Example usage for io.vertx.core.net JksOptions setPassword

List of usage examples for io.vertx.core.net JksOptions setPassword

  1. HOME
  2. Java
  3. io.vertx
  4. io.vertx.core.net.*
  5. JksOptions
  6. setPassword

Introduction

In this page you can find the example usage for io.vertx.core.net JksOptions setPassword.

Prototype

public JksOptions setPassword(String password)

Source Link

Document

Set the password for the key store

Usage

From source file:io.advantageous.qbit.vertx.http.server.HttpServerVertx.java

License:Apache License

@Override
public void startWithNotify(final Runnable runnable) {

    simpleHttpServer.start();//from  w ww. java2 s  .  c o  m

    if (debug) {
        vertx.setPeriodic(10_000,
                event -> logger.info("Exception Count {} Close Count {}", exceptionCount, closeCount));
    }

    final io.vertx.core.http.HttpServerOptions vertxOptions = new io.vertx.core.http.HttpServerOptions();

    vertxOptions.setTcpNoDelay(options.isTcpNoDelay());
    vertxOptions.setSoLinger(options.getSoLinger());
    vertxOptions.setUsePooledBuffers(options.isUsePooledBuffers());
    vertxOptions.setReuseAddress(options.isReuseAddress());
    vertxOptions.setAcceptBacklog(options.getAcceptBackLog());
    vertxOptions.setTcpKeepAlive(options.isKeepAlive());
    vertxOptions.setCompressionSupported(options.isCompressionSupport());
    vertxOptions.setMaxWebsocketFrameSize(options.getMaxWebSocketFrameSize());
    vertxOptions.setSsl(options.isSsl());

    final JksOptions jksOptions = new JksOptions();
    jksOptions.setPath(options.getTrustStorePath());
    jksOptions.setPassword(options.getTrustStorePassword());

    vertxOptions.setTrustStoreOptions(jksOptions);
    httpServer = vertx.createHttpServer(vertxOptions);
    httpServer.websocketHandler(this::handleWebSocketMessage);
    httpServer.requestHandler(this::handleHttpRequest);

    if (Str.isEmpty(host)) {
        httpServer.listen(port, event -> {
            if (event.failed()) {
                logger.error("HTTP SERVER unable to start on port " + port + " default host ");
                simpleHttpServer.getErrorHandler().accept(event.cause());
            } else {

                if (runnable != null) {
                    runnable.run();
                }
                logger.info("HTTP SERVER started on port " + port + " default host ");
                simpleHttpServer.getOnStart().run();
            }
        });
    } else {
        httpServer.listen(port, host, event -> {
            if (event.failed()) {
                logger.error("HTTP SERVER UNABLE to START on port " + port + " host " + host);
                simpleHttpServer.getErrorHandler().accept(event.cause());
            } else {

                if (runnable != null)
                    runnable.run();
                logger.info("HTTP SERVER started on port " + port + " host " + host);
                simpleHttpServer.getOnStart().run();
            }
        });
    }

}

From source file:io.gravitee.gateway.http.connector.VertxHttpClient.java

License:Apache License

@Override
protected void doStart() throws Exception {
    httpClientOptions = new HttpClientOptions();

    httpClientOptions.setPipelining(endpoint.getHttpClientOptions().isPipelining());
    httpClientOptions.setKeepAlive(endpoint.getHttpClientOptions().isKeepAlive());
    httpClientOptions.setIdleTimeout((int) (endpoint.getHttpClientOptions().getIdleTimeout() / 1000));
    httpClientOptions.setConnectTimeout((int) endpoint.getHttpClientOptions().getConnectTimeout());
    httpClientOptions.setUsePooledBuffers(true);
    httpClientOptions.setMaxPoolSize(endpoint.getHttpClientOptions().getMaxConcurrentConnections());
    httpClientOptions.setTryUseCompression(endpoint.getHttpClientOptions().isUseCompression());
    httpClientOptions.setLogActivity(true);

