/** * Creates a new server-side {@link SslContext}. * * @param certChainFile an X.509 certificate chain file in PEM format * @param keyFile a PKCS#8 private key file in PEM format * @return a new server-side {@link SslContext} */ public static SslContext newServerContext(File certChainFile, File keyFile) throws SSLException { return newServerContext(null, null, certChainFile, keyFile, null, null, null, 0, 0); }
/** * Creates a new server-side {@link SslContext}. * * @param provider the {@link SslContext} implementation to use. * {@code null} to use the current default one. * @param certChainFile an X.509 certificate chain file in PEM format * @param keyFile a PKCS#8 private key file in PEM format * @return a new server-side {@link SslContext} */ public static SslContext newServerContext( SslProvider provider, File certChainFile, File keyFile) throws SSLException { return newServerContext(provider, null, certChainFile, keyFile, null, null, null, 0, 0); }
/** * Creates a new server-side {@link SslContext}. * * @param certChainFile an X.509 certificate chain file in PEM format * @param keyFile a PKCS#8 private key file in PEM format * @param keyPassword the password of the {@code keyFile}. * {@code null} if it's not password-protected. * @return a new server-side {@link SslContext} */ public static SslContext newServerContext( File certChainFile, File keyFile, String keyPassword) throws SSLException { return newServerContext(null, null, certChainFile, keyFile, keyPassword, null, null, 0, 0); }
/** * Creates a new server-side {@link SslContext}. * * @param provider the {@link SslContext} implementation to use. * {@code null} to use the current default one. * @param certChainFile an X.509 certificate chain file in PEM format * @param keyFile a PKCS#8 private key file in PEM format * @param keyPassword the password of the {@code keyFile}. * {@code null} if it's not password-protected. * @return a new server-side {@link SslContext} */ public static SslContext newServerContext( SslProvider provider, File certChainFile, File keyFile, String keyPassword) throws SSLException { return newServerContext(provider, null, certChainFile, keyFile, keyPassword, null, null, 0, 0); }
/** * Creates a new server-side {@link SslContext}. * * @param bufPool the buffer pool which will be used by the returned {@link SslContext}. * {@code null} to use the default buffer pool. * @param certChainFile an X.509 certificate chain file in PEM format * @param keyFile a PKCS#8 private key file in PEM format * @param keyPassword the password of the {@code keyFile}. * {@code null} if it's not password-protected. * @param ciphers the cipher suites to enable, in the order of preference. * {@code null} to use the default cipher suites. * @param nextProtocols the application layer protocols to accept, in the order of preference. * {@code null} to disable TLS NPN/ALPN extension. * @param sessionCacheSize the size of the cache used for storing SSL session objects. * {@code 0} to use the default value. * @param sessionTimeout the timeout for the cached SSL session objects, in seconds. * {@code 0} to use the default value. * @return a new server-side {@link SslContext} */ public static SslContext newServerContext( SslBufferPool bufPool, File certChainFile, File keyFile, String keyPassword, Iterable<String> ciphers, Iterable<String> nextProtocols, long sessionCacheSize, long sessionTimeout) throws SSLException { return newServerContext( null, bufPool, certChainFile, keyFile, keyPassword, ciphers, nextProtocols, sessionCacheSize, sessionTimeout); }
protected SslHandlerFactory createSslHandlerFactory() { try { SslContext sslContext = SslContext.newServerContext( SslProvider.JDK, null, certFile, keyFile, keyPassword, ciphers, null, 0, 0); return new SslHandlerFactory() { @Override public SslHandler newHandler() { SessionAwareSslHandler handler = new SessionAwareSslHandler( sslContext.newEngine(), sslContext.bufferPool(), JavaSslServerConfiguration.this); handler.setCloseOnSSLException(true); return handler; } }; } catch (SSLException e) { throw Throwables.propagate(e); } }
private SslHandler buildSslHandler() throws CertificateException, SSLException { final SslContext sslCtx = SslContext.newServerContext( tlsCertFile, tlsKeyFile, emptyToNull(configuration.getRestTlsKeyPassword())); return sslCtx.newHandler(); } });