use of javax.net.ssl.SSLParameters in project ignite by apache.
the class SslContextFactory method createSslContext.
/**
* Creates SSL context based on factory settings.
*
* @return Initialized SSL context.
* @throws SSLException If SSL context could not be created.
*/
private SSLContext createSslContext() throws SSLException {
checkParameters();
final KeyManager[] keyMgrs;
try {
KeyManagerFactory keyMgrFactory = KeyManagerFactory.getInstance(keyAlgorithm);
KeyStore keyStore = loadKeyStore(keyStoreType, keyStoreFilePath, keyStorePwd);
keyMgrFactory.init(keyStore, keyStorePwd);
keyMgrs = keyMgrFactory.getKeyManagers();
} catch (NoSuchAlgorithmException e) {
throw new SSLException("Unsupported keystore algorithm: " + keyAlgorithm, e);
} catch (GeneralSecurityException e) {
throw new SSLException("Failed to initialize key store (security exception occurred) [type=" + keyStoreType + ", keyStorePath=" + keyStoreFilePath + ']', e);
}
TrustManager[] trustMgrs = this.trustMgrs;
if (trustMgrs == null) {
try {
TrustManagerFactory trustMgrFactory = TrustManagerFactory.getInstance(keyAlgorithm);
KeyStore trustStore = loadKeyStore(trustStoreType, trustStoreFilePath, trustStorePwd);
trustMgrFactory.init(trustStore);
trustMgrs = trustMgrFactory.getTrustManagers();
} catch (NoSuchAlgorithmException e) {
throw new SSLException("Unsupported keystore algorithm: " + keyAlgorithm, e);
} catch (GeneralSecurityException e) {
throw new SSLException("Failed to initialize key store (security exception occurred) [type=" + keyStoreType + ", keyStorePath=" + keyStoreFilePath + ']', e);
}
}
try {
SSLContext ctx = SSLContext.getInstance(proto);
if (cipherSuites != null || protocols != null) {
SSLParameters sslParameters = new SSLParameters();
if (cipherSuites != null)
sslParameters.setCipherSuites(cipherSuites);
if (protocols != null)
sslParameters.setProtocols(protocols);
ctx = new SSLContextWrapper(ctx, sslParameters);
}
ctx.init(keyMgrs, trustMgrs, null);
return ctx;
} catch (NoSuchAlgorithmException e) {
throw new SSLException("Unsupported SSL protocol: " + proto, e);
} catch (KeyManagementException e) {
throw new SSLException("Failed to initialized SSL context.", e);
}
}
use of javax.net.ssl.SSLParameters in project ignite by apache.
the class GridSslBasicContextFactory method createSslContext.
/**
* {@inheritDoc}
*/
@Override
public SSLContext createSslContext() throws SSLException {
checkParameters();
try {
KeyManagerFactory keyMgrFactory = KeyManagerFactory.getInstance(keyAlgorithm);
KeyStore keyStore = loadKeyStore(keyStoreType, keyStoreFilePath, keyStorePwd);
keyMgrFactory.init(keyStore, keyStorePwd);
TrustManager[] mgrs = trustMgrs;
if (mgrs == null) {
TrustManagerFactory trustMgrFactory = TrustManagerFactory.getInstance(keyAlgorithm);
KeyStore trustStore = loadKeyStore(trustStoreType, trustStoreFilePath, trustStorePwd);
trustMgrFactory.init(trustStore);
mgrs = trustMgrFactory.getTrustManagers();
}
SSLContext ctx = SSLContext.getInstance(proto);
if (cipherSuites != null || protocols != null) {
SSLParameters sslParameters = new SSLParameters();
if (cipherSuites != null)
sslParameters.setCipherSuites(cipherSuites);
if (protocols != null)
sslParameters.setProtocols(protocols);
ctx = new SSLContextWrapper(ctx, sslParameters);
}
ctx.init(keyMgrFactory.getKeyManagers(), mgrs, null);
return ctx;
} catch (GeneralSecurityException e) {
throw new SSLException("Failed to initialize SSL context " + parameters(), e);
}
}
use of javax.net.ssl.SSLParameters in project oxCore by GluuFederation.
the class RedisShardedProvider method shards.
