Examples with SslConfig org.apache.dubbo.config.SslConfig used on opensource projects

Search in sources :

Example 1 with SslConfig

use of org.apache.dubbo.config.SslConfig in project dubbo by alibaba.

the class GrpcOptionsUtils method buildServerSslContext.

private static SslContext buildServerSslContext(URL url) {
    ConfigManager globalConfigManager = ApplicationModel.getConfigManager();
    SslConfig sslConfig = globalConfigManager.getSsl().orElseThrow(() -> new IllegalStateException("Ssl enabled, but no ssl cert information provided!"));
    SslContextBuilder sslClientContextBuilder = null;
    InputStream serverKeyCertChainPathStream = null;
    InputStream serverPrivateKeyPathStream = null;
    InputStream trustCertCollectionFilePath = null;
    try {
        serverKeyCertChainPathStream = sslConfig.getServerKeyCertChainPathStream();
        serverPrivateKeyPathStream = sslConfig.getServerPrivateKeyPathStream();
        String password = sslConfig.getServerKeyPassword();
        if (password != null) {
            sslClientContextBuilder = GrpcSslContexts.forServer(serverKeyCertChainPathStream, serverPrivateKeyPathStream, password);
        } else {
            sslClientContextBuilder = GrpcSslContexts.forServer(serverKeyCertChainPathStream, serverPrivateKeyPathStream);
        }
        trustCertCollectionFilePath = sslConfig.getServerTrustCertCollectionPathStream();
        if (trustCertCollectionFilePath != null) {
            sslClientContextBuilder.trustManager(trustCertCollectionFilePath);
            sslClientContextBuilder.clientAuth(ClientAuth.REQUIRE);
        }
    } catch (Exception e) {
        throw new IllegalArgumentException("Could not find certificate file or the certificate is invalid.", e);
    } finally {
        safeCloseStream(serverKeyCertChainPathStream);
        safeCloseStream(serverPrivateKeyPathStream);
        safeCloseStream(trustCertCollectionFilePath);
    }
    try {
        return sslClientContextBuilder.build();
    } catch (SSLException e) {
        throw new IllegalStateException("Build SslSession failed.", e);
    }
}
Also used : SslConfig(org.apache.dubbo.config.SslConfig) SslContextBuilder(io.netty.handler.ssl.SslContextBuilder) InputStream(java.io.InputStream) SSLException(javax.net.ssl.SSLException) ConfigManager(org.apache.dubbo.config.context.ConfigManager) IOException(java.io.IOException) SSLException(javax.net.ssl.SSLException)

Example 2 with SslConfig

use of org.apache.dubbo.config.SslConfig in project dubbo by alibaba.

the class SslContexts method buildServerSslContext.

public static SslContext buildServerSslContext(URL url) {
    ConfigManager globalConfigManager = ApplicationModel.getConfigManager();
    SslConfig sslConfig = globalConfigManager.getSsl().orElseThrow(() -> new IllegalStateException("Ssl enabled, but no ssl cert information provided!"));
    SslContextBuilder sslClientContextBuilder = null;
    InputStream serverKeyCertChainPathStream = null;
    InputStream serverPrivateKeyPathStream = null;
    InputStream serverTrustCertStream = null;
    try {
        serverKeyCertChainPathStream = sslConfig.getServerKeyCertChainPathStream();
        serverPrivateKeyPathStream = sslConfig.getServerPrivateKeyPathStream();
        serverTrustCertStream = sslConfig.getServerTrustCertCollectionPathStream();
        String password = sslConfig.getServerKeyPassword();
        if (password != null) {
            sslClientContextBuilder = SslContextBuilder.forServer(serverKeyCertChainPathStream, serverPrivateKeyPathStream, password);
        } else {
            sslClientContextBuilder = SslContextBuilder.forServer(serverKeyCertChainPathStream, serverPrivateKeyPathStream);
        }
        if (serverTrustCertStream != null) {
            sslClientContextBuilder.trustManager(serverTrustCertStream);
            sslClientContextBuilder.clientAuth(ClientAuth.REQUIRE);
        }
        if (sslConfig.getCiphers() != null) {
            sslClientContextBuilder.ciphers(sslConfig.getCiphers());
        }
        if (sslConfig.getProtocols() != null) {
            sslClientContextBuilder.protocols(sslConfig.getProtocols());
        }
    } catch (Exception e) {
        throw new IllegalArgumentException("Could not find certificate file or the certificate is invalid.", e);
    } finally {
        safeCloseStream(serverKeyCertChainPathStream);
        safeCloseStream(serverPrivateKeyPathStream);
        safeCloseStream(serverTrustCertStream);
    }
    try {
        return sslClientContextBuilder.sslProvider(findSslProvider()).build();
    } catch (SSLException e) {
        throw new IllegalStateException("Build SslSession failed.", e);
    }
}
Also used : SslConfig(org.apache.dubbo.config.SslConfig) SslContextBuilder(io.netty.handler.ssl.SslContextBuilder) InputStream(java.io.InputStream) SSLException(javax.net.ssl.SSLException) ConfigManager(org.apache.dubbo.config.context.ConfigManager) IOException(java.io.IOException) SSLException(javax.net.ssl.SSLException)

