/** * Create a channel connector for "http/https" requests */ Connector createChannelConnector(int queueSize, Builder b) { ServerConnector connector; final HttpConfiguration conf = new HttpConfiguration(); conf.setRequestHeaderSize(1024*64); final HttpConnectionFactory http = new HttpConnectionFactory(conf); if (!b.useSSL) { connector = new ServerConnector(webServer, http); } else { SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setKeyStorePath(b.keyStorePath); Set<String> excludedSSLProtocols = Sets.newHashSet( Splitter.on(",").trimResults().omitEmptyStrings().split( Strings.nullToEmpty(b.conf.getVar(ConfVars.HIVE_SSL_PROTOCOL_BLACKLIST)))); sslContextFactory.addExcludeProtocols(excludedSSLProtocols.toArray( new String[excludedSSLProtocols.size()])); sslContextFactory.setKeyStorePassword(b.keyStorePassword); connector = new ServerConnector(webServer, sslContextFactory, http); } connector.setAcceptQueueSize(queueSize); connector.setReuseAddress(true); connector.setHost(b.host); connector.setPort(b.port); return connector; }
private void createSecureConnector(final Map<String, String> sslProperties) { SslContextFactory ssl = new SslContextFactory(); if (sslProperties.get(StandardSSLContextService.KEYSTORE.getName()) != null) { ssl.setKeyStorePath(sslProperties.get(StandardSSLContextService.KEYSTORE.getName())); ssl.setKeyStorePassword(sslProperties.get(StandardSSLContextService.KEYSTORE_PASSWORD.getName())); ssl.setKeyStoreType(sslProperties.get(StandardSSLContextService.KEYSTORE_TYPE.getName())); } if (sslProperties.get(StandardSSLContextService.TRUSTSTORE.getName()) != null) { ssl.setTrustStorePath(sslProperties.get(StandardSSLContextService.TRUSTSTORE.getName())); ssl.setTrustStorePassword(sslProperties.get(StandardSSLContextService.TRUSTSTORE_PASSWORD.getName())); ssl.setTrustStoreType(sslProperties.get(StandardSSLContextService.TRUSTSTORE_TYPE.getName())); } final String clientAuth = sslProperties.get(NEED_CLIENT_AUTH); if (clientAuth == null) { ssl.setNeedClientAuth(true); } else { ssl.setNeedClientAuth(Boolean.parseBoolean(clientAuth)); } // build the connector final ServerConnector https = new ServerConnector(jetty, ssl); // set host and port https.setPort(0); // Severely taxed environments may have significant delays when executing. https.setIdleTimeout(30000L); // add the connector jetty.addConnector(https); // mark secure as enabled secure = true; }
File keystoreFile = new File(globalProps.getProperty("keystoreFile")); SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setKeyStorePath(keystoreFile.getAbsolutePath()); sslContextFactory.setKeyStorePassword(globalProps.getProperty("keystorePwd")); sslContextFactory.setKeyManagerPassword(globalProps.getProperty("keystoreManagerPwd"));
private SslContextFactory createSslContextFactory() { SslContextFactory factory = new SslContextFactory(); if (keyStorePath != null) { factory.setKeyStorePath(keyStorePath);
@Override public Server createServer(Responder testResponder) throws Exception { System.setProperty("javax.net.ssl.keyStore", "src/test/keystore"); System.setProperty("javax.net.ssl.keyStorePassword", "avrotest"); System.setProperty("javax.net.ssl.password", "avrotest"); System.setProperty("javax.net.ssl.trustStore", "src/test/truststore"); System.setProperty("javax.net.ssl.trustStorePassword", "avrotest"); SslConnectionFactory connectionFactory = new SslConnectionFactory("HTTP/1.1"); SslContextFactory sslContextFactory = connectionFactory.getSslContextFactory(); sslContextFactory.setKeyStorePath(System.getProperty("javax.net.ssl.keyStore")); sslContextFactory.setKeyManagerPassword(System.getProperty("javax.net.ssl.password")); sslContextFactory.setKeyStorePassword(System.getProperty("javax.net.ssl.keyStorePassword")); sslContextFactory.setNeedClientAuth(false); return new HttpServer(testResponder, connectionFactory, "localhost", 18443); }
sslCtxFactory.setKeyStorePath(keyStore); sslCtxFactory.setKeyStoreType(keyStoreType); sslCtxFactory.setKeyStorePassword(keyStorePassword);
factory.setExcludeProtocols("SSLv3"); factory.setRenegotiationAllowed(false); factory.setKeyStorePath(ksPath); factory.setKeyStoreType(ksType); factory.setKeyStorePassword(ksPassword);