private static List<JedisShardInfo> shards(RedisConfiguration configuration) {
final String[] serverWithPorts = StringUtils.split(configuration.getServers().trim(), ",");
List<JedisShardInfo> shards = new ArrayList<JedisShardInfo>();
for (String serverWithPort : serverWithPorts) {
serverWithPort = serverWithPort.trim();
if (serverWithPort.contains(":") && !serverWithPort.contains("@") && !configuration.getServers().contains("//")) {
final String[] split = serverWithPort.trim().split(":");
String host = split[0];
int port = Integer.parseInt(split[1].trim());
try {
final JedisShardInfo shardInfo;
if (configuration.getUseSSL()) {
if (StringUtils.isNotBlank(configuration.getSslTrustStoreFilePath()) && StringUtils.isNotBlank(configuration.getSslKeyStoreFilePath())) {
shardInfo = new JedisShardInfo(host, port, true, RedisProviderFactory.createSslSocketFactory(configuration), new SSLParameters(), new DefaultHostnameVerifier());
} else {
shardInfo = new JedisShardInfo(host, port, true);
}
} else {
shardInfo = new JedisShardInfo(host, port);
}
shards.add(shardInfo);
} catch (Exception e) {
LOG.error("Failed to create shard info.", e);
}
} else {
shards.add(new JedisShardInfo(serverWithPort));
}
}
return shards;
}
use of javax.net.ssl.SSLParameters in project oxCore by GluuFederation.
the class RedisStandaloneProvider method create.
public void create() {
LOG.debug("Starting RedisStandaloneProvider ...");
try {
JedisPoolConfig poolConfig = createPoolConfig();
HostAndPort hostAndPort = RedisClusterProvider.hosts(redisConfiguration.getServers()).iterator().next();
String password = redisConfiguration.getPassword();
if (redisConfiguration.getUseSSL()) {
if (StringUtils.isNotBlank(redisConfiguration.getSslTrustStoreFilePath()) && StringUtils.isNotBlank(redisConfiguration.getSslKeyStoreFilePath())) {
SSLSocketFactory sslSocketFactory = RedisProviderFactory.createSslSocketFactory(redisConfiguration);
pool = new JedisPool(poolConfig, hostAndPort.getHost(), hostAndPort.getPort(), true, sslSocketFactory, new SSLParameters(), new DefaultHostnameVerifier());
} else {
pool = new JedisPool(poolConfig, hostAndPort.getHost(), hostAndPort.getPort(), redisConfiguration.getConnectionTimeout(), password, true);
}
} else {
pool = new JedisPool(poolConfig, hostAndPort.getHost(), hostAndPort.getPort(), redisConfiguration.getConnectionTimeout(), password);
}
testConnection();
LOG.debug("RedisStandaloneProvider started.");
} catch (Exception e) {
LOG.error("Problems connecting with Redis", e);
throw new IllegalStateException("Error starting RedisStandaloneProvider", e);
}
}
use of javax.net.ssl.SSLParameters in project gradle by gradle.
the class BlockingHttpsServer method configure.
/**
* @param testKeyStore The key store to configure this server from.
* @param tlsProtocolFilter Used to prune the supported set of TLS versions
*/
public void configure(TestKeyStore testKeyStore, Predicate<String> tlsProtocolFilter) {
HttpsServer httpsServer = (HttpsServer) this.server;
SSLContext context = testKeyStore.asSSLContext();
httpsServer.setHttpsConfigurator(new HttpsConfigurator(context) {
@Override
public void configure(HttpsParameters params) {
SSLContext c = getSSLContext();
SSLEngine engine = c.createSSLEngine();
params.setNeedClientAuth(false);
params.setCipherSuites(engine.getEnabledCipherSuites());
// TLS protocols need to be filtered off both the HttpsParameters & SSLParameters
params.setProtocols(stripFilteredProtocols(engine.getEnabledProtocols()));
SSLParameters parameters = c.getDefaultSSLParameters();
parameters.setProtocols(stripFilteredProtocols(parameters.getProtocols()));
params.setSSLParameters(parameters);
}
private String[] stripFilteredProtocols(String[] allProtocols) {
return Arrays.stream(allProtocols).filter(tlsProtocolFilter).toArray(String[]::new);
}
});
}
Aggregations