Example usage for io.vertx.core.net OpenSSLEngineOptions setSessionCacheEnabled

List of usage examples for io.vertx.core.net OpenSSLEngineOptions setSessionCacheEnabled

  1. HOME
  2. Java
  3. io.vertx
  4. io.vertx.core.net.*
  5. OpenSSLEngineOptions
  6. setSessionCacheEnabled

Introduction

In this page you can find the example usage for io.vertx.core.net OpenSSLEngineOptions setSessionCacheEnabled.

Prototype

public OpenSSLEngineOptions setSessionCacheEnabled(boolean sessionCacheEnabled)

Source Link

Document

Set whether session cache is enabled in open SSL session server context

Usage

From source file:org.apache.servicecomb.foundation.vertx.VertxTLSBuilder.java

License:Apache License

private static TCPSSLOptions buildTCPSSLOptions(SSLOption sslOption, SSLCustom sslCustom,
        TCPSSLOptions tcpClientOptions) {
    tcpClientOptions.setSsl(true);// ww  w  .  j a v  a  2s  . c  o m

    if (sslOption.getEngine().equalsIgnoreCase("openssl")) {
        OpenSSLEngineOptions options = new OpenSSLEngineOptions();
        options.setSessionCacheEnabled(true);
        tcpClientOptions.setOpenSslEngineOptions(new OpenSSLEngineOptions());
    }
    String fullKeyStore = sslCustom.getFullPath(sslOption.getKeyStore());
    if (isFileExists(fullKeyStore)) {
        if (STORE_PKCS12.equalsIgnoreCase(sslOption.getKeyStoreType())) {
            PfxOptions keyPfxOptions = new PfxOptions();
            keyPfxOptions.setPath(sslCustom.getFullPath(sslOption.getKeyStore()));
            keyPfxOptions.setPassword(new String(sslCustom.decode(sslOption.getKeyStoreValue().toCharArray())));
            tcpClientOptions.setPfxKeyCertOptions(keyPfxOptions);
        } else if (STORE_JKS.equalsIgnoreCase(sslOption.getKeyStoreType())) {
            JksOptions keyJksOptions = new JksOptions();
            keyJksOptions.setPath(sslCustom.getFullPath(sslOption.getKeyStore()));
            keyJksOptions.setPassword(new String(sslCustom.decode(sslOption.getKeyStoreValue().toCharArray())));
            tcpClientOptions.setKeyStoreOptions(keyJksOptions);
        } else {
            throw new IllegalArgumentException("invalid key store type.");
        }
    } else {
        LOGGER.warn("keyStore [" + fullKeyStore + "] file not exist, please check!");
    }
    String fullTrustStore = sslCustom.getFullPath(sslOption.getTrustStore());
    if (isFileExists(fullTrustStore)) {
        if (STORE_PKCS12.equalsIgnoreCase(sslOption.getTrustStoreType())) {
            PfxOptions trustPfxOptions = new PfxOptions();
            trustPfxOptions.setPath(sslCustom.getFullPath(sslOption.getTrustStore()));
            trustPfxOptions
                    .setPassword(new String(sslCustom.decode(sslOption.getTrustStoreValue().toCharArray())));
            tcpClientOptions.setPfxTrustOptions(trustPfxOptions);
        } else if (STORE_JKS.equalsIgnoreCase(sslOption.getTrustStoreType())) {
            JksOptions trustJksOptions = new JksOptions();
            trustJksOptions.setPath(sslCustom.getFullPath(sslOption.getTrustStore()));
            trustJksOptions
                    .setPassword(new String(sslCustom.decode(sslOption.getTrustStoreValue().toCharArray())));
            tcpClientOptions.setTrustStoreOptions(trustJksOptions);
        } else {
            throw new IllegalArgumentException("invalid trust store type.");
        }
    } else {
        LOGGER.warn("trustStore [" + fullTrustStore + "] file not exist, please check!");
    }

    tcpClientOptions.setEnabledSecureTransportProtocols(
            new HashSet<String>(Arrays.asList(sslOption.getProtocols().split(","))));

    for (String cipher : SSLManager.getEnalbedCiphers(sslOption.getCiphers())) {
        tcpClientOptions.addEnabledCipherSuite(cipher);
    }

    if (isFileExists(sslCustom.getFullPath(sslOption.getCrl()))) {
        tcpClientOptions.addCrlPath(sslCustom.getFullPath(sslOption.getCrl()));
    }
    return tcpClientOptions;
}