String keyPassword = HBaseConfiguration.getPassword(conf, THRIFT_SSL_KEYSTORE_KEYPASSWORD_KEY, password); sslCtxFactory.setKeyStorePath(keystore); sslCtxFactory.setKeyStorePassword(password); sslCtxFactory.setKeyManagerPassword(keyPassword);
sslContextFactory.setExcludeCipherSuites(); sslContextFactory.setKeyStorePath(keystore.getPath()); sslContextFactory.setKeyStorePassword(password); sslContextFactory.setKeyManagerPassword(password);
httpConfig.addCustomizer(new SecureRequestCustomizer()); SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setKeyStorePath(m_keyStorePath); sslContextFactory.setKeyStorePassword(m_keyStorePassword);
protected SslContextFactory configureSslContextFactory(SslContextFactory factory) { if (keyStorePath != null) { factory.setKeyStorePath(keyStorePath);
LOG.info("HTTP Server SSL: SslContextFactory.getExcludeProtocols = " + Arrays.toString(sslContextFactory.getExcludeProtocols())); sslContextFactory.setKeyStorePath(keyStorePath); sslContextFactory.setKeyStorePassword(keyStorePassword); connector = new ServerConnector(server, sslContextFactory, http);
sslContextFactory.setKeyStorePath(sslConfig.getKeystore());
private ServerConnector createHttpsChannelConnector( Server server, HttpConfiguration httpConfig) { httpConfig.setSecureScheme(HTTPS_SCHEME); httpConfig.addCustomizer(new SecureRequestCustomizer()); ServerConnector conn = createHttpChannelConnector(server, httpConfig); SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setNeedClientAuth(needsClientAuth); sslContextFactory.setKeyManagerPassword(keyPassword); if (keyStore != null) { sslContextFactory.setKeyStorePath(keyStore); sslContextFactory.setKeyStoreType(keyStoreType); sslContextFactory.setKeyStorePassword(keyStorePassword); } if (trustStore != null) { sslContextFactory.setTrustStorePath(trustStore); sslContextFactory.setTrustStoreType(trustStoreType); sslContextFactory.setTrustStorePassword(trustStorePassword); } if(null != excludeCiphers && !excludeCiphers.isEmpty()) { sslContextFactory.setExcludeCipherSuites( StringUtils.getTrimmedStrings(excludeCiphers)); LOG.info("Excluded Cipher List:" + excludeCiphers); } conn.addFirstConnectionFactory(new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString())); return conn; } }
protected SslContextFactory createSslFactory(final SSLContextService sslService, final boolean needClientAuth, final boolean wantClientAuth) { final SslContextFactory sslFactory = new SslContextFactory(); sslFactory.setNeedClientAuth(needClientAuth); sslFactory.setWantClientAuth(wantClientAuth); if (sslService.isKeyStoreConfigured()) { sslFactory.setKeyStorePath(sslService.getKeyStoreFile()); sslFactory.setKeyStorePassword(sslService.getKeyStorePassword()); sslFactory.setKeyStoreType(sslService.getKeyStoreType()); } if (sslService.isTrustStoreConfigured()) { sslFactory.setTrustStorePath(sslService.getTrustStoreFile()); sslFactory.setTrustStorePassword(sslService.getTrustStorePassword()); sslFactory.setTrustStoreType(sslService.getTrustStoreType()); } return sslFactory; }
contextFactory.setKeyStorePath(props.getProperty(NiFiProperties.SECURITY_KEYSTORE));
private SslContextFactory createSslFactory(final SSLContextService sslService, final boolean needClientAuth, final boolean wantClientAuth) { final SslContextFactory sslFactory = new SslContextFactory(); sslFactory.setNeedClientAuth(needClientAuth); sslFactory.setWantClientAuth(wantClientAuth); sslFactory.setProtocol(sslService.getSslAlgorithm()); if (sslService.isKeyStoreConfigured()) { sslFactory.setKeyStorePath(sslService.getKeyStoreFile()); sslFactory.setKeyStorePassword(sslService.getKeyStorePassword()); sslFactory.setKeyStoreType(sslService.getKeyStoreType()); } if (sslService.isTrustStoreConfigured()) { sslFactory.setTrustStorePath(sslService.getTrustStoreFile()); sslFactory.setTrustStorePassword(sslService.getTrustStorePassword()); sslFactory.setTrustStoreType(sslService.getTrustStoreType()); } return sslFactory; }
sslContextFactory.setKeyStorePath(keyStorePath); sslContextFactory.setKeyStorePassword("abc123"); sslContextFactory.setKeyManagerPassword("abc123");
sslContextFactory.setKeyStorePath(tlsServerConfig.getKeyStorePath()); sslContextFactory.setKeyStoreType(tlsServerConfig.getKeyStoreType()); sslContextFactory.setKeyStorePassword(tlsServerConfig.getKeyStorePasswordProvider().getPassword());
contextFactory.setKeyStorePath(sslSettings.valueOfIndex("keyStorePath").toString());