); }); }); await(); }
@Test public void testCloseCompletionHandlerNotCalledWhenActualServerFailed() { server.close(); server = vertx.createNetServer( new NetServerOptions() .setSsl(true) .setPemKeyCertOptions(new PemKeyCertOptions().setKeyPath("invalid"))) .connectHandler(c -> { }); try { server.listen(10000, r -> fail()); } catch (Exception ignore) { // Expected } server.close(onSuccess(v -> { testComplete(); })); await(); }
.setPort(1234) .setHost("localhost") .setSsl(true) .setKeyCertOptions(Cert.SERVER_JKS_ROOT_CA.get()); NetServer server = vertx.createNetServer(options);
.setPort(1234) .setHost("localhost") .setSsl(true) .setKeyCertOptions(Cert.SERVER_JKS_ROOT_CA.get()); NetServer server = vertx.createNetServer(options);
.setSsl(true) .setKeyCertOptions(certificate.keyCertOptions()) .setTrustOptions(certificate.trustOptions());
@Test public void testTLSHostnameCertCheckCorrect() { server.close(); server = vertx.createNetServer(new NetServerOptions().setSsl(true).setPort(4043) .setKeyCertOptions(Cert.SERVER_JKS_ROOT_CA.get())); server.connectHandler(netSocket -> netSocket.close()).listen(ar -> { NetClientOptions options = new NetClientOptions() .setHostnameVerificationAlgorithm("HTTPS") .setTrustOptions(Trust.SERVER_JKS_ROOT_CA.get()); NetClient client = vertx.createNetClient(options); client.connect(4043, "localhost", arSocket -> { if (arSocket.succeeded()) { NetSocket ns = arSocket.result(); ns.exceptionHandler(th -> { fail(th); }); ns.upgradeToSsl(v -> { testComplete(); }); } else { fail(ar.cause()); } }); }); await(); }
@Test public void testNetServerInternalTLS() throws Exception { server.close(); server = vertx.createNetServer(new NetServerOptions() .setPort(1234) .setHost("localhost") .setSsl(true) .setKeyStoreOptions(Cert.SERVER_JKS.get())); testNetServerInternal_(new HttpClientOptions() .setSsl(true) .setTrustStoreOptions(Trust.SERVER_JKS.get()) , true); }
@Test public void testHostVerificationHttpsNotMatching() { server.close(); NetServerOptions options = new NetServerOptions() .setPort(1234) .setHost("localhost") .setSsl(true) .setKeyStoreOptions(new JksOptions().setPath("tls/mim-server-keystore.jks").setPassword("wibble")); NetServer server = vertx.createNetServer(options); NetClientOptions clientOptions = new NetClientOptions() .setSsl(true) .setTrustAll(true) .setHostnameVerificationAlgorithm("HTTPS"); NetClient client = vertx.createNetClient(clientOptions); server.connectHandler(sock -> { }); server.listen(ar -> { assertTrue(ar.succeeded()); client.connect(1234, "localhost", ar2 -> { //Should not be able to connect assertTrue(ar2.failed()); testComplete(); }); }); await(); }
@Test public void testHostVerificationHttpsMatching() { server.close(); NetServerOptions options = new NetServerOptions() .setPort(1234) .setHost("localhost") .setSsl(true) .setKeyStoreOptions(new JksOptions().setPath("tls/server-keystore.jks").setPassword("wibble")); NetServer server = vertx.createNetServer(options); NetClientOptions clientOptions = new NetClientOptions() .setSsl(true) .setTrustAll(true) .setHostnameVerificationAlgorithm("HTTPS"); NetClient client = vertx.createNetClient(clientOptions); server.connectHandler(sock -> { }); server.listen(ar -> { assertTrue(ar.succeeded()); client.connect(1234, "localhost", ar2 -> { //Should be able to connect assertTrue(ar2.succeeded()); testComplete(); }); }); await(); }
@Test public void testCloseCompletionHandlerNotCalledWhenActualServerFailed() { server.close(); server = vertx.createNetServer( new NetServerOptions() .setSsl(true) .setPemKeyCertOptions(new PemKeyCertOptions().setKeyPath("invalid"))) .connectHandler(c -> { }); try { server.listen(10000, r -> fail()); } catch (Exception ignore) { // Expected } server.close(onSuccess(v -> { testComplete(); })); await(); }