    // Configure proxy
    HttpProxy proxy = endpoint.getHttpProxy();
    if (proxy != null && proxy.isEnabled()) {
        ProxyOptions proxyOptions = new ProxyOptions();
        proxyOptions.setHost(proxy.getHost());
        proxyOptions.setPort(proxy.getPort());
        proxyOptions.setUsername(proxy.getUsername());
        proxyOptions.setPassword(proxy.getPassword());
        proxyOptions.setType(ProxyType.valueOf(proxy.getType().name()));

        httpClientOptions.setProxyOptions(proxyOptions);
    }//  ww w .j a v  a 2s .co  m

    URI target = URI.create(endpoint.getTarget());
    HttpClientSslOptions sslOptions = endpoint.getHttpClientSslOptions();

    if (HTTPS_SCHEME.equalsIgnoreCase(target.getScheme())) {
        // Configure SSL
        httpClientOptions.setSsl(true);

        if (sslOptions != null) {
            httpClientOptions.setVerifyHost(sslOptions.isHostnameVerifier())
                    .setTrustAll(sslOptions.isTrustAll());

            // Client trust configuration
            if (!sslOptions.isTrustAll() && sslOptions.getTrustStore() != null) {
                switch (sslOptions.getTrustStore().getType()) {
                case PEM:
                    PEMTrustStore pemTrustStore = (PEMTrustStore) sslOptions.getTrustStore();
                    PemTrustOptions pemTrustOptions = new PemTrustOptions();
                    if (pemTrustStore.getPath() != null && !pemTrustStore.getPath().isEmpty()) {
                        pemTrustOptions.addCertPath(pemTrustStore.getPath());
                    } else if (pemTrustStore.getContent() != null && !pemTrustStore.getContent().isEmpty()) {
                        pemTrustOptions
                                .addCertValue(io.vertx.core.buffer.Buffer.buffer(pemTrustStore.getContent()));
                    } else {
                        throw new EndpointException(
                                "Missing PEM certificate value for endpoint " + endpoint.getName());
                    }
                    this.httpClientOptions.setPemTrustOptions(pemTrustOptions);
                    break;
                case PKCS12:
                    PKCS12TrustStore pkcs12TrustStore = (PKCS12TrustStore) sslOptions.getTrustStore();
                    PfxOptions pfxOptions = new PfxOptions();
                    pfxOptions.setPassword(pkcs12TrustStore.getPassword());
                    if (pkcs12TrustStore.getPath() != null && !pkcs12TrustStore.getPath().isEmpty()) {
                        pfxOptions.setPath(pkcs12TrustStore.getPath());
                    } else if (pkcs12TrustStore.getContent() != null
                            && !pkcs12TrustStore.getContent().isEmpty()) {
                        pfxOptions.setValue(io.vertx.core.buffer.Buffer.buffer(pkcs12TrustStore.getContent()));
                    } else {
                        throw new EndpointException("Missing PKCS12 value for endpoint " + endpoint.getName());
                    }
                    this.httpClientOptions.setPfxTrustOptions(pfxOptions);
                    break;
                case JKS:
                    JKSTrustStore jksTrustStore = (JKSTrustStore) sslOptions.getTrustStore();
                    JksOptions jksOptions = new JksOptions();
                    jksOptions.setPassword(jksTrustStore.getPassword());
                    if (jksTrustStore.getPath() != null && !jksTrustStore.getPath().isEmpty()) {
                        jksOptions.setPath(jksTrustStore.getPath());
                    } else if (jksTrustStore.getContent() != null && !jksTrustStore.getContent().isEmpty()) {
                        jksOptions.setValue(io.vertx.core.buffer.Buffer.buffer(jksTrustStore.getContent()));
                    } else {
                        throw new EndpointException("Missing JKS value for endpoint " + endpoint.getName());
                    }
                    this.httpClientOptions.setTrustStoreOptions(jksOptions);
                    break;
                }
            }

