Example 1 with SNIContextMatcher
use of io.undertow.protocols.ssl.SNIContextMatcher in project undertow by undertow-io.
the class DefaultServer method createSSLContext.
private static SSLContext createSSLContext(final KeyStore keyStore, final KeyStore trustStore, String protocol, boolean client) throws IOException {
final KeyManager[] keyManagers;
try {
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyManagerFactory.init(keyStore, STORE_PASSWORD);
keyManagers = keyManagerFactory.getKeyManagers();
} catch (NoSuchAlgorithmException | UnrecoverableKeyException | KeyStoreException e) {
throw new IOException("Unable to initialise KeyManager[]", e);
}
final TrustManager[] trustManagers;
try {
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(trustStore);
trustManagers = trustManagerFactory.getTrustManagers();
} catch (NoSuchAlgorithmException | KeyStoreException e) {
throw new IOException("Unable to initialise TrustManager[]", e);
}
final SSLContext sslContext;
try {
if (openssl && !client) {
sslContext = SSLContext.getInstance("openssl.TLS");
} else {
sslContext = SSLContext.getInstance(protocol);
}
sslContext.init(keyManagers, trustManagers, null);
} catch (NoSuchAlgorithmException | KeyManagementException e) {
throw new IOException("Unable to create and initialise the SSLContext", e);
}
if (!client) {
SNIContextMatcher matcher = new SNIContextMatcher.Builder().setDefaultContext(sslContext).addMatch("localhost", sslContext).build();
return new SNISSLContext(matcher);
} else {
return sslContext;
}
}
Also used :
SNIContextMatcher(io.undertow.protocols.ssl.SNIContextMatcher)
SNISSLContext(io.undertow.protocols.ssl.SNISSLContext)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
KeyStoreException(java.security.KeyStoreException)
IOException(java.io.IOException)
SSLContext(javax.net.ssl.SSLContext)
SNISSLContext(io.undertow.protocols.ssl.SNISSLContext)
KeyManagementException(java.security.KeyManagementException)
KeyManagerFactory(javax.net.ssl.KeyManagerFactory)
TrustManager(javax.net.ssl.TrustManager)
UnrecoverableKeyException(java.security.UnrecoverableKeyException)
TrustManagerFactory(javax.net.ssl.TrustManagerFactory)
KeyManager(javax.net.ssl.KeyManager)
Aggregations
SNIContextMatcher (io.undertow.protocols.ssl.SNIContextMatcher)1
SNISSLContext (io.undertow.protocols.ssl.SNISSLContext)1
IOException (java.io.IOException)1
KeyManagementException (java.security.KeyManagementException)1
KeyStoreException (java.security.KeyStoreException)1
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1
UnrecoverableKeyException (java.security.UnrecoverableKeyException)1
KeyManager (javax.net.ssl.KeyManager)1
KeyManagerFactory (javax.net.ssl.KeyManagerFactory)1
SSLContext (javax.net.ssl.SSLContext)1
TrustManager (javax.net.ssl.TrustManager)1
TrustManagerFactory (javax.net.ssl.TrustManagerFactory)1
