Search in sources :

Example 1 with TlsConfiguration

use of org.hyperledger.besu.ethereum.api.tls.TlsConfiguration in project besu by hyperledger.

the class JsonRpcHttpServiceTlsClientAuthTest method getRpcHttpTlsConfiguration.

private Optional<TlsConfiguration> getRpcHttpTlsConfiguration() {
    final Path knownClientsFile = createTempFile();
    writeToKnownClientsFile(okHttpClientCertificate.getCommonName(), okHttpClientCertificate.getCertificateHexFingerprint(), knownClientsFile);
    final TlsConfiguration tlsConfiguration = aTlsConfiguration().withKeyStorePath(besuCertificate.getKeyStoreFile()).withKeyStorePasswordSupplier(fileBasedPasswordProvider).withClientAuthConfiguration(aTlsClientAuthConfiguration().withKnownClientsFile(knownClientsFile).withCaClientsEnabled(true).build()).build();
    return Optional.of(tlsConfiguration);
}
Also used : Path(java.nio.file.Path) TlsConfiguration(org.hyperledger.besu.ethereum.api.tls.TlsConfiguration) Builder.aTlsConfiguration(org.hyperledger.besu.ethereum.api.tls.TlsConfiguration.Builder.aTlsConfiguration)

Example 2 with TlsConfiguration

use of org.hyperledger.besu.ethereum.api.tls.TlsConfiguration in project besu by hyperledger.

the class JsonRpcHttpService method applyTlsConfig.

private void applyTlsConfig(final HttpServerOptions httpServerOptions) {
    if (config.getTlsConfiguration().isEmpty()) {
        return;
    }
    final TlsConfiguration tlsConfiguration = config.getTlsConfiguration().get();
    try {
        httpServerOptions.setSsl(true).setPfxKeyCertOptions(new PfxOptions().setPath(tlsConfiguration.getKeyStorePath().toString()).setPassword(tlsConfiguration.getKeyStorePassword())).setUseAlpn(true);
        tlsConfiguration.getSecureTransportProtocols().ifPresent(httpServerOptions::setEnabledSecureTransportProtocols);
        tlsConfiguration.getCipherSuites().ifPresent(cipherSuites -> {
            for (String cs : cipherSuites) {
                httpServerOptions.addEnabledCipherSuite(cs);
            }
        });
        tlsConfiguration.getClientAuthConfiguration().ifPresent(clientAuthConfiguration -> applyTlsClientAuth(clientAuthConfiguration, httpServerOptions));
    } catch (final RuntimeException re) {
        throw new JsonRpcServiceException(String.format("TLS options failed to initialize for Ethereum JSON-RPC listener: %s", re.getMessage()));
    }
}
Also used : TlsConfiguration(org.hyperledger.besu.ethereum.api.tls.TlsConfiguration) PfxOptions(io.vertx.core.net.PfxOptions)

Example 3 with TlsConfiguration

use of org.hyperledger.besu.ethereum.api.tls.TlsConfiguration in project besu by hyperledger.

the class JsonRpcService method applyTlsConfig.

private void applyTlsConfig(final HttpServerOptions httpServerOptions) {
    final Optional<TlsConfiguration> maybeTlsConfig = config.getTlsConfiguration();
    if (maybeTlsConfig.isPresent()) {
        final TlsConfiguration tlsConfiguration = maybeTlsConfig.get();
        try {
            httpServerOptions.setSsl(true).setPfxKeyCertOptions(new PfxOptions().setPath(tlsConfiguration.getKeyStorePath().toString()).setPassword(tlsConfiguration.getKeyStorePassword())).setUseAlpn(true);
            tlsConfiguration.getSecureTransportProtocols().ifPresent(httpServerOptions::setEnabledSecureTransportProtocols);
            tlsConfiguration.getCipherSuites().ifPresent(cipherSuites -> {
                for (String cs : cipherSuites) {
                    httpServerOptions.addEnabledCipherSuite(cs);
                }
            });
            tlsConfiguration.getClientAuthConfiguration().ifPresent(clientAuthConfiguration -> applyTlsClientAuth(clientAuthConfiguration, httpServerOptions));
        } catch (final RuntimeException re) {
            throw new JsonRpcServiceException(String.format("TLS options failed to initialize for Ethereum JSON-RPC listener: %s", re.getMessage()));
        }
    }
}
Also used : TlsConfiguration(org.hyperledger.besu.ethereum.api.tls.TlsConfiguration) PfxOptions(io.vertx.core.net.PfxOptions)

Aggregations

TlsConfiguration (org.hyperledger.besu.ethereum.api.tls.TlsConfiguration)3 PfxOptions (io.vertx.core.net.PfxOptions)2 Path (java.nio.file.Path)1 Builder.aTlsConfiguration (org.hyperledger.besu.ethereum.api.tls.TlsConfiguration.Builder.aTlsConfiguration)1