List of usage examples for io.vertx.core.http HttpServerOptions setAlpnVersions
public HttpServerOptions setAlpnVersions(List<HttpVersion> alpnVersions)
From source file:io.nitor.api.backend.tls.SetupHttpServerOptions.java
License:Apache License
public static HttpServerOptions createHttpServerOptions(JsonObject config) { JsonObject tls = config.getJsonObject("tls"); HttpServerOptions httpOptions = new HttpServerOptions() // basic TCP/HTTP options .setReuseAddress(true).setCompressionSupported(false) // otherwise it automatically compresses based on response headers even if pre-compressed with e.g. proxy .setUsePooledBuffers(true).setCompressionLevel(2) .setIdleTimeout(config.getInteger("idleTimeout", (int) MINUTES.toSeconds(10))); if (!config.getBoolean("http2", true)) { httpOptions.setAlpnVersions(asList(HTTP_1_1)); }//from w w w .j a v a2 s. c o m if (tls != null) { httpOptions.setSsl(true) // server side certificate .setPemKeyCertOptions(new PemKeyCertOptions().setKeyPath(tls.getString("serverKey")) .setCertPath(tls.getString("serverCert"))) // TLS tuning .addEnabledSecureTransportProtocol("TLSv1.2").addEnabledSecureTransportProtocol("TLSv1.3"); JsonObject clientAuth = config.getJsonObject("clientAuth"); if (httpOptions.isSsl() && clientAuth != null && clientAuth.getString("clientChain") != null) { // client side certificate httpOptions.setClientAuth(REQUEST) .setTrustOptions(new PemTrustOptions().addCertPath(clientAuth.getString("clientChain"))); } if (TRUE.equals(config.getBoolean("useNativeOpenSsl"))) { httpOptions.setUseAlpn(true).setSslEngineOptions(new OpenSSLEngineOptions()); cipherSuites.stream().map(SetupHttpServerOptions::javaCipherNameToOpenSSLName) .forEach(httpOptions::addEnabledCipherSuite); } else { httpOptions.setUseAlpn(DynamicAgent.enableJettyAlpn()) .setJdkSslEngineOptions(new JdkSSLEngineOptions()); cipherSuites.forEach(httpOptions::addEnabledCipherSuite); } } return httpOptions; }