List of usage examples for io.netty.handler.ssl SslProvider JDK
SslProvider JDK
To view the source code for io.netty.handler.ssl SslProvider JDK.
Click Source Link
From source file:com.netty.fileTest.http.download.HttpStaticFileServer.java
License:Apache License
public static void main(String[] args) throws Exception { // Configure SSL. final SslContext sslCtx; if (SSL) {// ww w. ja v a 2s . c o m SelfSignedCertificate ssc = new SelfSignedCertificate(); sslCtx = SslContext.newServerContext(SslProvider.JDK, ssc.certificate(), ssc.privateKey()); } else { sslCtx = null; } EventLoopGroup bossGroup = new NioEventLoopGroup(1); EventLoopGroup workerGroup = new NioEventLoopGroup(); try { ServerBootstrap b = new ServerBootstrap(); b.group(bossGroup, workerGroup).channel(NioServerSocketChannel.class) .handler(new LoggingHandler(LogLevel.INFO)) .childHandler(new HttpStaticFileServerInitializer(sslCtx)); Channel ch = b.bind(PORT).sync().channel(); System.err.println("Open your web browser and navigate to " + (SSL ? "https" : "http") + "://127.0.0.1:" + PORT + '/'); ch.closeFuture().sync(); } finally { bossGroup.shutdownGracefully(); workerGroup.shutdownGracefully(); } }
From source file:com.relayrides.pushy.apns.ApnsClientBuilder.java
License:Open Source License
/** * Constructs a new {@link ApnsClient} with the previously-set configuration. * * @return a new ApnsClient instance with the previously-set configuration * * @throws SSLException if an SSL context could not be created for the new client for any reason * * @since 0.8//from w w w . ja v a 2 s . co m */ public ApnsClient build() throws SSLException { final SslContext sslContext; { final SslProvider sslProvider; if (this.preferredSslProvider != null) { sslProvider = this.preferredSslProvider; } else { if (OpenSsl.isAvailable()) { if (OpenSsl.isAlpnSupported()) { log.info("Native SSL provider is available and supports ALPN; will use native provider."); sslProvider = SslProvider.OPENSSL; } else { log.info( "Native SSL provider is available, but does not support ALPN; will use JDK SSL provider."); sslProvider = SslProvider.JDK; } } else { log.info("Native SSL provider not available; will use JDK SSL provider."); sslProvider = SslProvider.JDK; } } final SslContextBuilder sslContextBuilder = SslContextBuilder.forClient().sslProvider(sslProvider) .ciphers(Http2SecurityUtil.CIPHERS, SupportedCipherSuiteFilter.INSTANCE) .applicationProtocolConfig( new ApplicationProtocolConfig(Protocol.ALPN, SelectorFailureBehavior.NO_ADVERTISE, SelectedListenerFailureBehavior.ACCEPT, ApplicationProtocolNames.HTTP_2)); if (this.trustedServerCertificatePemFile != null) { sslContextBuilder.trustManager(this.trustedServerCertificatePemFile); } else if (this.trustedServerCertificateInputStream != null) { sslContextBuilder.trustManager(this.trustedServerCertificateInputStream); } else if (this.trustedServerCertificates != null) { sslContextBuilder.trustManager(this.trustedServerCertificates); } sslContext = sslContextBuilder.build(); } final ApnsClient apnsClient = new ApnsClient(sslContext, this.eventLoopGroup); apnsClient.setMetricsListener(this.metricsListener); apnsClient.setProxyHandlerFactory(this.proxyHandlerFactory); if (this.connectionTimeout != null) { apnsClient.setConnectionTimeout((int) this.connectionTimeoutUnit.toMillis(this.connectionTimeout)); } if (this.writeTimeout != null) { apnsClient.setWriteTimeout(this.writeTimeoutUnit.toMillis(this.writeTimeout)); } if (this.gracefulShutdownTimeout != null) { apnsClient.setGracefulShutdownTimeout( this.gracefulShutdownTimeoutUnit.toMillis(this.gracefulShutdownTimeout)); } return apnsClient; }
From source file:com.relayrides.pushy.apns.MockApnsServerBuilder.java
License:Open Source License
