Example 11 with ServerEncryptionOptions
use of org.apache.cassandra.config.EncryptionOptions.ServerEncryptionOptions in project cassandra by apache.
the class SSLFactoryTest method testPEMSslContextReload_HappyPath.
@Test
public void testPEMSslContextReload_HappyPath() throws IOException, InterruptedException {
try {
ServerEncryptionOptions options = addPEMKeystoreOptions(encryptionOptions).withInternodeEncryption(ServerEncryptionOptions.InternodeEncryption.all);
SSLFactory.initHotReloading(options, options, true);
SslContext oldCtx = SSLFactory.getOrCreateSslContext(options, true, ISslContextFactory.SocketType.CLIENT);
File keystoreFile = new File(options.keystore);
SSLFactory.checkCertFilesForHotReloading(options, options);
keystoreFile.trySetLastModified(System.currentTimeMillis() + 15000);
SSLFactory.checkCertFilesForHotReloading(options, options);
SslContext newCtx = SSLFactory.getOrCreateSslContext(options, true, ISslContextFactory.SocketType.CLIENT);
Assert.assertNotSame(oldCtx, newCtx);
} catch (Exception e) {
throw e;
} finally {
DatabaseDescriptor.loadConfig();
}
}
Also used :
ServerEncryptionOptions(org.apache.cassandra.config.EncryptionOptions.ServerEncryptionOptions)
File(org.apache.cassandra.io.util.File)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
SslContext(io.netty.handler.ssl.SslContext)
Test(org.junit.Test)
Example 12 with ServerEncryptionOptions
use of org.apache.cassandra.config.EncryptionOptions.ServerEncryptionOptions in project cassandra by apache.
the class SSLFactoryTest method testSslFactorySslInit_BadPassword_ThrowsException.
@Test(expected = IOException.class)
public void testSslFactorySslInit_BadPassword_ThrowsException() throws IOException {
ServerEncryptionOptions options = addKeystoreOptions(encryptionOptions).withKeyStorePassword("bad password").withInternodeEncryption(ServerEncryptionOptions.InternodeEncryption.all);
SSLFactory.validateSslContext("testSslFactorySslInit_BadPassword_ThrowsException", options, false, true);
}
Also used :
ServerEncryptionOptions(org.apache.cassandra.config.EncryptionOptions.ServerEncryptionOptions)
Test(org.junit.Test)
Example 13 with ServerEncryptionOptions
use of org.apache.cassandra.config.EncryptionOptions.ServerEncryptionOptions in project cassandra by apache.
the class SSLFactoryTest method testSslFactoryHotReload_BadPassword_DoesNotClearExistingSslContext.
@Test
public void testSslFactoryHotReload_BadPassword_DoesNotClearExistingSslContext() throws IOException {
try {
ServerEncryptionOptions options = addKeystoreOptions(encryptionOptions);
SSLFactory.initHotReloading(options, options, true);
SslContext oldCtx = SSLFactory.getOrCreateSslContext(options, true, ISslContextFactory.SocketType.CLIENT);
File keystoreFile = new File(options.keystore);
SSLFactory.checkCertFilesForHotReloading(options, options);
keystoreFile.trySetLastModified(System.currentTimeMillis() + 5000);
ServerEncryptionOptions modOptions = new ServerEncryptionOptions(options).withKeyStorePassword("bad password");
SSLFactory.checkCertFilesForHotReloading(modOptions, modOptions);
SslContext newCtx = SSLFactory.getOrCreateSslContext(options, true, ISslContextFactory.SocketType.CLIENT);
Assert.assertSame(oldCtx, newCtx);
} finally {
DatabaseDescriptor.loadConfig();
}
}
Also used :
ServerEncryptionOptions(org.apache.cassandra.config.EncryptionOptions.ServerEncryptionOptions)
File(org.apache.cassandra.io.util.File)
SslContext(io.netty.handler.ssl.SslContext)
Test(org.junit.Test)
Example 14 with ServerEncryptionOptions
use of org.apache.cassandra.config.EncryptionOptions.ServerEncryptionOptions in project cassandra by apache.
the class MessagingServiceTest method listenRequiredSecureConnection.
@Test
public void listenRequiredSecureConnection() throws InterruptedException {
ServerEncryptionOptions serverEncryptionOptions = new ServerEncryptionOptions().withOptional(false).withInternodeEncryption(ServerEncryptionOptions.InternodeEncryption.all).withLegacySslStoragePort(false);
listen(serverEncryptionOptions, false);
}
Also used :
ServerEncryptionOptions(org.apache.cassandra.config.EncryptionOptions.ServerEncryptionOptions)
Test(org.junit.Test)
Example 15 with ServerEncryptionOptions
use of org.apache.cassandra.config.EncryptionOptions.ServerEncryptionOptions in project cassandra by apache.
the class MessagingServiceTest method listenRequiredSecureConnectionWithBroadcastAddr.
@Test
public void listenRequiredSecureConnectionWithBroadcastAddr() throws InterruptedException {
ServerEncryptionOptions serverEncryptionOptions = new ServerEncryptionOptions().withOptional(false).withInternodeEncryption(ServerEncryptionOptions.InternodeEncryption.all).withLegacySslStoragePort(false);
listen(serverEncryptionOptions, true);
}
Also used :
ServerEncryptionOptions(org.apache.cassandra.config.EncryptionOptions.ServerEncryptionOptions)
Test(org.junit.Test)
Aggregations
ServerEncryptionOptions (org.apache.cassandra.config.EncryptionOptions.ServerEncryptionOptions)16
Test (org.junit.Test)14
SslContext (io.netty.handler.ssl.SslContext)4
File (org.apache.cassandra.io.util.File)4
IOException (java.io.IOException)3
CertificateException (java.security.cert.CertificateException)3
SSLServerSocket (javax.net.ssl.SSLServerSocket)1
IInternodeAuthenticator (org.apache.cassandra.auth.IInternodeAuthenticator)1
ConfigurationException (org.apache.cassandra.exceptions.ConfigurationException)1
InetAddressAndPort (org.apache.cassandra.locator.InetAddressAndPort)1
