/** Returns an SSL client for this host's localhost address. */ public static synchronized SslClient localhost() { if (localhost != null) return localhost; try { // Generate a self-signed cert for the server to serve and the client to trust. HeldCertificate heldCertificate = new HeldCertificate.Builder() .serialNumber("1") .commonName(InetAddress.getByName("localhost").getCanonicalHostName()) .build(); localhost = new Builder() .certificateChain(heldCertificate.keyPair, heldCertificate.certificate) .addTrustedCertificate(heldCertificate.certificate) .build(); return localhost; } catch (GeneralSecurityException | UnknownHostException e) { throw new RuntimeException(e); } }
/** * Configure the certificate chain to use when serving HTTPS responses. The first certificate is * the server's certificate, further certificates are included in the handshake so the client * can build a trusted path to a CA certificate. */ public Builder certificateChain(HeldCertificate localCert, HeldCertificate... chain) { X509Certificate[] certificates = new X509Certificate[chain.length]; for (int i = 0; i < chain.length; i++) { certificates[i] = chain[i].certificate; } return certificateChain(localCert.keyPair, localCert.certificate, certificates); }