sslContextFactory.setKeyManagerFactoryKeyStore(ks);
@Resource(name = "securityContext") public void setSecurityContext(SecurityContext securityContext) { vhostKeySelector = new VirtualHostKeySelector(); try { vhostKeySelector.init(securityContext.getKeyStore(), securityContext.getKeyStorePassword()); } catch (KeyStoreException e) { throw new RuntimeException(e); } try { sslContextFactory = new SslContextFactory(); sslContextFactory.setTrustManagerFactoryKeyStore(securityContext.getTrustStore()); //sslContextFactory.setTrustManagerFactoryKeyStorePassword(trustStorePassword); char[] keyStorePassword = securityContext.getKeyStorePassword(); sslContextFactory.setKeyManagerFactoryKeyStorePassword(keyStorePassword == null ? null : new String(keyStorePassword)); sslContextFactory.setKeyManagerFactoryKeyStore(securityContext.getKeyStore()); // Create a new SslProvider to select certificates based on // various key selection criteria KeyManagerFactory kmf = KeyManagerFactory.getInstance("SslTransport", new SslProvider()); sslContextFactory.setKeyManagerFactory(kmf); // avoid caching SSLSession in shared SSLContextFactory instance // Note: SSLSessionContext.setSessionCacheSize(0) means unlimited, // so we use 1 instead sslContextFactory.setServerSessionCacheSize(1); } catch (NoSuchAlgorithmException ne) { throw new RuntimeException(ne); } }
@Resource(name = "securityContext") public void setSecurityContext(SecurityContext securityContext) { vhostKeySelector = new VirtualHostKeySelector(); try { vhostKeySelector.init(securityContext.getKeyStore(), securityContext.getKeyStorePassword()); } catch (KeyStoreException e) { throw new RuntimeException(e); } try { sslContextFactory = new SslContextFactory(); sslContextFactory.setTrustManagerFactoryKeyStore(securityContext.getTrustStore()); //sslContextFactory.setTrustManagerFactoryKeyStorePassword(trustStorePassword); char[] keyStorePassword = securityContext.getKeyStorePassword(); sslContextFactory.setKeyManagerFactoryKeyStorePassword(keyStorePassword == null ? null : new String(keyStorePassword)); sslContextFactory.setKeyManagerFactoryKeyStore(securityContext.getKeyStore()); // Create a new SslProvider to select certificates based on // various key selection criteria KeyManagerFactory kmf = KeyManagerFactory.getInstance("SslTransport", new SslProvider()); sslContextFactory.setKeyManagerFactory(kmf); // avoid caching SSLSession in shared SSLContextFactory instance // Note: SSLSessionContext.setSessionCacheSize(0) means unlimited, // so we use 1 instead sslContextFactory.setClientSessionCacheSize(1); } catch (NoSuchAlgorithmException ne) { throw new RuntimeException(ne); } }
sslContextFactory.setKeyManagerFactoryKeyStore(ks);
trustStoreFactory.setPassword ( trustStorePassword ); factory.setKeyManagerFactoryKeyStore ( keyStoreFactory.newInstance () ); factory.setTrustManagerFactoryKeyStore ( trustStoreFactory.newInstance () );
trustStoreFactory.setPassword ( trustStorePassword ); factory.setKeyManagerFactoryKeyStore ( keyStoreFactory.newInstance () ); factory.setTrustManagerFactoryKeyStore ( trustStoreFactory.newInstance () );