Example 1 with SslConfiguration
use of org.infinispan.server.core.configuration.SslConfiguration in project infinispan by infinispan.
the class HotRodSslFunctionalTest method connectClient.
@Override
protected HotRodClient connectClient(byte protocolVersion) {
SslConfiguration ssl = hotRodServer.getConfiguration().ssl();
SSLContext sslContext = new SslContextFactory().keyStoreFileName(ssl.keyStoreFileName()).keyStorePassword(ssl.keyStorePassword()).keyStoreType("pkcs12").trustStoreFileName(ssl.trustStoreFileName()).trustStorePassword(ssl.trustStorePassword()).trustStoreType("pkcs12").getContext();
SSLEngine sslEngine = SslContextFactory.getEngine(sslContext, true, false);
return new HotRodClient(hotRodServer.getHost(), hotRodServer.getPort(), cacheName, HotRodClient.DEFAULT_TIMEOUT_SECONDS, protocolVersion, sslEngine);
}
Also used :
SslContextFactory(org.infinispan.commons.util.SslContextFactory)
SslConfiguration(org.infinispan.server.core.configuration.SslConfiguration)
SSLEngine(javax.net.ssl.SSLEngine)
HotRodClient(org.infinispan.server.hotrod.test.HotRodClient)
SSLContext(javax.net.ssl.SSLContext)
Example 2 with SslConfiguration
use of org.infinispan.server.core.configuration.SslConfiguration in project infinispan by infinispan.
the class NettyChannelInitializer method initializeChannel.
@Override
public void initializeChannel(Channel ch) throws Exception {
ChannelPipeline pipeline = ch.pipeline();
pipeline.addLast("iprules", ipRulesHandler);
if (statsHandler != null) {
pipeline.addLast("stats", statsHandler);
}
SslConfiguration ssl = server.getConfiguration().ssl();
if (ssl.enabled()) {
ApplicationProtocolConfig alpnConfig = getAlpnConfiguration();
// add default domain mapping
JdkSslContext defaultNettySslContext = SslUtils.createNettySslContext(ssl, ssl.sniDomainsConfiguration().get(SslConfiguration.DEFAULT_SNI_DOMAIN), alpnConfig);
DomainNameMappingBuilder<JdkSslContext> domainMappingBuilder = new DomainNameMappingBuilder<>(defaultNettySslContext);
// and the rest
ssl.sniDomainsConfiguration().forEach((k, v) -> {
if (!SslConfiguration.DEFAULT_SNI_DOMAIN.equals(k)) {
domainMappingBuilder.add(k, SslUtils.createNettySslContext(ssl, v, alpnConfig));
}
});
pipeline.addLast("sni", new SniHandler(domainMappingBuilder.build()));
}
if (decoder != null) {
// We can not use `decoder` here. Each invocation creates a new instance of decoder and it seems
// it can not be shared between pipelines.
// See https://issues.jboss.org/browse/ISPN-7765 for more details.
pipeline.addLast("decoder", server.getDecoder());
}
if (encoder != null) {
pipeline.addLast("encoder", encoder);
}
}
Also used :
JdkSslContext(io.netty.handler.ssl.JdkSslContext)
SslConfiguration(org.infinispan.server.core.configuration.SslConfiguration)
SniHandler(io.netty.handler.ssl.SniHandler)
ChannelPipeline(io.netty.channel.ChannelPipeline)
DomainNameMappingBuilder(io.netty.util.DomainNameMappingBuilder)
ApplicationProtocolConfig(io.netty.handler.ssl.ApplicationProtocolConfig)
Aggregations
SslConfiguration (org.infinispan.server.core.configuration.SslConfiguration)2
ChannelPipeline (io.netty.channel.ChannelPipeline)1
ApplicationProtocolConfig (io.netty.handler.ssl.ApplicationProtocolConfig)1
JdkSslContext (io.netty.handler.ssl.JdkSslContext)1
SniHandler (io.netty.handler.ssl.SniHandler)1
DomainNameMappingBuilder (io.netty.util.DomainNameMappingBuilder)1
SSLContext (javax.net.ssl.SSLContext)1
SSLEngine (javax.net.ssl.SSLEngine)1
SslContextFactory (org.infinispan.commons.util.SslContextFactory)1
HotRodClient (org.infinispan.server.hotrod.test.HotRodClient)1