            // Client authentication configuration
            if (sslOptions.getKeyStore() != null) {
                switch (sslOptions.getKeyStore().getType()) {
                case PEM:
                    PEMKeyStore pemKeyStore = (PEMKeyStore) sslOptions.getKeyStore();
                    PemKeyCertOptions pemKeyCertOptions = new PemKeyCertOptions();
                    if (pemKeyStore.getCertPath() != null && !pemKeyStore.getCertPath().isEmpty()) {
                        pemKeyCertOptions.setCertPath(pemKeyStore.getCertPath());
                    } else if (pemKeyStore.getCertContent() != null
                            && !pemKeyStore.getCertContent().isEmpty()) {
                        pemKeyCertOptions
                                .setCertValue(io.vertx.core.buffer.Buffer.buffer(pemKeyStore.getCertContent()));
                    }
                    if (pemKeyStore.getKeyPath() != null && !pemKeyStore.getKeyPath().isEmpty()) {
                        pemKeyCertOptions.setKeyPath(pemKeyStore.getKeyPath());
                    } else if (pemKeyStore.getKeyContent() != null && !pemKeyStore.getKeyContent().isEmpty()) {
                        pemKeyCertOptions
                                .setKeyValue(io.vertx.core.buffer.Buffer.buffer(pemKeyStore.getKeyContent()));
                    }
                    this.httpClientOptions.setPemKeyCertOptions(pemKeyCertOptions);
                    break;
                case PKCS12:
                    PKCS12KeyStore pkcs12KeyStore = (PKCS12KeyStore) sslOptions.getKeyStore();
                    PfxOptions pfxOptions = new PfxOptions();
                    pfxOptions.setPassword(pkcs12KeyStore.getPassword());
                    if (pkcs12KeyStore.getPath() != null && !pkcs12KeyStore.getPath().isEmpty()) {
                        pfxOptions.setPath(pkcs12KeyStore.getPath());
                    } else if (pkcs12KeyStore.getContent() != null && !pkcs12KeyStore.getContent().isEmpty()) {
                        pfxOptions.setValue(io.vertx.core.buffer.Buffer.buffer(pkcs12KeyStore.getContent()));
                    }
                    this.httpClientOptions.setPfxKeyCertOptions(pfxOptions);
                    break;
                case JKS:
                    JKSKeyStore jksKeyStore = (JKSKeyStore) sslOptions.getKeyStore();
                    JksOptions jksOptions = new JksOptions();
                    jksOptions.setPassword(jksKeyStore.getPassword());
                    if (jksKeyStore.getPath() != null && !jksKeyStore.getPath().isEmpty()) {
                        jksOptions.setPath(jksKeyStore.getPath());
                    } else if (jksKeyStore.getContent() != null && !jksKeyStore.getContent().isEmpty()) {
                        jksOptions.setValue(io.vertx.core.buffer.Buffer.buffer(jksKeyStore.getContent()));
                    }
                    this.httpClientOptions.setKeyStoreOptions(jksOptions);
                    break;
                }
            }
        }
    }

    printHttpClientConfiguration(httpClientOptions);
}

From source file:io.gravitee.gateway.services.healthcheck.http.HttpEndpointRuleHandler.java

License:Apache License

@Override
public void handle(Long timer) {
    HttpEndpoint endpoint = (HttpEndpoint) rule.endpoint();

    logger.debug("Running health-check for endpoint: {} [{}]", endpoint.getName(), endpoint.getTarget());

    // Run request for each step
    for (io.gravitee.definition.model.services.healthcheck.Step step : rule.steps()) {
        try {/*w ww. j a  v  a2  s .c  o m*/
            URI hcRequestUri = create(endpoint.getTarget(), step.getRequest());

