Example 31 with SSLServerSocket
use of javax.net.ssl.SSLServerSocket in project Payara by payara.
the class IIOPSSLSocketFactory method createSSLServerSocket.
// ----- END implements com.sun.corba.ee.spi.transport.ORBSocketFactory -----
/**
* Create an SSL server socket at the specified InetSocketAddress. If the type
* is SSL_MUTUALAUTH then SSL client authentication is requested.
*/
private ServerSocket createSSLServerSocket(String type, InetSocketAddress inetSocketAddress) throws IOException {
if (inetSocketAddress == null) {
throw new IOException(getFormatMessage("iiop.invalid_sslserverport", new Object[] { null }));
}
int port = inetSocketAddress.getPort();
Integer iport = Integer.valueOf(port);
SSLInfo sslInfo = (SSLInfo) portToSSLInfo.get(iport);
if (sslInfo == null) {
throw new IOException(getFormatMessage("iiop.invalid_sslserverport", new Object[] { iport }));
}
SSLServerSocketFactory ssf = sslInfo.getContext().getServerSocketFactory();
String[] ssl3TlsCiphers = sslInfo.getSsl3TlsCiphers();
String[] ssl2Ciphers = sslInfo.getSsl2Ciphers();
String[] ciphers = null;
if (ssl3TlsCiphers != null || ssl2Ciphers != null) {
String[] socketCiphers = ssf.getDefaultCipherSuites();
ciphers = mergeCiphers(socketCiphers, ssl3TlsCiphers, ssl2Ciphers);
}
String[] cs = null;
if (_logger.isLoggable(Level.FINE)) {
cs = ssf.getSupportedCipherSuites();
for (int i = 0; i < cs.length; ++i) {
_logger.log(Level.FINE, "Cipher Suite: " + cs[i]);
}
}
ServerSocket ss = null;
try {
// bugfix for 6349541
// specify the ip address to bind to, 50 is the default used
// by the ssf implementation when only the port is specified
ss = ssf.createServerSocket(port, BACKLOG, inetSocketAddress.getAddress());
if (ciphers != null) {
((SSLServerSocket) ss).setEnabledCipherSuites(ciphers);
}
} catch (IOException e) {
_logger.log(Level.SEVERE, "iiop.createsocket_exception", new Object[] { type, String.valueOf(port) });
_logger.log(Level.SEVERE, "", e);
throw e;
}
try {
if (type.equals(SSL_MUTUALAUTH)) {
_logger.log(Level.FINE, "Setting Mutual auth");
((SSLServerSocket) ss).setNeedClientAuth(true);
}
} catch (Exception e) {
_logger.log(Level.SEVERE, "iiop.cipher_exception", e);
throw new IOException(e.getMessage());
}
if (_logger.isLoggable(Level.FINE)) {
_logger.log(Level.FINE, "Created server socket:" + ss);
}
return ss;
}
Also used :
SSLServerSocketFactory(javax.net.ssl.SSLServerSocketFactory)
ServerSocket(java.net.ServerSocket)
SSLServerSocket(javax.net.ssl.SSLServerSocket)
IOException(java.io.IOException)
SSLServerSocket(javax.net.ssl.SSLServerSocket)
SocketException(java.net.SocketException)
IOException(java.io.IOException)
Example 32 with SSLServerSocket
use of javax.net.ssl.SSLServerSocket in project Payara by payara.
the class SSLSocketFactory method createSocket.
/**
* Create the socket at the specified port.
*
* @param port the port number.
* @return the SSL server socket.
*/
@Override
public ServerSocket createSocket(int port) throws IOException {
SSLServerSocket socket = (SSLServerSocket) factory.createServerSocket(port);
init(socket);
return socket;
}
Also used :
SSLServerSocket(javax.net.ssl.SSLServerSocket)
Example 33 with SSLServerSocket
use of javax.net.ssl.SSLServerSocket in project tomee by apache.
the class ServiceDaemon method start.
