Examples with SslContextBuilder - io.netty.handler.ssl.SslContextBuilder

Example 6 with SslContextBuilder

use of io.netty.handler.ssl.SslContextBuilder in project grpc-java by grpc.

the class TlsTest method serverBuilder.

private ServerBuilder<?> serverBuilder(int port, File serverCertChainFile, File serverPrivateKeyFile, X509Certificate[] serverTrustedCaCerts) throws IOException {
    SslContextBuilder sslContextBuilder = SslContextBuilder.forServer(serverCertChainFile, serverPrivateKeyFile);
    GrpcSslContexts.configure(sslContextBuilder, sslProvider);
    sslContextBuilder.trustManager(serverTrustedCaCerts).clientAuth(ClientAuth.REQUIRE);
    return NettyServerBuilder.forPort(port).sslContext(sslContextBuilder.build());
}

Also used : SslContextBuilder(io.netty.handler.ssl.SslContextBuilder)

Example 7 with SslContextBuilder

use of io.netty.handler.ssl.SslContextBuilder in project pulsar by yahoo.

the class PulsarChannelInitializer method initChannel.

@Override
protected void initChannel(SocketChannel ch) throws Exception {
    if (enableTLS) {
        File tlsCert = new File(serviceConfig.getTlsCertificateFilePath());
        File tlsKey = new File(serviceConfig.getTlsKeyFilePath());
        SslContextBuilder builder = SslContextBuilder.forServer(tlsCert, tlsKey);
        if (serviceConfig.isTlsAllowInsecureConnection()) {
            builder.trustManager(InsecureTrustManagerFactory.INSTANCE);
        } else {
            if (serviceConfig.getTlsTrustCertsFilePath().isEmpty()) {
                // Use system default
                builder.trustManager((File) null);
            } else {
                File trustCertCollection = new File(serviceConfig.getTlsTrustCertsFilePath());
                builder.trustManager(trustCertCollection);
            }
        }
        SslContext sslCtx = builder.clientAuth(ClientAuth.OPTIONAL).build();
        ch.pipeline().addLast(TLS_HANDLER, sslCtx.newHandler(ch.alloc()));
    }
    ch.pipeline().addLast("frameDecoder", new PulsarLengthFieldFrameDecoder(PulsarDecoder.MaxFrameSize, 0, 4, 0, 4));
    ch.pipeline().addLast("handler", new ServerCnx(brokerService));
}

Also used : SslContextBuilder(io.netty.handler.ssl.SslContextBuilder) PulsarLengthFieldFrameDecoder(com.yahoo.pulsar.common.api.PulsarLengthFieldFrameDecoder) File(java.io.File) SslContext(io.netty.handler.ssl.SslContext)

Example 8 with SslContextBuilder

use of io.netty.handler.ssl.SslContextBuilder in project pulsar by yahoo.

the class ServiceChannelInitializer method initChannel.

@Override
protected void initChannel(SocketChannel ch) throws Exception {
    if (enableTLS) {
        File tlsCert = new File(serviceConfig.getTlsCertificateFilePath());
        File tlsKey = new File(serviceConfig.getTlsKeyFilePath());
        SslContextBuilder builder = SslContextBuilder.forServer(tlsCert, tlsKey);
        // allows insecure connection
        builder.trustManager(InsecureTrustManagerFactory.INSTANCE);
        SslContext sslCtx = builder.clientAuth(ClientAuth.OPTIONAL).build();
        ch.pipeline().addLast(TLS_HANDLER, sslCtx.newHandler(ch.alloc()));
    }
    ch.pipeline().addLast("frameDecoder", new PulsarLengthFieldFrameDecoder(PulsarDecoder.MaxFrameSize, 0, 4, 0, 4));
    ch.pipeline().addLast("handler", new ServerConnection(discoveryService));
}

Example 9 with SslContextBuilder

use of io.netty.handler.ssl.SslContextBuilder in project aerospike-client-java by aerospike.

the class NettyEventLoops method initTlsContext.

/**
	 * Initialize TLS context. For internal use only.
	 */
public void initTlsContext(TlsPolicy policy) {
    if (this.tlsPolicy != null) {
        // Already initialized.
        return;
    }
    this.tlsPolicy = policy;
    try {
        SslContextBuilder builder = SslContextBuilder.forClient();
        if (policy.protocols != null) {
            builder.protocols(policy.protocols);
        }
        if (policy.ciphers != null) {
            builder.ciphers(Arrays.asList(policy.ciphers));
        }
        sslContext = builder.build();
    } catch (Exception e) {
        throw new AerospikeException("Failed to init netty TLS: " + Util.getErrorMessage(e));
    }
}

Also used : AerospikeException(com.aerospike.client.AerospikeException) SslContextBuilder(io.netty.handler.ssl.SslContextBuilder) AerospikeException(com.aerospike.client.AerospikeException)

Aggregations

SslContextBuilder (io.netty.handler.ssl.SslContextBuilder)9 SslContext (io.netty.handler.ssl.SslContext)5 File (java.io.File)4 NioEventLoopGroup (io.netty.channel.nio.NioEventLoopGroup)3 PulsarLengthFieldFrameDecoder (com.yahoo.pulsar.common.api.PulsarLengthFieldFrameDecoder)2 IOException (java.io.IOException)2 AerospikeException (com.aerospike.client.AerospikeException)1 NettyChannelBuilder (io.grpc.netty.NettyChannelBuilder)1 NettyServerBuilder (io.grpc.netty.NettyServerBuilder)1 Bootstrap (io.netty.bootstrap.Bootstrap)1 ChannelFuture (io.netty.channel.ChannelFuture)1 EventLoopGroup (io.netty.channel.EventLoopGroup)1 ServerChannel (io.netty.channel.ServerChannel)1 EpollEventLoopGroup (io.netty.channel.epoll.EpollEventLoopGroup)1 SocketChannel (io.netty.channel.socket.SocketChannel)1 NioServerSocketChannel (io.netty.channel.socket.nio.NioServerSocketChannel)1 NioSocketChannel (io.netty.channel.socket.nio.NioSocketChannel)1 SslProvider (io.netty.handler.ssl.SslProvider)1 DefaultThreadFactory (io.netty.util.concurrent.DefaultThreadFactory)1 InetSocketAddress (java.net.InetSocketAddress)1