            // Prepare HTTP client
            HttpClientOptions httpClientOptions = new HttpClientOptions().setMaxPoolSize(1).setKeepAlive(false)
                    .setTcpKeepAlive(false);

            if (endpoint.getHttpClientOptions() != null) {
                httpClientOptions
                        .setIdleTimeout((int) (endpoint.getHttpClientOptions().getIdleTimeout() / 1000))
                        .setConnectTimeout((int) endpoint.getHttpClientOptions().getConnectTimeout())
                        .setTryUseCompression(endpoint.getHttpClientOptions().isUseCompression());
            }

            // Configure HTTP proxy
            HttpProxy proxy = endpoint.getHttpProxy();
            if (proxy != null && proxy.isEnabled()) {
                ProxyOptions proxyOptions = new ProxyOptions().setHost(proxy.getHost()).setPort(proxy.getPort())
                        .setUsername(proxy.getUsername()).setPassword(proxy.getPassword())
                        .setType(ProxyType.valueOf(proxy.getType().name()));

                httpClientOptions.setProxyOptions(proxyOptions);
            }

            HttpClientSslOptions sslOptions = endpoint.getHttpClientSslOptions();

            if (HTTPS_SCHEME.equalsIgnoreCase(hcRequestUri.getScheme())) {
                // Configure SSL
                httpClientOptions.setSsl(true);

                if (sslOptions != null) {
                    httpClientOptions.setVerifyHost(sslOptions.isHostnameVerifier())
                            .setTrustAll(sslOptions.isTrustAll());

                    // Client trust configuration
                    if (!sslOptions.isTrustAll() && sslOptions.getTrustStore() != null) {
                        switch (sslOptions.getTrustStore().getType()) {
                        case PEM:
                            PEMTrustStore pemTrustStore = (PEMTrustStore) sslOptions.getTrustStore();
                            PemTrustOptions pemTrustOptions = new PemTrustOptions();
                            if (pemTrustStore.getPath() != null && !pemTrustStore.getPath().isEmpty()) {
                                pemTrustOptions.addCertPath(pemTrustStore.getPath());
                            } else if (pemTrustStore.getContent() != null
                                    && !pemTrustStore.getContent().isEmpty()) {
                                pemTrustOptions.addCertValue(
                                        io.vertx.core.buffer.Buffer.buffer(pemTrustStore.getContent()));
                            } else {
                                throw new EndpointException(
                                        "Missing PEM certificate value for endpoint " + endpoint.getName());
                            }
                            httpClientOptions.setPemTrustOptions(pemTrustOptions);
                            break;
                        case PKCS12:
                            PKCS12TrustStore pkcs12TrustStore = (PKCS12TrustStore) sslOptions.getTrustStore();
                            PfxOptions pfxOptions = new PfxOptions();
                            pfxOptions.setPassword(pkcs12TrustStore.getPassword());
                            if (pkcs12TrustStore.getPath() != null && !pkcs12TrustStore.getPath().isEmpty()) {
                                pfxOptions.setPath(pkcs12TrustStore.getPath());
                            } else if (pkcs12TrustStore.getContent() != null
                                    && !pkcs12TrustStore.getContent().isEmpty()) {
                                pfxOptions.setValue(
                                        io.vertx.core.buffer.Buffer.buffer(pkcs12TrustStore.getContent()));
                            } else {
                                throw new EndpointException(
                                        "Missing PKCS12 value for endpoint " + endpoint.getName());
                            }
                            httpClientOptions.setPfxTrustOptions(pfxOptions);
                            break;
                        case JKS:
                            JKSTrustStore jksTrustStore = (JKSTrustStore) sslOptions.getTrustStore();
                            JksOptions jksOptions = new JksOptions();
                            jksOptions.setPassword(jksTrustStore.getPassword());
                            if (jksTrustStore.getPath() != null && !jksTrustStore.getPath().isEmpty()) {
                                jksOptions.setPath(jksTrustStore.getPath());
                            } else if (jksTrustStore.getContent() != null
                                    && !jksTrustStore.getContent().isEmpty()) {
                                jksOptions.setValue(
                                        io.vertx.core.buffer.Buffer.buffer(jksTrustStore.getContent()));
                            } else {
                                throw new EndpointException(
                                        "Missing JKS value for endpoint " + endpoint.getName());
                            }
                            httpClientOptions.setTrustStoreOptions(jksOptions);
                            break;
                        }
                    }