/** * Constructs a new {@link MockApnsServer} with the previously-set configuration. * * @return a new MockApnsServer instance with the previously-set configuration * * @throws SSLException if an SSL context could not be created for the new server for any reason * * @since 0.8/*from w ww . j a va 2s .c om*/ */ public MockApnsServer build() throws SSLException { final SslContext sslContext; { final SslProvider sslProvider; if (this.preferredSslProvider != null) { sslProvider = this.preferredSslProvider; } else { if (OpenSsl.isAvailable()) { if (OpenSsl.isAlpnSupported()) { log.info("Native SSL provider is available and supports ALPN; will use native provider."); sslProvider = SslProvider.OPENSSL; } else { log.info( "Native SSL provider is available, but does not support ALPN; will use JDK SSL provider."); sslProvider = SslProvider.JDK; } } else { log.info("Native SSL provider not available; will use JDK SSL provider."); sslProvider = SslProvider.JDK; } } final SslContextBuilder sslContextBuilder; if (this.certificateChain != null && this.privateKey != null) { sslContextBuilder = SslContextBuilder.forServer(this.privateKey, this.privateKeyPassword, this.certificateChain); } else if (this.certificateChainPemFile != null && this.privateKeyPkcs8File != null) { sslContextBuilder = SslContextBuilder.forServer(this.certificateChainPemFile, this.privateKeyPkcs8File, this.privateKeyPassword); } else if (this.certificateChainInputStream != null && this.privateKeyPkcs8InputStream != null) { sslContextBuilder = SslContextBuilder.forServer(this.certificateChainInputStream, this.privateKeyPkcs8InputStream, this.privateKeyPassword); } else { throw new IllegalStateException("Must specify server credentials before building a mock server."); } sslContextBuilder.sslProvider(sslProvider) .ciphers(Http2SecurityUtil.CIPHERS, SupportedCipherSuiteFilter.INSTANCE) .clientAuth(ClientAuth.OPTIONAL).applicationProtocolConfig( new ApplicationProtocolConfig(Protocol.ALPN, SelectorFailureBehavior.NO_ADVERTISE, SelectedListenerFailureBehavior.ACCEPT, ApplicationProtocolNames.HTTP_2)); sslContext = sslContextBuilder.build(); } final MockApnsServer server = new MockApnsServer(sslContext, this.eventLoopGroup); server.setEmulateInternalErrors(this.emulateInternalErrors); return server; }
From source file:com.sangupta.swift.netty.spdy.SpdyStaticFileServer.java
License:Apache License
public SpdyStaticFileServer(SwiftServer server) { if (server.isSpdyEnabled() && !server.isSslEnabled()) { throw new IllegalStateException("SPDY can only be enabled along with SSL"); }/*www .j a va2 s.c o m*/ if (server.isSslEnabled()) { if (server.isSelfSignedSSL()) { SelfSignedCertificate ssc; if (server.isSpdyEnabled()) { try { ssc = new SelfSignedCertificate(); this.sslContext = SslContext.newServerContext(ssc.certificate(), ssc.privateKey(), null, null, Arrays.asList(SelectedProtocol.SPDY_3_1.protocolName(), SelectedProtocol.HTTP_1_1.protocolName()), 0, 0); } catch (CertificateException e) { throw new RuntimeException("Unable to initialize self-signed SSL certificate"); } catch (SSLException e) { throw new RuntimeException("Unable to initialize self-signed SSL certificate"); } } else { // basic self signed cert try { ssc = new SelfSignedCertificate(); this.sslContext = SslContext.newServerContext(SslProvider.JDK, ssc.certificate(), ssc.privateKey()); } catch (CertificateException e) { e.printStackTrace(); throw new RuntimeException("Unable to initialize self-signed SSL certificate"); } catch (SSLException e) { e.printStackTrace(); throw new RuntimeException("Unable to initialize self-signed SSL certificate"); } } } } else { this.sslContext = null; } this.bossGroup = new NioEventLoopGroup(1); this.workerGroup = new NioEventLoopGroup(); try { this.serverBootstrap = new ServerBootstrap(); if (server.isSpdyEnabled()) { this.serverBootstrap.option(ChannelOption.SO_BACKLOG, 1024); } SpdyStaticFileServerHandler fileServerHandler = new SpdyStaticFileServerHandler(server); this.serverBootstrap.group(this.bossGroup, this.workerGroup).channel(NioServerSocketChannel.class) .childHandler(new SpdyStaticFileServerInitializer(this.sslContext, fileServerHandler)); if (AssertUtils.isNotEmpty(server.getServerName())) { this.channel = this.serverBootstrap.bind(server.getServerName(), server.getListenPort()).sync() .channel(); } else { this.channel = this.serverBootstrap.bind(server.getListenPort()).sync().channel(); } System.out.println("Listening on port " + server.getListenPort()); this.channel.closeFuture().sync(); } catch (InterruptedException e) { // TODO: think what we can do with this } finally { this.shutdownGracefully(); } }
From source file:com.tongtech.tis.fsc.TisFscServer.java
License:Apache License
public static void main(String[] args) throws Exception { // Configure SSL. final SslContext sslCtx; if (SSL) {// www . ja va2 s .c o m SelfSignedCertificate ssc = new SelfSignedCertificate(); sslCtx = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey()).sslProvider(SslProvider.JDK) .build(); } else { sslCtx = null; } EventLoopGroup bossGroup = new NioEventLoopGroup(1); EventLoopGroup workerGroup = new NioEventLoopGroup(); try { ServerBootstrap b = new ServerBootstrap(); b.group(bossGroup, workerGroup).channel(NioServerSocketChannel.class) .handler(new LoggingHandler(LogLevel.INFO)).childHandler(new TisFscServerInitializer(sslCtx)); Channel ch = b.bind(PORT).sync().channel(); System.err.println("Open your web browser and navigate to " + (SSL ? "https" : "http") + "://127.0.0.1:" + PORT + '/'); ch.closeFuture().sync(); } finally { bossGroup.shutdownGracefully(); workerGroup.shutdownGracefully(); } }
From source file:com.topsec.bdc.platform.api.test.http.file.HttpStaticFileServer.java
License:Apache License
public static void main(String[] args) throws Exception { // Configure SSL. final SslContext sslCtx; if (SSL) {// w w w . ja v a2s. c om SelfSignedCertificate ssc = new SelfSignedCertificate(); sslCtx = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey()).sslProvider(SslProvider.JDK) .build(); } else { sslCtx = null; } EventLoopGroup bossGroup = new NioEventLoopGroup(1); EventLoopGroup workerGroup = new NioEventLoopGroup(); try { ServerBootstrap b = new ServerBootstrap(); b.group(bossGroup, workerGroup).channel(NioServerSocketChannel.class) .handler(new LoggingHandler(LogLevel.INFO)) .childHandler(new HttpStaticFileServerInitializer(sslCtx)); Channel ch = b.bind(PORT).sync().channel(); System.err.println("Open your web browser and navigate to " + (SSL ? "https" : "http") + "://127.0.0.1:" + PORT + '/'); ch.closeFuture().sync(); } finally { bossGroup.shutdownGracefully(); workerGroup.shutdownGracefully(); } }
From source file:com.turo.pushy.apns.ApnsClientBuilder.java
License:Open Source License
/** * Constructs a new {@link ApnsClient} with the previously-set configuration. * * @return a new ApnsClient instance with the previously-set configuration * * @throws SSLException if an SSL context could not be created for the new client for any reason * @throws IllegalStateException if this method is called without specifying an APNs server address, if this method * is called without providing TLS credentials or a signing key, or if this method is called with both TLS * credentials and a signing key/* www . j a v a 2 s . c om*/ * * @since 0.8 */ public ApnsClient build() throws SSLException { if (this.apnsServerAddress == null) { throw new IllegalStateException("No APNs server address