Examples with SslContextFactory org.eclipse.jetty.util.ssl.SslContextFactory used on opensource projects

Example 66 with SslContextFactory

use of org.eclipse.jetty.util.ssl.SslContextFactory in project zeppelin by apache.

the class ZeppelinhubClient method createNewWebsocketClient.

private WebSocketClient createNewWebsocketClient() {
    SslContextFactory sslContextFactory = new SslContextFactory();
    WebSocketClient client = new WebSocketClient(sslContextFactory);
    client.setMaxTextMessageBufferSize(Client.getMaxNoteSize());
    client.getPolicy().setMaxTextMessageSize(Client.getMaxNoteSize());
    client.setMaxIdleTimeout(CONNECTION_IDLE_TIME);
    return client;
}

Example 67 with SslContextFactory

use of org.eclipse.jetty.util.ssl.SslContextFactory in project zeppelin by apache.

the class ZeppelinServer method getSslContextFactory.

private static SslContextFactory getSslContextFactory(ZeppelinConfiguration conf) {
    SslContextFactory sslContextFactory = new SslContextFactory();
    // Set keystore
    sslContextFactory.setKeyStorePath(conf.getKeyStorePath());
    sslContextFactory.setKeyStoreType(conf.getKeyStoreType());
    sslContextFactory.setKeyStorePassword(conf.getKeyStorePassword());
    sslContextFactory.setKeyManagerPassword(conf.getKeyManagerPassword());
    if (conf.useClientAuth()) {
        sslContextFactory.setNeedClientAuth(conf.useClientAuth());
        // Set truststore
        sslContextFactory.setTrustStorePath(conf.getTrustStorePath());
        sslContextFactory.setTrustStoreType(conf.getTrustStoreType());
        sslContextFactory.setTrustStorePassword(conf.getTrustStorePassword());
    }
    return sslContextFactory;
}

Example 68 with SslContextFactory

use of org.eclipse.jetty.util.ssl.SslContextFactory in project hive by apache.

the class HttpServer method createChannelConnector.

/**
   * Create a channel connector for "http/https" requests
   */
Connector createChannelConnector(int queueSize, Builder b) {
    SelectChannelConnector connector;
    if (!b.useSSL) {
        connector = new SelectChannelConnector();
    } else {
        SslContextFactory sslContextFactory = new SslContextFactory();
        sslContextFactory.setKeyStorePath(b.keyStorePath);
        Set<String> excludedSSLProtocols = Sets.newHashSet(Splitter.on(",").trimResults().omitEmptyStrings().split(Strings.nullToEmpty(b.conf.getVar(ConfVars.HIVE_SSL_PROTOCOL_BLACKLIST))));
        sslContextFactory.addExcludeProtocols(excludedSSLProtocols.toArray(new String[excludedSSLProtocols.size()]));
        sslContextFactory.setKeyStorePassword(b.keyStorePassword);
        connector = new SslSelectChannelConnector(sslContextFactory);
    }
    connector.setLowResourcesMaxIdleTime(10000);
    connector.setAcceptQueueSize(queueSize);
    connector.setResolveNames(false);
    connector.setUseDirectBuffers(false);
    connector.setRequestHeaderSize(1024 * 64);
    connector.setReuseAddress(true);
    return connector;
}

Example 69 with SslContextFactory

use of org.eclipse.jetty.util.ssl.SslContextFactory in project dropwizard by dropwizard.

the class Http2ConnectorFactory method build.

@Override
public Connector build(Server server, MetricRegistry metrics, String name, ThreadPool threadPool) {
    // HTTP/2 requires that a server MUST support TLSv1.2 and TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 cipher
    // See http://http2.github.io/http2-spec/index.html#rfc.section.9.2.2
    setSupportedProtocols(ImmutableList.of("TLSv1.2"));
    setSupportedCipherSuites(ImmutableList.of("TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"));
    // Setup connection factories
    final HttpConfiguration httpConfig = buildHttpConfiguration();
    final HttpConnectionFactory http1 = buildHttpConnectionFactory(httpConfig);
    final HTTP2ServerConnectionFactory http2 = new HTTP2ServerConnectionFactory(httpConfig);
    http2.setMaxConcurrentStreams(maxConcurrentStreams);
    http2.setInitialStreamRecvWindow(initialStreamRecvWindow);
    final NegotiatingServerConnectionFactory alpn = new ALPNServerConnectionFactory(H2, H2_17);
    // Speak HTTP 1.1 over TLS if negotiation fails
    alpn.setDefaultProtocol(HTTP_1_1);
    final SslContextFactory sslContextFactory = configureSslContextFactory(new SslContextFactory());
    sslContextFactory.addLifeCycleListener(logSslInfoOnStart(sslContextFactory));
    server.addBean(sslContextFactory);
    server.addBean(new SslReload(sslContextFactory, this::configureSslContextFactory));
    // We should use ALPN as a negotiation protocol. Old clients that don't support it will be served
    // via HTTPS. New clients, however, that want to use HTTP/2 will use TLS with ALPN extension.
    // If negotiation succeeds, the client and server switch to HTTP/2 protocol.
    final SslConnectionFactory sslConnectionFactory = new SslConnectionFactory(sslContextFactory, "alpn");
    return buildConnector(server, new ScheduledExecutorScheduler(), buildBufferPool(), name, threadPool, new Jetty93InstrumentedConnectionFactory(sslConnectionFactory, metrics.timer(httpConnections())), alpn, http2, http1);
}

Example 70 with SslContextFactory

use of org.eclipse.jetty.util.ssl.SslContextFactory in project dropwizard by dropwizard.

the class HttpsConnectorFactoryTest method windowsKeyStoreUnavailableThrowsException.

@Test(expected = IllegalStateException.class)
public void windowsKeyStoreUnavailableThrowsException() throws Exception {
    assumeFalse(canAccessWindowsKeyStore());
    final HttpsConnectorFactory factory = new HttpsConnectorFactory();
    factory.setKeyStoreType(WINDOWS_MY_KEYSTORE_NAME);
    factory.configureSslContextFactory(new SslContextFactory());
}