use of org.hyperledger.besu.ethereum.api.tls.TlsConfiguration in project besu by hyperledger.
the class JsonRpcHttpServiceTlsClientAuthTest method getRpcHttpTlsConfiguration.
private Optional<TlsConfiguration> getRpcHttpTlsConfiguration() {
final Path knownClientsFile = createTempFile();
writeToKnownClientsFile(okHttpClientCertificate.getCommonName(), okHttpClientCertificate.getCertificateHexFingerprint(), knownClientsFile);
final TlsConfiguration tlsConfiguration = aTlsConfiguration().withKeyStorePath(besuCertificate.getKeyStoreFile()).withKeyStorePasswordSupplier(fileBasedPasswordProvider).withClientAuthConfiguration(aTlsClientAuthConfiguration().withKnownClientsFile(knownClientsFile).withCaClientsEnabled(true).build()).build();
return Optional.of(tlsConfiguration);
}
use of org.hyperledger.besu.ethereum.api.tls.TlsConfiguration in project besu by hyperledger.
the class JsonRpcHttpService method applyTlsConfig.
private void applyTlsConfig(final HttpServerOptions httpServerOptions) {
if (config.getTlsConfiguration().isEmpty()) {
return;
}
final TlsConfiguration tlsConfiguration = config.getTlsConfiguration().get();
try {
httpServerOptions.setSsl(true).setPfxKeyCertOptions(new PfxOptions().setPath(tlsConfiguration.getKeyStorePath().toString()).setPassword(tlsConfiguration.getKeyStorePassword())).setUseAlpn(true);
tlsConfiguration.getSecureTransportProtocols().ifPresent(httpServerOptions::setEnabledSecureTransportProtocols);
tlsConfiguration.getCipherSuites().ifPresent(cipherSuites -> {
for (String cs : cipherSuites) {
httpServerOptions.addEnabledCipherSuite(cs);
}
});
tlsConfiguration.getClientAuthConfiguration().ifPresent(clientAuthConfiguration -> applyTlsClientAuth(clientAuthConfiguration, httpServerOptions));
} catch (final RuntimeException re) {
throw new JsonRpcServiceException(String.format("TLS options failed to initialize for Ethereum JSON-RPC listener: %s", re.getMessage()));
}
}
use of org.hyperledger.besu.ethereum.api.tls.TlsConfiguration in project besu by hyperledger.
the class JsonRpcService method applyTlsConfig.
private void applyTlsConfig(final HttpServerOptions httpServerOptions) {
final Optional<TlsConfiguration> maybeTlsConfig = config.getTlsConfiguration();
if (maybeTlsConfig.isPresent()) {
final TlsConfiguration tlsConfiguration = maybeTlsConfig.get();
try {
httpServerOptions.setSsl(true).setPfxKeyCertOptions(new PfxOptions().setPath(tlsConfiguration.getKeyStorePath().toString()).setPassword(tlsConfiguration.getKeyStorePassword())).setUseAlpn(true);
tlsConfiguration.getSecureTransportProtocols().ifPresent(httpServerOptions::setEnabledSecureTransportProtocols);
tlsConfiguration.getCipherSuites().ifPresent(cipherSuites -> {
for (String cs : cipherSuites) {
httpServerOptions.addEnabledCipherSuite(cs);
}
});
tlsConfiguration.getClientAuthConfiguration().ifPresent(clientAuthConfiguration -> applyTlsClientAuth(clientAuthConfiguration, httpServerOptions));
} catch (final RuntimeException re) {
throw new JsonRpcServiceException(String.format("TLS options failed to initialize for Ethereum JSON-RPC listener: %s", re.getMessage()));
}
}
}
Aggregations