specified."); } if (this.clientCertificate == null && this.privateKey == null && this.signingKey == null) { throw new IllegalStateException("No client credentials specified; either TLS credentials (a " + "certificate/private key) or an APNs signing key must be provided before building a client."); } else if ((this.clientCertificate != null || this.privateKey != null) && this.signingKey != null) { throw new IllegalStateException("Clients may not have both a signing key and TLS credentials."); } final SslContext sslContext; { final SslProvider sslProvider; if (OpenSsl.isAvailable()) { log.info("Native SSL provider is available; will use native provider."); sslProvider = SslProvider.OPENSSL_REFCNT; } else { log.info("Native SSL provider not available; will use JDK SSL provider."); sslProvider = SslProvider.JDK; } final SslContextBuilder sslContextBuilder = SslContextBuilder.forClient().sslProvider(sslProvider) .ciphers(Http2SecurityUtil.CIPHERS, SupportedCipherSuiteFilter.INSTANCE); if (this.clientCertificate != null && this.privateKey != null) { sslContextBuilder.keyManager(this.privateKey, this.privateKeyPassword, this.clientCertificate); } if (this.trustedServerCertificatePemFile != null) { sslContextBuilder.trustManager(this.trustedServerCertificatePemFile); } else if (this.trustedServerCertificateInputStream != null) { sslContextBuilder.trustManager(this.trustedServerCertificateInputStream); } else if (this.trustedServerCertificates != null) { sslContextBuilder.trustManager(this.trustedServerCertificates); } sslContext = sslContextBuilder.build(); } final ApnsClient client = new ApnsClient(this.apnsServerAddress, sslContext, this.signingKey, this.proxyHandlerFactory, this.connectionTimeoutMillis, this.idlePingIntervalMillis, this.gracefulShutdownTimeoutMillis, this.concurrentConnections, this.metricsListener, this.frameLogger, this.eventLoopGroup); if (sslContext instanceof ReferenceCounted) { ((ReferenceCounted) sslContext).release(); } return client; }
From source file:com.turo.pushy.apns.BenchmarkApnsServer.java
License:Open Source License
public BenchmarkApnsServer(final InputStream certificateChainInputStream, final InputStream privateKeyPkcs8InputStream, final NioEventLoopGroup eventLoopGroup) throws SSLException { final SslContext sslContext; {/* www .ja va2 s .c o m*/ final SslProvider sslProvider; if (OpenSsl.isAvailable()) { if (OpenSsl.isAlpnSupported()) { sslProvider = SslProvider.OPENSSL; } else { sslProvider = SslProvider.JDK; } } else { sslProvider = SslProvider.JDK; } sslContext = SslContextBuilder.forServer(certificateChainInputStream, privateKeyPkcs8InputStream, null) .sslProvider(sslProvider) .ciphers(Http2SecurityUtil.CIPHERS, SupportedCipherSuiteFilter.INSTANCE) .clientAuth(ClientAuth.OPTIONAL) .applicationProtocolConfig( new ApplicationProtocolConfig(ApplicationProtocolConfig.Protocol.ALPN, ApplicationProtocolConfig.SelectorFailureBehavior.NO_ADVERTISE, ApplicationProtocolConfig.SelectedListenerFailureBehavior.ACCEPT, ApplicationProtocolNames.HTTP_2)) .build(); } this.bootstrap = new ServerBootstrap(); this.bootstrap.group(eventLoopGroup); this.bootstrap.channel(NioServerSocketChannel.class); this.bootstrap.childHandler(new ChannelInitializer<SocketChannel>() { @Override protected void initChannel(final SocketChannel channel) throws Exception { final SslHandler sslHandler = sslContext.newHandler(channel.alloc()); channel.pipeline().addLast(sslHandler); channel.pipeline() .addLast(new ApplicationProtocolNegotiationHandler(ApplicationProtocolNames.HTTP_1_1) { @Override protected void configurePipeline(final ChannelHandlerContext context, final String protocol) throws Exception { if (ApplicationProtocolNames.HTTP_2.equals(protocol)) { context.pipeline().addLast( new BenchmarkApnsServerHandler.BenchmarkApnsServerHandlerBuilder() .initialSettings(new Http2Settings() .maxConcurrentStreams(MAX_CONCURRENT_STREAMS)) .build()); BenchmarkApnsServer.this.allChannels.add(context.channel()); } else { throw new IllegalStateException("Unexpected protocol: " + protocol); } } }); } }); }
