Search in sources :

Example 1 with SNISSLContext

use of io.undertow.protocols.ssl.SNISSLContext in project undertow by undertow-io.

the class DefaultServer method createSSLContext.

private static SSLContext createSSLContext(final KeyStore keyStore, final KeyStore trustStore, String protocol, boolean client) throws IOException {
    final KeyManager[] keyManagers;
    try {
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(keyStore, STORE_PASSWORD);
        keyManagers = keyManagerFactory.getKeyManagers();
    } catch (NoSuchAlgorithmException | UnrecoverableKeyException | KeyStoreException e) {
        throw new IOException("Unable to initialise KeyManager[]", e);
    }
    final TrustManager[] trustManagers;
    try {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(trustStore);
        trustManagers = trustManagerFactory.getTrustManagers();
    } catch (NoSuchAlgorithmException | KeyStoreException e) {
        throw new IOException("Unable to initialise TrustManager[]", e);
    }
    final SSLContext sslContext;
    try {
        if (openssl && !client) {
            sslContext = SSLContext.getInstance("openssl.TLS");
        } else {
            sslContext = SSLContext.getInstance(protocol);
        }
        sslContext.init(keyManagers, trustManagers, null);
    } catch (NoSuchAlgorithmException | KeyManagementException e) {
        throw new IOException("Unable to create and initialise the SSLContext", e);
    }
    if (!client) {
        SNIContextMatcher matcher = new SNIContextMatcher.Builder().setDefaultContext(sslContext).addMatch("localhost", sslContext).build();
        return new SNISSLContext(matcher);
    } else {
        return sslContext;
    }
}
Also used : SNIContextMatcher(io.undertow.protocols.ssl.SNIContextMatcher) SNISSLContext(io.undertow.protocols.ssl.SNISSLContext) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) KeyStoreException(java.security.KeyStoreException) IOException(java.io.IOException) SSLContext(javax.net.ssl.SSLContext) SNISSLContext(io.undertow.protocols.ssl.SNISSLContext) KeyManagementException(java.security.KeyManagementException) KeyManagerFactory(javax.net.ssl.KeyManagerFactory) TrustManager(javax.net.ssl.TrustManager) UnrecoverableKeyException(java.security.UnrecoverableKeyException) TrustManagerFactory(javax.net.ssl.TrustManagerFactory) KeyManager(javax.net.ssl.KeyManager)

Aggregations

SNIContextMatcher (io.undertow.protocols.ssl.SNIContextMatcher)1 SNISSLContext (io.undertow.protocols.ssl.SNISSLContext)1 IOException (java.io.IOException)1 KeyManagementException (java.security.KeyManagementException)1 KeyStoreException (java.security.KeyStoreException)1 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1 UnrecoverableKeyException (java.security.UnrecoverableKeyException)1 KeyManager (javax.net.ssl.KeyManager)1 KeyManagerFactory (javax.net.ssl.KeyManagerFactory)1 SSLContext (javax.net.ssl.SSLContext)1 TrustManager (javax.net.ssl.TrustManager)1 TrustManagerFactory (javax.net.ssl.TrustManagerFactory)1