Example 1 with TlsConfiguration
use of org.hyperledger.besu.ethereum.api.tls.TlsConfiguration in project besu by hyperledger.
the class JsonRpcHttpServiceTlsClientAuthTest method getRpcHttpTlsConfiguration.
private Optional<TlsConfiguration> getRpcHttpTlsConfiguration() {
final Path knownClientsFile = createTempFile();
writeToKnownClientsFile(okHttpClientCertificate.getCommonName(), okHttpClientCertificate.getCertificateHexFingerprint(), knownClientsFile);
final TlsConfiguration tlsConfiguration = aTlsConfiguration().withKeyStorePath(besuCertificate.getKeyStoreFile()).withKeyStorePasswordSupplier(fileBasedPasswordProvider).withClientAuthConfiguration(aTlsClientAuthConfiguration().withKnownClientsFile(knownClientsFile).withCaClientsEnabled(true).build()).build();
return Optional.of(tlsConfiguration);
}
Also used :
Path(java.nio.file.Path)
TlsConfiguration(org.hyperledger.besu.ethereum.api.tls.TlsConfiguration)
Builder.aTlsConfiguration(org.hyperledger.besu.ethereum.api.tls.TlsConfiguration.Builder.aTlsConfiguration)
Example 2 with TlsConfiguration
use of org.hyperledger.besu.ethereum.api.tls.TlsConfiguration in project besu by hyperledger.
the class JsonRpcHttpService method applyTlsConfig.
private void applyTlsConfig(final HttpServerOptions httpServerOptions) {
if (config.getTlsConfiguration().isEmpty()) {
return;
}
final TlsConfiguration tlsConfiguration = config.getTlsConfiguration().get();
try {
httpServerOptions.setSsl(true).setPfxKeyCertOptions(new PfxOptions().setPath(tlsConfiguration.getKeyStorePath().toString()).setPassword(tlsConfiguration.getKeyStorePassword())).setUseAlpn(true);
tlsConfiguration.getSecureTransportProtocols().ifPresent(httpServerOptions::setEnabledSecureTransportProtocols);
tlsConfiguration.getCipherSuites().ifPresent(cipherSuites -> {
for (String cs : cipherSuites) {
httpServerOptions.addEnabledCipherSuite(cs);
}
});
tlsConfiguration.getClientAuthConfiguration().ifPresent(clientAuthConfiguration -> applyTlsClientAuth(clientAuthConfiguration, httpServerOptions));
} catch (final RuntimeException re) {
throw new JsonRpcServiceException(String.format("TLS options failed to initialize for Ethereum JSON-RPC listener: %s", re.getMessage()));
}
}
Also used :
TlsConfiguration(org.hyperledger.besu.ethereum.api.tls.TlsConfiguration)
PfxOptions(io.vertx.core.net.PfxOptions)
Example 3 with TlsConfiguration
use of org.hyperledger.besu.ethereum.api.tls.TlsConfiguration in project besu by hyperledger.
the class JsonRpcService method applyTlsConfig.
private void applyTlsConfig(final HttpServerOptions httpServerOptions) {
final Optional<TlsConfiguration> maybeTlsConfig = config.getTlsConfiguration();
if (maybeTlsConfig.isPresent()) {
final TlsConfiguration tlsConfiguration = maybeTlsConfig.get();
try {
httpServerOptions.setSsl(true).setPfxKeyCertOptions(new PfxOptions().setPath(tlsConfiguration.getKeyStorePath().toString()).setPassword(tlsConfiguration.getKeyStorePassword())).setUseAlpn(true);
tlsConfiguration.getSecureTransportProtocols().ifPresent(httpServerOptions::setEnabledSecureTransportProtocols);
tlsConfiguration.getCipherSuites().ifPresent(cipherSuites -> {
for (String cs : cipherSuites) {
httpServerOptions.addEnabledCipherSuite(cs);
}
});
tlsConfiguration.getClientAuthConfiguration().ifPresent(clientAuthConfiguration -> applyTlsClientAuth(clientAuthConfiguration, httpServerOptions));
} catch (final RuntimeException re) {
throw new JsonRpcServiceException(String.format("TLS options failed to initialize for Ethereum JSON-RPC listener: %s", re.getMessage()));
}
}
}
Also used :
TlsConfiguration(org.hyperledger.besu.ethereum.api.tls.TlsConfiguration)
PfxOptions(io.vertx.core.net.PfxOptions)
Aggregations
TlsConfiguration (org.hyperledger.besu.ethereum.api.tls.TlsConfiguration)3
PfxOptions (io.vertx.core.net.PfxOptions)2
Path (java.nio.file.Path)1
Builder.aTlsConfiguration (org.hyperledger.besu.ethereum.api.tls.TlsConfiguration.Builder.aTlsConfiguration)1