@Override
public void start() throws ServiceException {
synchronized (this) {
// Don't bother if we are already started/starting
if (this.socketListener != null) {
return;
}
this.next.start();
final ServerSocket serverSocket;
try {
if (this.secure) {
final ServerSocketFactory factory = SSLServerSocketFactory.getDefault();
serverSocket = factory.createServerSocket(this.port, this.backlog, this.inetAddress);
((SSLServerSocket) serverSocket).setEnabledCipherSuites(this.enabledCipherSuites);
} else {
serverSocket = new ServerSocket();
serverSocket.setReuseAddress(true);
try {
serverSocket.bind(new InetSocketAddress(this.inetAddress, this.port), this.backlog);
} catch (final BindException e) {
// One retry - Port may be closing
Thread.sleep(1000);
serverSocket.bind(new InetSocketAddress(this.inetAddress, this.port), this.backlog);
}
}
serverSocket.setSoTimeout(this.timeout);
int serverPort = serverSocket.getLocalPort();
if (this.port == 0 && next.getName() != null) {
SystemInstance.get().getProperties().put(next.getName() + ".port", Integer.toString(serverPort));
this.port = serverPort;
}
} catch (Exception e) {
throw new ServiceException("Service failed to open socket", e);
}
this.socketListener = new SocketListener(this.next, serverSocket);
final Thread thread = new Thread(this.socketListener);
thread.setName("Service." + this.getName() + "@" + this.socketListener.hashCode());
thread.setDaemon(true);
thread.start();
final DiscoveryAgent agent = SystemInstance.get().getComponent(DiscoveryAgent.class);
if (agent != null && this.discoveryUriFormat != null) {
final Map<String, String> map = new HashMap<String, String>();
// add all the properties that were used to construct this service
for (final Map.Entry<Object, Object> entry : this.props.entrySet()) {
map.put(entry.getKey().toString(), entry.getValue().toString());
}
map.put("port", Integer.toString(this.port));
String address = this.ip;
if ("0.0.0.0".equals(address)) {
try {
address = InetAddress.getLocalHost().getHostAddress();
} catch (UnknownHostException e) {
log.error("Failed to resolve 0.0.0.0 to a routable address", e);
}
}
map.put("host", address);
map.put("bind", address);
final String uriString = this.discoveryUriFormat.apply(map);
try {
this.serviceUri = new URI(uriString);
agent.registerService(this.serviceUri);
} catch (Exception e) {
log.error("Cannot register service '" + this.getName() + "' with DiscoveryAgent.", e);
}
}
}
}
Also used :
UnknownHostException(java.net.UnknownHostException)
HashMap(java.util.HashMap)
SSLServerSocketFactory(javax.net.ssl.SSLServerSocketFactory)
ServerSocketFactory(javax.net.ServerSocketFactory)
InetSocketAddress(java.net.InetSocketAddress)
BindException(java.net.BindException)
ServerSocket(java.net.ServerSocket)
SSLServerSocket(javax.net.ssl.SSLServerSocket)
SSLServerSocket(javax.net.ssl.SSLServerSocket)
URI(java.net.URI)
BindException(java.net.BindException)
SocketException(java.net.SocketException)
SocketTimeoutException(java.net.SocketTimeoutException)
IOException(java.io.IOException)
UnknownHostException(java.net.UnknownHostException)
HashMap(java.util.HashMap)
Map(java.util.Map)
Example 34 with SSLServerSocket
use of javax.net.ssl.SSLServerSocket in project apjp by jvansteirteghem.
the class HTTPS method createSSLServerSocket.
public static synchronized SSLServerSocket createSSLServerSocket(String remoteAddress, int remotePort) throws HTTPSException {
try {
KeyStore defaultKeyStore = getDefaultKeyStore();
PrivateKey privateKey = (PrivateKey) defaultKeyStore.getKey("APJP", "APJP".toCharArray());
Certificate certificateAuthority = defaultKeyStore.getCertificate("APJP");
String certificateAlias;
if (remotePort == 443) {
certificateAlias = remoteAddress;
} else {
certificateAlias = remoteAddress + ":" + remotePort;
}
Certificate certificate = defaultKeyStore.getCertificate(certificateAlias);
if (certificate == null) {
X509Certificate x509CertificateAuthority = new X509Certificate(certificateAuthority.getEncoded());
X509Certificate x509Certificate = new X509Certificate();
Name name = new Name();
//CN
name.addRDN(new ObjectID("2.5.4.3"), certificateAlias);
// O
name.addRDN(new ObjectID("2.5.4.10"), "APJP");
// OU