Example 3 with SslConfig

use of org.apache.dubbo.config.SslConfig in project dubbo by alibaba.

the class SslContexts method buildClientSslContext.

public static SslContext buildClientSslContext(URL url) {
    ConfigManager globalConfigManager = ApplicationModel.getConfigManager();
    SslConfig sslConfig = globalConfigManager.getSsl().orElseThrow(() -> new IllegalStateException("Ssl enabled, but no ssl cert information provided!"));
    SslContextBuilder builder = SslContextBuilder.forClient();
    InputStream clientTrustCertCollectionPath = null;
    InputStream clientCertChainFilePath = null;
    InputStream clientPrivateKeyFilePath = null;
    try {
        clientTrustCertCollectionPath = sslConfig.getClientTrustCertCollectionPathStream();
        if (clientTrustCertCollectionPath != null) {
            builder.trustManager(clientTrustCertCollectionPath);
        }
        clientCertChainFilePath = sslConfig.getClientKeyCertChainPathStream();
        clientPrivateKeyFilePath = sslConfig.getClientPrivateKeyPathStream();
        if (clientCertChainFilePath != null && clientPrivateKeyFilePath != null) {
            String password = sslConfig.getClientKeyPassword();
            if (password != null) {
                builder.keyManager(clientCertChainFilePath, clientPrivateKeyFilePath, password);
            } else {
                builder.keyManager(clientCertChainFilePath, clientPrivateKeyFilePath);
            }
        }
        if (sslConfig.getCiphers() != null) {
            builder.ciphers(sslConfig.getCiphers());
        }
        if (sslConfig.getProtocols() != null) {
            builder.protocols(sslConfig.getProtocols());
        }
    } catch (Exception e) {
        throw new IllegalArgumentException("Could not find certificate file or find invalid certificate.", e);
    } finally {
        safeCloseStream(clientTrustCertCollectionPath);
        safeCloseStream(clientCertChainFilePath);
        safeCloseStream(clientPrivateKeyFilePath);
    }
    try {
        return builder.sslProvider(findSslProvider()).build();
    } catch (SSLException e) {
        throw new IllegalStateException("Build SslSession failed.", e);
    }
}
Also used : SslConfig(org.apache.dubbo.config.SslConfig) SslContextBuilder(io.netty.handler.ssl.SslContextBuilder) InputStream(java.io.InputStream) SSLException(javax.net.ssl.SSLException) ConfigManager(org.apache.dubbo.config.context.ConfigManager) IOException(java.io.IOException) SSLException(javax.net.ssl.SSLException)

Example 4 with SslConfig

use of org.apache.dubbo.config.SslConfig in project dubbo by alibaba.

the class SslContextsTest method testSslContextsItem.