                    // Client authentication configuration
                    if (sslOptions.getKeyStore() != null) {
                        switch (sslOptions.getKeyStore().getType()) {
                        case PEM:
                            PEMKeyStore pemKeyStore = (PEMKeyStore) sslOptions.getKeyStore();
                            PemKeyCertOptions pemKeyCertOptions = new PemKeyCertOptions();
                            if (pemKeyStore.getCertPath() != null && !pemKeyStore.getCertPath().isEmpty()) {
                                pemKeyCertOptions.setCertPath(pemKeyStore.getCertPath());
                            } else if (pemKeyStore.getCertContent() != null
                                    && !pemKeyStore.getCertContent().isEmpty()) {
                                pemKeyCertOptions.setCertValue(
                                        io.vertx.core.buffer.Buffer.buffer(pemKeyStore.getCertContent()));
                            }
                            if (pemKeyStore.getKeyPath() != null && !pemKeyStore.getKeyPath().isEmpty()) {
                                pemKeyCertOptions.setKeyPath(pemKeyStore.getKeyPath());
                            } else if (pemKeyStore.getKeyContent() != null
                                    && !pemKeyStore.getKeyContent().isEmpty()) {
                                pemKeyCertOptions.setKeyValue(
                                        io.vertx.core.buffer.Buffer.buffer(pemKeyStore.getKeyContent()));
                            }
                            httpClientOptions.setPemKeyCertOptions(pemKeyCertOptions);
                            break;
                        case PKCS12:
                            PKCS12KeyStore pkcs12KeyStore = (PKCS12KeyStore) sslOptions.getKeyStore();
                            PfxOptions pfxOptions = new PfxOptions();
                            pfxOptions.setPassword(pkcs12KeyStore.getPassword());
                            if (pkcs12KeyStore.getPath() != null && !pkcs12KeyStore.getPath().isEmpty()) {
                                pfxOptions.setPath(pkcs12KeyStore.getPath());
                            } else if (pkcs12KeyStore.getContent() != null
                                    && !pkcs12KeyStore.getContent().isEmpty()) {
                                pfxOptions.setValue(
                                        io.vertx.core.buffer.Buffer.buffer(pkcs12KeyStore.getContent()));
                            }
                            httpClientOptions.setPfxKeyCertOptions(pfxOptions);
                            break;
                        case JKS:
                            JKSKeyStore jksKeyStore = (JKSKeyStore) sslOptions.getKeyStore();
                            JksOptions jksOptions = new JksOptions();
                            jksOptions.setPassword(jksKeyStore.getPassword());
                            if (jksKeyStore.getPath() != null && !jksKeyStore.getPath().isEmpty()) {
                                jksOptions.setPath(jksKeyStore.getPath());
                            } else if (jksKeyStore.getContent() != null
                                    && !jksKeyStore.getContent().isEmpty()) {
                                jksOptions
                                        .setValue(io.vertx.core.buffer.Buffer.buffer(jksKeyStore.getContent()));
                            }
                            httpClientOptions.setKeyStoreOptions(jksOptions);
                            break;
                        }
                    }
                }
            }

            HttpClient httpClient = vertx.createHttpClient(httpClientOptions);

            final int port = hcRequestUri.getPort() != -1 ? hcRequestUri.getPort()
                    : (HTTPS_SCHEME.equals(hcRequestUri.getScheme()) ? 443 : 80);

