/** * Sets SSL version and cipher suites for SSLEngine. * * @param engine SSLEngine to be handled * @param config The application configuration * @deprecated Use {@link #createClientSSLEngineFactory(Configuration)} or * {@link #createServerSSLEngineFactory(Configuration)}. */ @Deprecated public static void setSSLVerAndCipherSuites(SSLEngine engine, Configuration config) { engine.setEnabledProtocols(getEnabledProtocols(config)); engine.setEnabledCipherSuites(getEnabledCipherSuites(config)); }
/** * Creates a factory for SSL Server Sockets from the given configuration. * SSL Server Sockets are always part of internal communication. */ public static ServerSocketFactory createSSLServerSocketFactory(Configuration config) throws Exception { SSLContext sslContext = createInternalSSLContext(config); if (sslContext == null) { throw new IllegalConfigurationException("SSL is not enabled"); } String[] protocols = getEnabledProtocols(config); String[] cipherSuites = getEnabledCipherSuites(config); SSLServerSocketFactory factory = sslContext.getServerSocketFactory(); return new ConfiguringSSLServerSocketFactory(factory, protocols, cipherSuites); }
/** * Creates a factory for SSL Server Sockets from the given configuration. * SSL Server Sockets are always part of internal communication. */ public static ServerSocketFactory createSSLServerSocketFactory(Configuration config) throws Exception { SSLContext sslContext = createInternalSSLContext(config); if (sslContext == null) { throw new IllegalConfigurationException("SSL is not enabled"); } String[] protocols = getEnabledProtocols(config); String[] cipherSuites = getEnabledCipherSuites(config); SSLServerSocketFactory factory = sslContext.getServerSocketFactory(); return new ConfiguringSSLServerSocketFactory(factory, protocols, cipherSuites); }
/** * Creates a {@link SSLHandlerFactory} to be used by the REST Servers. * * @param config The application configuration. */ public static SSLHandlerFactory createRestServerSSLEngineFactory(final Configuration config) throws Exception { SSLContext sslContext = createRestServerSSLContext(config); if (sslContext == null) { throw new IllegalConfigurationException("SSL is not enabled for REST endpoints."); } return new SSLHandlerFactory( sslContext, getEnabledProtocols(config), getEnabledCipherSuites(config), false, isRestSSLAuthenticationEnabled(config), -1, -1); }
private static SSLEngineFactory createSSLEngineFactory( final Configuration config, final boolean clientMode) throws Exception { final SSLContext sslContext = clientMode ? createSSLClientContext(config) : createSSLServerContext(config); checkState(sslContext != null, "%s it not enabled", SecurityOptions.SSL_ENABLED.key()); return new SSLEngineFactory( sslContext, getEnabledProtocols(config), getEnabledCipherSuites(config), clientMode); }
/** * Creates a {@link SSLHandlerFactory} to be used by the REST Clients. * * @param config The application configuration. */ public static SSLHandlerFactory createRestClientSSLEngineFactory(final Configuration config) throws Exception { SSLContext sslContext = createRestClientSSLContext(config); if (sslContext == null) { throw new IllegalConfigurationException("SSL is not enabled for REST endpoints."); } return new SSLHandlerFactory( sslContext, getEnabledProtocols(config), getEnabledCipherSuites(config), true, isRestSSLAuthenticationEnabled(config), -1, -1); }
/** * Creates a {@link SSLHandlerFactory} to be used by the REST Clients. * * @param config The application configuration. */ public static SSLHandlerFactory createRestClientSSLEngineFactory(final Configuration config) throws Exception { SSLContext sslContext = createRestClientSSLContext(config); if (sslContext == null) { throw new IllegalConfigurationException("SSL is not enabled for REST endpoints."); } return new SSLHandlerFactory( sslContext, getEnabledProtocols(config), getEnabledCipherSuites(config), true, isRestSSLAuthenticationEnabled(config), -1, -1); }
/** * Creates a {@link SSLHandlerFactory} to be used by the REST Servers. * * @param config The application configuration. */ public static SSLHandlerFactory createRestServerSSLEngineFactory(final Configuration config) throws Exception { SSLContext sslContext = createRestServerSSLContext(config); if (sslContext == null) { throw new IllegalConfigurationException("SSL is not enabled for REST endpoints."); } return new SSLHandlerFactory( sslContext, getEnabledProtocols(config), getEnabledCipherSuites(config), false, isRestSSLAuthenticationEnabled(config), -1, -1); }
/** * Creates a SSLEngineFactory to be used by internal communication client endpoints. */ public static SSLHandlerFactory createInternalClientSSLEngineFactory(final Configuration config) throws Exception { SSLContext sslContext = createInternalSSLContext(config); if (sslContext == null) { throw new IllegalConfigurationException("SSL is not enabled for internal communication."); } return new SSLHandlerFactory( sslContext, getEnabledProtocols(config), getEnabledCipherSuites(config), true, true, config.getInteger(SecurityOptions.SSL_INTERNAL_HANDSHAKE_TIMEOUT), config.getInteger(SecurityOptions.SSL_INTERNAL_CLOSE_NOTIFY_FLUSH_TIMEOUT)); }
/** * Creates a SSLEngineFactory to be used by internal communication server endpoints. */ public static SSLHandlerFactory createInternalServerSSLEngineFactory(final Configuration config) throws Exception { SSLContext sslContext = createInternalSSLContext(config); if (sslContext == null) { throw new IllegalConfigurationException("SSL is not enabled for internal communication."); } return new SSLHandlerFactory( sslContext, getEnabledProtocols(config), getEnabledCipherSuites(config), false, true, config.getInteger(SecurityOptions.SSL_INTERNAL_HANDSHAKE_TIMEOUT), config.getInteger(SecurityOptions.SSL_INTERNAL_CLOSE_NOTIFY_FLUSH_TIMEOUT)); }
/** * Creates a SSLEngineFactory to be used by internal communication server endpoints. */ public static SSLHandlerFactory createInternalServerSSLEngineFactory(final Configuration config) throws Exception { SSLContext sslContext = createInternalSSLContext(config); if (sslContext == null) { throw new IllegalConfigurationException("SSL is not enabled for internal communication."); } return new SSLHandlerFactory( sslContext, getEnabledProtocols(config), getEnabledCipherSuites(config), false, true, config.getInteger(SecurityOptions.SSL_INTERNAL_HANDSHAKE_TIMEOUT), config.getInteger(SecurityOptions.SSL_INTERNAL_CLOSE_NOTIFY_FLUSH_TIMEOUT)); }
/** * Creates a SSLEngineFactory to be used by internal communication client endpoints. */ public static SSLHandlerFactory createInternalClientSSLEngineFactory(final Configuration config) throws Exception { SSLContext sslContext = createInternalSSLContext(config); if (sslContext == null) { throw new IllegalConfigurationException("SSL is not enabled for internal communication."); } return new SSLHandlerFactory( sslContext, getEnabledProtocols(config), getEnabledCipherSuites(config), true, true, config.getInteger(SecurityOptions.SSL_INTERNAL_HANDSHAKE_TIMEOUT), config.getInteger(SecurityOptions.SSL_INTERNAL_CLOSE_NOTIFY_FLUSH_TIMEOUT)); }