protected void testSslContextsItem() throws NoSuchFieldException, IllegalAccessException {
    String cipher = "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256";
    String protocol = "TLSv1.3";
    ConfigManager globalConfigManager = ApplicationModel.getConfigManager();
    SslConfig sslConfig = new SslConfig();
    sslConfig.setCiphers(Arrays.asList(cipher));
    sslConfig.setProtocols(Arrays.asList(protocol));
    globalConfigManager.setSsl(sslConfig);
    SslContext sslContext = SslContexts.buildClientSslContext(null);
    if (sslContext instanceof JdkSslContext) {
        JdkSslContext jdkSslContext = (JdkSslContext) sslContext;
        List<String> cipherSuites = jdkSslContext.cipherSuites();
        Assertions.assertTrue(cipherSuites.size() == 1 && cipherSuites.get(0).equals(cipher));
        Field protocols = JdkSslContext.class.getDeclaredField("protocols");
        protocols.setAccessible(true);
        String[] item = (String[]) protocols.get(jdkSslContext);
        Assertions.assertTrue(item.length == 1 && item[0].equals(protocol));
    } else if (sslContext instanceof OpenSslContext) {
        OpenSslContext openSslContext = (OpenSslContext) sslContext;
        Assertions.assertTrue(openSslContext instanceof ReferenceCountedOpenSslContext);
        List<String> cipherSuites = openSslContext.cipherSuites();
        Assertions.assertTrue(cipherSuites.size() == 1 && cipherSuites.get(0).equals(cipher));
        Field protocols = ReferenceCountedOpenSslContext.class.getDeclaredField("protocols");
        protocols.setAccessible(true);
        final String[] item = (String[]) protocols.get(openSslContext);
        Assertions.assertTrue(item.length == 1 && item[0].equals(protocol));
    }
}
Also used : Field(java.lang.reflect.Field) SslConfig(org.apache.dubbo.config.SslConfig) ReferenceCountedOpenSslContext(io.netty.handler.ssl.ReferenceCountedOpenSslContext) JdkSslContext(io.netty.handler.ssl.JdkSslContext) OpenSslContext(io.netty.handler.ssl.OpenSslContext) ReferenceCountedOpenSslContext(io.netty.handler.ssl.ReferenceCountedOpenSslContext) List(java.util.List) ConfigManager(org.apache.dubbo.config.context.ConfigManager) JdkSslContext(io.netty.handler.ssl.JdkSslContext) SslContext(io.netty.handler.ssl.SslContext) OpenSslContext(io.netty.handler.ssl.OpenSslContext) ReferenceCountedOpenSslContext(io.netty.handler.ssl.ReferenceCountedOpenSslContext)

Example 5 with SslConfig

use of org.apache.dubbo.config.SslConfig in project dubbo by alibaba.

the class GrpcOptionsUtils method buildClientSslContext.

private static SslContext buildClientSslContext(URL url) {
    ConfigManager globalConfigManager = ApplicationModel.getConfigManager();
    SslConfig sslConfig = globalConfigManager.getSsl().orElseThrow(() -> new IllegalStateException("Ssl enabled, but no ssl cert information provided!"));
    SslContextBuilder builder = GrpcSslContexts.forClient();
    InputStream trustCertCollectionFilePath = null;
    InputStream clientCertChainFilePath = null;
    InputStream clientPrivateKeyFilePath = null;
    try {
        trustCertCollectionFilePath = sslConfig.getClientTrustCertCollectionPathStream();
        if (trustCertCollectionFilePath != null) {
            builder.trustManager(trustCertCollectionFilePath);
        }
        clientCertChainFilePath = sslConfig.getClientKeyCertChainPathStream();
        clientPrivateKeyFilePath = sslConfig.getClientPrivateKeyPathStream();
        if (clientCertChainFilePath != null && clientPrivateKeyFilePath != null) {
            String password = sslConfig.getClientKeyPassword();
            if (password != null) {
                builder.keyManager(clientCertChainFilePath, clientPrivateKeyFilePath, password);
            } else {
                builder.keyManager(clientCertChainFilePath, clientPrivateKeyFilePath);
            }
        }
    } catch (Exception e) {
        throw new IllegalArgumentException("Could not find certificate file or find invalid certificate.", e);
    } finally {
        safeCloseStream(trustCertCollectionFilePath);
        safeCloseStream(clientCertChainFilePath);
        safeCloseStream(clientPrivateKeyFilePath);
    }
    try {
        return builder.build();
    } catch (SSLException e) {
        throw new IllegalStateException("Build SslSession failed.", e);
    }
}
Also used : SslConfig(org.apache.dubbo.config.SslConfig) SslContextBuilder(io.netty.handler.ssl.SslContextBuilder) InputStream(java.io.InputStream) SSLException(javax.net.ssl.SSLException) ConfigManager(org.apache.dubbo.config.context.ConfigManager) IOException(java.io.IOException) SSLException(javax.net.ssl.SSLException)

Aggregations

SslConfig (org.apache.dubbo.config.SslConfig)6 ConfigManager (org.apache.dubbo.config.context.ConfigManager)5 SslContextBuilder (io.netty.handler.ssl.SslContextBuilder)4 IOException (java.io.IOException)4 InputStream (java.io.InputStream)4 SSLException (javax.net.ssl.SSLException)4 JdkSslContext (io.netty.handler.ssl.JdkSslContext)1 OpenSslContext (io.netty.handler.ssl.OpenSslContext)1 ReferenceCountedOpenSslContext (io.netty.handler.ssl.ReferenceCountedOpenSslContext)1 SslContext (io.netty.handler.ssl.SslContext)1 Field (java.lang.reflect.Field)1 List (java.util.List)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial