private void createSecureConnector(final Map<String, String> sslProperties) { SslContextFactory ssl = new SslContextFactory(); if (sslProperties.get(StandardSSLContextService.KEYSTORE.getName()) != null) { ssl.setKeyStorePath(sslProperties.get(StandardSSLContextService.KEYSTORE.getName())); ssl.setKeyStorePassword(sslProperties.get(StandardSSLContextService.KEYSTORE_PASSWORD.getName())); ssl.setKeyStoreType(sslProperties.get(StandardSSLContextService.KEYSTORE_TYPE.getName())); } if (sslProperties.get(StandardSSLContextService.TRUSTSTORE.getName()) != null) { ssl.setTrustStorePath(sslProperties.get(StandardSSLContextService.TRUSTSTORE.getName())); ssl.setTrustStorePassword(sslProperties.get(StandardSSLContextService.TRUSTSTORE_PASSWORD.getName())); ssl.setTrustStoreType(sslProperties.get(StandardSSLContextService.TRUSTSTORE_TYPE.getName())); } final String clientAuth = sslProperties.get(NEED_CLIENT_AUTH); if (clientAuth == null) { ssl.setNeedClientAuth(true); } else { ssl.setNeedClientAuth(Boolean.parseBoolean(clientAuth)); } // build the connector final ServerConnector https = new ServerConnector(jetty, ssl); // set host and port https.setPort(0); // Severely taxed environments may have significant delays when executing. https.setIdleTimeout(30000L); // add the connector jetty.addConnector(https); // mark secure as enabled secure = true; }
public static ServerConnector addHttpsConnector(Server server) throws IOException, URISyntaxException { String keyStoreFile = resourceAsFile("ssltest-keystore.jks").getAbsolutePath(); SslContextFactory sslContextFactory = new SslContextFactory(keyStoreFile); sslContextFactory.setKeyStorePassword("changeit"); String trustStoreFile = resourceAsFile("ssltest-cacerts.jks").getAbsolutePath(); sslContextFactory.setTrustStorePath(trustStoreFile); sslContextFactory.setTrustStorePassword("changeit"); HttpConfiguration httpsConfig = new HttpConfiguration(); httpsConfig.setSecureScheme("https"); httpsConfig.addCustomizer(new SecureRequestCustomizer()); ServerConnector connector = new ServerConnector(server, new SslConnectionFactory(sslContextFactory, "http/1.1"), new HttpConnectionFactory(httpsConfig)); server.addConnector(connector); return connector; }
factory.setTrustStorePath(trustStorePath);
sslCtxFactory.setTrustStorePath(trustStore); sslCtxFactory.setTrustStoreType(trustStoreType); sslCtxFactory.setTrustStorePassword(trustStorePassword);
factory.setTrustStorePath(tsPath); factory.setTrustStoreType(tsType); factory.setTrustStorePassword(tsPassword);
sslContextFactory.setKeyStorePassword(password); sslContextFactory.setKeyManagerPassword(password); sslContextFactory.setTrustStorePath(truststore.getPath()); sslContextFactory.setTrustStorePassword(password); sslContextFactory.setWantClientAuth(true);
factory.setTrustStorePath(trustStorePath);
sslContextFactory.setTrustStorePath(sslConfig.getTruststore());
private ServerConnector createHttpsChannelConnector( Server server, HttpConfiguration httpConfig) { httpConfig.setSecureScheme(HTTPS_SCHEME); httpConfig.addCustomizer(new SecureRequestCustomizer()); ServerConnector conn = createHttpChannelConnector(server, httpConfig); SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setNeedClientAuth(needsClientAuth); sslContextFactory.setKeyManagerPassword(keyPassword); if (keyStore != null) { sslContextFactory.setKeyStorePath(keyStore); sslContextFactory.setKeyStoreType(keyStoreType); sslContextFactory.setKeyStorePassword(keyStorePassword); } if (trustStore != null) { sslContextFactory.setTrustStorePath(trustStore); sslContextFactory.setTrustStoreType(trustStoreType); sslContextFactory.setTrustStorePassword(trustStorePassword); } if(null != excludeCiphers && !excludeCiphers.isEmpty()) { sslContextFactory.setExcludeCipherSuites( StringUtils.getTrimmedStrings(excludeCiphers)); LOG.info("Excluded Cipher List:" + excludeCiphers); } conn.addFirstConnectionFactory(new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString())); return conn; } }