            String relativeUri = (hcRequestUri.getRawQuery() == null) ? hcRequestUri.getRawPath()
                    : hcRequestUri.getRawPath() + '?' + hcRequestUri.getRawQuery();

            // Run health-check
            HttpClientRequest healthRequest = httpClient.request(
                    HttpMethod.valueOf(step.getRequest().getMethod().name().toUpperCase()), port,
                    hcRequestUri.getHost(), relativeUri);

            // Set timeout on request
            if (endpoint.getHttpClientOptions() != null) {
                healthRequest.setTimeout(endpoint.getHttpClientOptions().getReadTimeout());
            }

            // Prepare request
            if (step.getRequest().getHeaders() != null) {
                step.getRequest().getHeaders().forEach(
                        httpHeader -> healthRequest.headers().set(httpHeader.getName(), httpHeader.getValue()));
            }

            final EndpointStatus.Builder healthBuilder = EndpointStatus
                    .forEndpoint(rule.api(), endpoint.getName()).on(currentTimeMillis());

            long startTime = currentTimeMillis();

            Request request = new Request();
            request.setMethod(step.getRequest().getMethod());
            request.setUri(hcRequestUri.toString());

            healthRequest.handler(response -> response.bodyHandler(buffer -> {
                long endTime = currentTimeMillis();
                logger.debug("Health-check endpoint returns a response with a {} status code",
                        response.statusCode());

                String body = buffer.toString();

                EndpointStatus.StepBuilder stepBuilder = validateAssertions(step,
                        new EvaluableHttpResponse(response, body));
                stepBuilder.request(request);
                stepBuilder.responseTime(endTime - startTime);

                Response healthResponse = new Response();
                healthResponse.setStatus(response.statusCode());

                // If validation fail, store request and response data
                if (!stepBuilder.isSuccess()) {
                    request.setBody(step.getRequest().getBody());

                    if (step.getRequest().getHeaders() != null) {
                        HttpHeaders reqHeaders = new HttpHeaders();
                        step.getRequest().getHeaders().forEach(httpHeader -> reqHeaders
                                .put(httpHeader.getName(), Collections.singletonList(httpHeader.getValue())));
                        request.setHeaders(reqHeaders);
                    }

                    // Extract headers
                    HttpHeaders headers = new HttpHeaders();
                    response.headers().names().forEach(
                            headerName -> headers.put(headerName, response.headers().getAll(headerName)));
                    healthResponse.setHeaders(headers);

                    // Store body
                    healthResponse.setBody(body);
                }

                stepBuilder.response(healthResponse);

                // Append step stepBuilder
                healthBuilder.step(stepBuilder.build());

                report(healthBuilder.build());

                // Close client
                httpClient.close();
            }));

            healthRequest.exceptionHandler(event -> {
                long endTime = currentTimeMillis();

                EndpointStatus.StepBuilder stepBuilder = EndpointStatus.forStep(step.getName());
                stepBuilder.fail(event.getMessage());

                Response healthResponse = new Response();

                // Extract request information
                request.setBody(step.getRequest().getBody());
                if (step.getRequest().getHeaders() != null) {
                    HttpHeaders reqHeaders = new HttpHeaders();
                    step.getRequest().getHeaders().forEach(httpHeader -> reqHeaders.put(httpHeader.getName(),
                            Collections.singletonList(httpHeader.getValue())));
                    request.setHeaders(reqHeaders);
                }

                if (event instanceof ConnectTimeoutException) {
                    stepBuilder.fail(event.getMessage());
                    healthResponse.setStatus(HttpStatusCode.REQUEST_TIMEOUT_408);
                } else {
                    healthResponse.setStatus(HttpStatusCode.SERVICE_UNAVAILABLE_503);
                }

                Step result = stepBuilder.build();
                result.setResponse(healthResponse);
                result.setRequest(request);

                result.setResponseTime(endTime - startTime);