name.addRDN(new ObjectID("2.5.4.11"), "APJP");
x509Certificate.setSubjectDN(name);
x509Certificate.setIssuerDN(x509CertificateAuthority.getIssuerDN());
x509Certificate.setValidNotBefore(new Date(new Date().getTime() - 1 * (1000L * 60 * 60 * 24 * 365)));
x509Certificate.setValidNotAfter(new Date(new Date().getTime() + 10 * (1000L * 60 * 60 * 24 * 365)));
x509Certificate.setSerialNumber(BigInteger.valueOf(new Date().getTime()));
x509Certificate.setPublicKey(x509CertificateAuthority.getPublicKey());
// SHA1_WITH_RSA_ENCRYPTION
x509Certificate.sign(new AlgorithmID(new ObjectID("1.2.840.113549.1.1.5")), privateKey);
X509Certificate[] x509CertificateArray = new X509Certificate[2];
x509CertificateArray[0] = x509Certificate;
x509CertificateArray[1] = x509CertificateAuthority;
defaultKeyStore.setCertificateEntry(certificateAlias, x509Certificate);
defaultKeyStore.setKeyEntry(certificateAlias, privateKey, "APJP".toCharArray(), x509CertificateArray);
certificate = x509Certificate;
}
Certificate[] certificateArray = new Certificate[2];
certificateArray[0] = certificate;
certificateArray[1] = certificateAuthority;
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(null, "APJP".toCharArray());
keyStore.setCertificateEntry("APJP", certificate);
keyStore.setKeyEntry("APJP", privateKey, "APJP".toCharArray(), certificateArray);
SSLContext sslContext = SSLContext.getInstance("TLS");
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyManagerFactory.init(keyStore, "APJP".toCharArray());
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(keyStore);
sslContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);
SSLServerSocketFactory sslServerSocketFactory = (SSLServerSocketFactory) sslContext.getServerSocketFactory();
return (SSLServerSocket) sslServerSocketFactory.createServerSocket();
} catch (Exception e) {
logger.log(2, "HTTPS/CREATE_SSL_SERVER_SOCKET: EXCEPTION", e);
throw new HTTPSException("HTTPS/CREATE_SSL_SERVER_SOCKET", e);
}
}
Also used :
PrivateKey(java.security.PrivateKey)
ObjectID(iaik.asn1.ObjectID)
SSLContext(javax.net.ssl.SSLContext)
SSLServerSocket(javax.net.ssl.SSLServerSocket)
KeyStore(java.security.KeyStore)
X509Certificate(iaik.x509.X509Certificate)
Date(java.util.Date)
Name(iaik.asn1.structures.Name)
KeyManagerFactory(javax.net.ssl.KeyManagerFactory)
AlgorithmID(iaik.asn1.structures.AlgorithmID)
TrustManagerFactory(javax.net.ssl.TrustManagerFactory)
SSLServerSocketFactory(javax.net.ssl.SSLServerSocketFactory)
Certificate(java.security.cert.Certificate)
X509Certificate(iaik.x509.X509Certificate)
Example 35 with SSLServerSocket
use of javax.net.ssl.SSLServerSocket in project jetty.project by eclipse.
the class SslContextFactory method newSslServerSocket.
public SSLServerSocket newSslServerSocket(String host, int port, int backlog) throws IOException {
checkIsStarted();
SSLContext context = getSslContext();
SSLServerSocketFactory factory = context.getServerSocketFactory();
SSLServerSocket socket = (SSLServerSocket) (host == null ? factory.createServerSocket(port, backlog) : factory.createServerSocket(port, backlog, InetAddress.getByName(host)));
socket.setSSLParameters(customize(socket.getSSLParameters()));
return socket;
}
Also used :
SSLServerSocketFactory(javax.net.ssl.SSLServerSocketFactory)
SSLContext(javax.net.ssl.SSLContext)
SSLServerSocket(javax.net.ssl.SSLServerSocket)
Aggregations
SSLServerSocket (javax.net.ssl.SSLServerSocket)67
SSLContext (javax.net.ssl.SSLContext)24
SSLSocket (javax.net.ssl.SSLSocket)19
InetSocketAddress (java.net.InetSocketAddress)15
SSLServerSocketFactory (javax.net.ssl.SSLServerSocketFactory)14
IOException (java.io.IOException)13
ServerSocket (java.net.ServerSocket)12
URL (java.net.URL)10
HttpsURLConnection (javax.net.ssl.HttpsURLConnection)10
SSLEngine (javax.net.ssl.SSLEngine)9
UnknownHostException (java.net.UnknownHostException)7
Proxy (java.net.Proxy)6
Test (org.junit.Test)6
InetAddress (java.net.InetAddress)5
Method (java.lang.reflect.Method)3
KeyManagementException (java.security.KeyManagementException)3
KeyStore (java.security.KeyStore)3
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)3
ArrayList (java.util.ArrayList)3
ServerSocketFactory (javax.net.ServerSocketFactory)3