protected SslContextFactory createSslFactory(final SSLContextService sslService, final boolean needClientAuth, final boolean wantClientAuth) { final SslContextFactory sslFactory = new SslContextFactory(); sslFactory.setNeedClientAuth(needClientAuth); sslFactory.setWantClientAuth(wantClientAuth); if (sslService.isKeyStoreConfigured()) { sslFactory.setKeyStorePath(sslService.getKeyStoreFile()); sslFactory.setKeyStorePassword(sslService.getKeyStorePassword()); sslFactory.setKeyStoreType(sslService.getKeyStoreType()); } if (sslService.isTrustStoreConfigured()) { sslFactory.setTrustStorePath(sslService.getTrustStoreFile()); sslFactory.setTrustStorePassword(sslService.getTrustStorePassword()); sslFactory.setTrustStoreType(sslService.getTrustStoreType()); } return sslFactory; }
contextFactory.setTrustStorePath(props.getProperty(NiFiProperties.SECURITY_TRUSTSTORE));
sslContextFactory.setTrustStorePath(sslStores.trustStoreFile());
contextFactory.setTrustStorePath(sslContextService.getTrustStoreFile()); contextFactory.setTrustStoreType(sslContextService.getTrustStoreType()); contextFactory.setTrustStorePassword(sslContextService.getTrustStorePassword());
private SslContextFactory createSslFactory(final SSLContextService sslService, final boolean needClientAuth, final boolean wantClientAuth) { final SslContextFactory sslFactory = new SslContextFactory(); sslFactory.setNeedClientAuth(needClientAuth); sslFactory.setWantClientAuth(wantClientAuth); sslFactory.setProtocol(sslService.getSslAlgorithm()); if (sslService.isKeyStoreConfigured()) { sslFactory.setKeyStorePath(sslService.getKeyStoreFile()); sslFactory.setKeyStorePassword(sslService.getKeyStorePassword()); sslFactory.setKeyStoreType(sslService.getKeyStoreType()); } if (sslService.isTrustStoreConfigured()) { sslFactory.setTrustStorePath(sslService.getTrustStoreFile()); sslFactory.setTrustStorePassword(sslService.getTrustStorePassword()); sslFactory.setTrustStoreType(sslService.getTrustStoreType()); } return sslFactory; }
sslContextFactory.setTrustStorePath(tlsServerConfig.getTrustStorePath()); sslContextFactory.setTrustStoreType( tlsServerConfig.getTrustStoreType() == null
contextFactory.setTrustStorePath(sslSettings.valueOfIndex("trustStorePath").toString());
sslContextFactory.setKeyStorePassword(conf.get(Property.MONITOR_SSL_KEYSTOREPASS)); sslContextFactory.setKeyStoreType(conf.get(Property.MONITOR_SSL_KEYSTORETYPE)); sslContextFactory.setTrustStorePath(conf.get(Property.MONITOR_SSL_TRUSTSTORE)); sslContextFactory.setTrustStorePassword(conf.get(Property.MONITOR_SSL_TRUSTSTOREPASS)); sslContextFactory.setTrustStoreType(conf.get(Property.MONITOR_SSL_TRUSTSTORETYPE));
protected ServerConnector createServerConnector(Server server) { String keyStoreFile = getSettings().getKeystoreFile(); if (keyStoreFile == null) { return new ServerConnector(server); } SslContextFactory sslContextFactory = new SslContextFactory(asJettyFriendlyPath(keyStoreFile, "Keystore file")); if (getSettings().getKeystorePassword() != null) { sslContextFactory.setKeyStorePassword(getSettings().getKeystorePassword()); } String truststoreFile = getSettings().getTruststoreFile(); if (truststoreFile != null) { sslContextFactory.setTrustStorePath(asJettyFriendlyPath(truststoreFile, "Truststore file")); } if (getSettings().getTruststorePassword() != null) { sslContextFactory.setTrustStorePassword(getSettings().getTruststorePassword()); } return new ServerConnector(server, sslContextFactory); }
protected SslContextFactory buildSSLContextFactory() { SslContextFactory sslFactory = null; if (usingTLS) { sslFactory = new SslContextFactory(); sslFactory.setKeyStorePath(this.keystore.getAbsolutePath()); sslFactory.setKeyStorePassword(keystorePassword); sslFactory.setTrustStorePath(truststore.getAbsolutePath()); sslFactory.setTrustStorePassword(truststorePassword); } return sslFactory; }
/** * Configures TrustStore related settings in SslContextFactory */ protected static void configureSslContextFactoryTrustStore(SslContextFactory ssl, Map<String, Object> sslConfigValues) { ssl.setTrustStoreType((String) getOrDefault(sslConfigValues, SslConfigs.SSL_TRUSTSTORE_TYPE_CONFIG, SslConfigs.DEFAULT_SSL_TRUSTSTORE_TYPE)); String sslTruststoreLocation = (String) sslConfigValues.get(SslConfigs.SSL_TRUSTSTORE_LOCATION_CONFIG); if (sslTruststoreLocation != null) ssl.setTrustStorePath(sslTruststoreLocation); Password sslTruststorePassword = (Password) sslConfigValues.get(SslConfigs.SSL_TRUSTSTORE_PASSWORD_CONFIG); if (sslTruststorePassword != null) ssl.setTrustStorePassword(sslTruststorePassword.value()); }