                // Append step result
                healthBuilder.step(result);

                report(healthBuilder.build());

                try {
                    // Close client
                    httpClient.close();
                } catch (IllegalStateException ise) {
                    // Do not take care about exception when closing client
                }
            });

            // Send request
            logger.debug("Execute health-check request: {}", healthRequest);
            if (step.getRequest().getBody() != null && !step.getRequest().getBody().isEmpty()) {
                healthRequest.end(step.getRequest().getBody());
            } else {
                healthRequest.end();
            }
        } catch (EndpointException ee) {
            logger.error("An error occurs while configuring the endpoint " + endpoint.getName()
                    + ". Healthcheck is skipped for this endpoint.", ee);
        } catch (Exception ex) {
            logger.error("An unexpected error occurs", ex);
        }
    }
}

From source file:io.servicecomb.foundation.vertx.VertxTLSBuilder.java

License:Apache License

private static TCPSSLOptions buildTCPSSLOptions(SSLOption sslOption, SSLCustom sslCustom,
        TCPSSLOptions httpClientOptions) {
    httpClientOptions.setSsl(true);/* w  ww . jav  a2 s.c  o  m*/
    if (isFileExists(sslCustom.getFullPath(sslOption.getKeyStore()))) {
        if (STORE_PKCS12.equalsIgnoreCase(sslOption.getKeyStoreType())) {
            PfxOptions keyPfxOptions = new PfxOptions();
            keyPfxOptions.setPath(sslCustom.getFullPath(sslOption.getKeyStore()));
            keyPfxOptions.setPassword(new String(sslCustom.decode(sslOption.getKeyStoreValue().toCharArray())));
            httpClientOptions.setPfxKeyCertOptions(keyPfxOptions);
        } else if (STORE_JKS.equalsIgnoreCase(sslOption.getKeyStoreType())) {
            JksOptions keyJksOptions = new JksOptions();
            keyJksOptions.setPath(sslCustom.getFullPath(sslOption.getKeyStore()));
            keyJksOptions.setPassword(new String(sslCustom.decode(sslOption.getKeyStoreValue().toCharArray())));
            httpClientOptions.setKeyStoreOptions(keyJksOptions);
        } else {
            throw new IllegalArgumentException("invalid key store type.");
        }
    }

    if (isFileExists(sslCustom.getFullPath(sslOption.getTrustStore()))) {
        if (STORE_PKCS12.equalsIgnoreCase(sslOption.getTrustStoreType())) {
            PfxOptions trustPfxOptions = new PfxOptions();
            trustPfxOptions.setPath(sslCustom.getFullPath(sslOption.getTrustStore()));
            trustPfxOptions
                    .setPassword(new String(sslCustom.decode(sslOption.getTrustStoreValue().toCharArray())));
            httpClientOptions.setPfxTrustOptions(trustPfxOptions);
        } else if (STORE_JKS.equalsIgnoreCase(sslOption.getTrustStoreType())) {
            JksOptions trustJksOptions = new JksOptions();
            trustJksOptions.setPath(sslCustom.getFullPath(sslOption.getTrustStore()));
            trustJksOptions
                    .setPassword(new String(sslCustom.decode(sslOption.getTrustStoreValue().toCharArray())));
            httpClientOptions.setTrustStoreOptions(trustJksOptions);
        } else {
            throw new IllegalArgumentException("invalid trust store type.");
        }
    }

    for (String protocol : sslOption.getProtocols().split(",")) {
        httpClientOptions.addEnabledSecureTransportProtocol(protocol);
    }
    for (String cipher : SSLManager.getEnalbedCiphers(sslOption.getCiphers())) {
        httpClientOptions.addEnabledCipherSuite(cipher);
    }

    if (isFileExists(sslCustom.getFullPath(sslOption.getCrl()))) {
        httpClientOptions.addCrlPath(sslCustom.getFullPath(sslOption.getCrl()));
    }
    return httpClientOptions;
}

