use of com.jd.blockchain.consensus.client.ClientSettings in project jdchain-core by blockchain-jd-com.
the class RaftConsensusClientFactory method buildClientSettings.
@Override
public ClientSettings buildClientSettings(ClientIncomingSettings incomingSettings, SSLSecurity sslSecurity) {
if (!(incomingSettings instanceof RaftClientIncomingSettings)) {
throw new IllegalStateException("incoming settings should be raft-client-incoming-settings type");
}
ClientSettings clientSettings = new RaftClientConfig((RaftClientIncomingSettings) incomingSettings);
if (sslSecurity == null) {
return clientSettings;
}
// TLS适配
// 仅作为网关连接共识节点时所配置的TLS信息, 作为客户端进行配置, 仅使用truststore信息
// 判断TLS是否启用规则: client为网关使用,仅作为客户端连接共识节点。 因此根据共识服务是否启用TLS来进行判断
RaftNodeSettings node = (RaftNodeSettings) incomingSettings.getViewSettings().getNodes()[0];
if (node.getNetworkAddress().isSecure()) {
GmSSLProvider.enableGMSupport(sslSecurity.getProtocol());
setSystemProperty("bolt.client.ssl.enable", "true");
setSystemProperty("bolt.client.ssl.keystore", sslSecurity.getTrustStore());
setSystemProperty("bolt.client.ssl.keystore.password", sslSecurity.getTrustStorePassword());
setSystemProperty("bolt.client.ssl.keystore.type", sslSecurity.getTrustStoreType() == null ? "JKS" : sslSecurity.getTrustStoreType());
setSystemProperty("bolt.ssl.protocol", sslSecurity.getProtocol());
setSystemProperty("bolt.server.ssl.enable", "true");
setSystemProperty("bolt.server.ssl.keystore", sslSecurity.getKeyStore());
setSystemProperty("bolt.server.ssl.keyalias", sslSecurity.getKeyAlias());
setSystemProperty("bolt.server.ssl.keystore.password", sslSecurity.getKeyStorePassword());
setSystemProperty("bolt.server.ssl.keystore.type", sslSecurity.getKeyStoreType());
if (sslSecurity.getEnabledProtocols() != null && sslSecurity.getEnabledProtocols().length > 0) {
setSystemProperty("bolt.ssl.enabled-protocols", String.join(",", sslSecurity.getEnabledProtocols()));
}
if (sslSecurity.getCiphers() != null && sslSecurity.getCiphers().length > 0) {
setSystemProperty("bolt.ssl.ciphers", String.join(",", sslSecurity.getCiphers()));
}
}
return buildClientSettings(incomingSettings);
}
Aggregations