From source file:com.turo.pushy.apns.server.BaseHttp2ServerBuilder.java
License:Open Source License
/** * Constructs a new server with the previously-set configuration. * * @return a new server instance with the previously-set configuration * * @throws SSLException if an SSL context could not be created for the new server for any reason * * @since 0.8//from w ww .j a v a2 s . c o m */ public T build() throws SSLException { final SslContext sslContext; { final SslProvider sslProvider; if (OpenSsl.isAvailable()) { log.info("Native SSL provider is available; will use native provider."); sslProvider = SslProvider.OPENSSL; } else { log.info("Native SSL provider not available; will use JDK SSL provider."); sslProvider = SslProvider.JDK; } final SslContextBuilder sslContextBuilder; if (this.certificateChain != null && this.privateKey != null) { sslContextBuilder = SslContextBuilder.forServer(this.privateKey, this.privateKeyPassword, this.certificateChain); } else if (this.certificateChainPemFile != null && this.privateKeyPkcs8File != null) { sslContextBuilder = SslContextBuilder.forServer(this.certificateChainPemFile, this.privateKeyPkcs8File, this.privateKeyPassword); } else if (this.certificateChainInputStream != null && this.privateKeyPkcs8InputStream != null) { sslContextBuilder = SslContextBuilder.forServer(this.certificateChainInputStream, this.privateKeyPkcs8InputStream, this.privateKeyPassword); } else { throw new IllegalStateException("Must specify server credentials before building a mock server."); } sslContextBuilder.sslProvider(sslProvider) .ciphers(Http2SecurityUtil.CIPHERS, SupportedCipherSuiteFilter.INSTANCE) .clientAuth(ClientAuth.OPTIONAL); if (this.trustedClientCertificatePemFile != null) { sslContextBuilder.trustManager(this.trustedClientCertificatePemFile); } else if (this.trustedClientCertificateInputStream != null) { sslContextBuilder.trustManager(this.trustedClientCertificateInputStream); } else if (this.trustedClientCertificates != null) { sslContextBuilder.trustManager(this.trustedClientCertificates); } if (this.useAlpn) { sslContextBuilder.applicationProtocolConfig( new ApplicationProtocolConfig(ApplicationProtocolConfig.Protocol.ALPN, ApplicationProtocolConfig.SelectorFailureBehavior.NO_ADVERTISE, ApplicationProtocolConfig.SelectedListenerFailureBehavior.ACCEPT, ApplicationProtocolNames.HTTP_2)); } sslContext = sslContextBuilder.build(); } final T server = this.constructServer(sslContext); if (sslContext instanceof ReferenceCounted) { ((ReferenceCounted) sslContext).release(); } return server; }
From source file:com.turo.pushy.apns.SslUtil.java
License:Open Source License
/** * Selects an SSL provider based on the availability of of an ALPN-capable native provider. * * @return an ALPN-capable native SSL provider if available, or else the JDK SSL provider *//*from ww w.j a v a 2 s. c om*/ public static SslProvider getSslProvider() { final SslProvider sslProvider; if (OpenSsl.isAvailable()) { if (OpenSsl.isAlpnSupported()) { log.info("Native SSL provider is available and supports ALPN; will use native provider."); sslProvider = SslProvider.OPENSSL; } else { log.info("Native SSL provider is available, but does not support ALPN; will use JDK SSL provider."); sslProvider = SslProvider.JDK; } } else { log.info("Native SSL provider not available; will use JDK SSL provider."); sslProvider = SslProvider.JDK; } return sslProvider; }