From source file:org.apache.servicecomb.foundation.vertx.VertxTLSBuilder.java

License:Apache License

private static TCPSSLOptions buildTCPSSLOptions(SSLOption sslOption, SSLCustom sslCustom,
        TCPSSLOptions tcpClientOptions) {
    tcpClientOptions.setSsl(true);/*from w ww  .j a  v  a  2s  . c om*/

    if (sslOption.getEngine().equalsIgnoreCase("openssl")) {
        OpenSSLEngineOptions options = new OpenSSLEngineOptions();
        options.setSessionCacheEnabled(true);
        tcpClientOptions.setOpenSslEngineOptions(new OpenSSLEngineOptions());
    }
    String fullKeyStore = sslCustom.getFullPath(sslOption.getKeyStore());
    if (isFileExists(fullKeyStore)) {
        if (STORE_PKCS12.equalsIgnoreCase(sslOption.getKeyStoreType())) {
            PfxOptions keyPfxOptions = new PfxOptions();
            keyPfxOptions.setPath(sslCustom.getFullPath(sslOption.getKeyStore()));
            keyPfxOptions.setPassword(new String(sslCustom.decode(sslOption.getKeyStoreValue().toCharArray())));
            tcpClientOptions.setPfxKeyCertOptions(keyPfxOptions);
        } else if (STORE_JKS.equalsIgnoreCase(sslOption.getKeyStoreType())) {
            JksOptions keyJksOptions = new JksOptions();
            keyJksOptions.setPath(sslCustom.getFullPath(sslOption.getKeyStore()));
            keyJksOptions.setPassword(new String(sslCustom.decode(sslOption.getKeyStoreValue().toCharArray())));
            tcpClientOptions.setKeyStoreOptions(keyJksOptions);
        } else {
            throw new IllegalArgumentException("invalid key store type.");
        }
    } else {
        LOGGER.warn("keyStore [" + fullKeyStore + "] file not exist, please check!");
    }
    String fullTrustStore = sslCustom.getFullPath(sslOption.getTrustStore());
    if (isFileExists(fullTrustStore)) {
        if (STORE_PKCS12.equalsIgnoreCase(sslOption.getTrustStoreType())) {
            PfxOptions trustPfxOptions = new PfxOptions();
            trustPfxOptions.setPath(sslCustom.getFullPath(sslOption.getTrustStore()));
            trustPfxOptions
                    .setPassword(new String(sslCustom.decode(sslOption.getTrustStoreValue().toCharArray())));
            tcpClientOptions.setPfxTrustOptions(trustPfxOptions);
        } else if (STORE_JKS.equalsIgnoreCase(sslOption.getTrustStoreType())) {
            JksOptions trustJksOptions = new JksOptions();
            trustJksOptions.setPath(sslCustom.getFullPath(sslOption.getTrustStore()));
            trustJksOptions
                    .setPassword(new String(sslCustom.decode(sslOption.getTrustStoreValue().toCharArray())));
            tcpClientOptions.setTrustStoreOptions(trustJksOptions);
        } else {
            throw new IllegalArgumentException("invalid trust store type.");
        }
    } else {
        LOGGER.warn("trustStore [" + fullTrustStore + "] file not exist, please check!");
    }

    tcpClientOptions.setEnabledSecureTransportProtocols(
            new HashSet<String>(Arrays.asList(sslOption.getProtocols().split(","))));

    for (String cipher : SSLManager.getEnalbedCiphers(sslOption.getCiphers())) {
        tcpClientOptions.addEnabledCipherSuite(cipher);
    }

    if (isFileExists(sslCustom.getFullPath(sslOption.getCrl()))) {
        tcpClientOptions.addCrlPath(sslCustom.getFullPath(sslOption.getCrl()));
    }
    return tcpClientOptions;
}