List of usage examples for io.vertx.core.net PemTrustOptions PemTrustOptions
public PemTrustOptions()
From source file:com.hurence.logisland.engine.vanilla.stream.amqp.AmqpClientPipelineStream.java
License:Apache License
private CompletableFuture<ProtonConnection> setupConnection() { CompletableFuture<ProtonConnection> completableFuture = new CompletableFuture<>(); String hostname = streamContext.getPropertyValue(StreamOptions.CONNECTION_HOST).asString(); int port = streamContext.getPropertyValue(StreamOptions.CONNECTION_PORT).asInteger(); int credits = streamContext.getPropertyValue(StreamOptions.LINK_CREDITS).asInteger(); String user = streamContext.getPropertyValue(StreamOptions.CONNECTION_AUTH_USERNAME).asString(); String password = streamContext.getPropertyValue(StreamOptions.CONNECTION_AUTH_PASSWORD).asString(); if (user != null && password != null) { options.addEnabledSaslMechanism("PLAIN"); } else if (streamContext.getPropertyValue(StreamOptions.CONNECTION_AUTH_TLS_CERT).isSet()) { String tlsCert = streamContext.getPropertyValue(StreamOptions.CONNECTION_AUTH_TLS_CERT).asString(); String tlsKey = streamContext.getPropertyValue(StreamOptions.CONNECTION_AUTH_TLS_KEY).asString(); String caCert = streamContext.getPropertyValue(StreamOptions.CONNECTION_AUTH_CA_CERT).asString(); options.addEnabledSaslMechanism("EXTERNAL").setHostnameVerificationAlgorithm("") .setPemKeyCertOptions(new PemKeyCertOptions().addCertPath(new File(tlsCert).getAbsolutePath()) .addKeyPath(new File(tlsKey).getAbsolutePath())); if (caCert != null) { options.setPemTrustOptions(new PemTrustOptions().addCertPath(new File(caCert).getAbsolutePath())); }// www.j ava 2 s . co m } protonClient.connect(options, hostname, port, user, password, event -> { if (event.failed()) { handleConnectionFailure(false); completableFuture.completeExceptionally(event.cause()); return; } connectionControl.connected(); completableFuture.complete(event.result()); protonConnection = event.result(); String containerId = streamContext.getPropertyValue(StreamOptions.CONTAINER_ID).asString(); if (containerId != null) { protonConnection.setContainer(containerId); } protonConnection.closeHandler(x -> { handleConnectionFailure(true); }).disconnectHandler(x -> { handleConnectionFailure(false); }).openHandler(onOpen -> { //setup the output path sender = protonConnection .createSender(streamContext.getPropertyValue(StreamOptions.WRITE_TOPIC).asString()); sender.setAutoDrained(true); sender.setAutoSettle(true); sender.open(); //setup the input path receiver = protonConnection .createReceiver(streamContext.getPropertyValue(StreamOptions.READ_TOPIC).asString()); receiver.setPrefetch(credits); receiver.handler((delivery, message) -> { try { Record record; if (deserializer == null) { record = RecordUtils.getKeyValueRecord( StringUtils.defaultIfEmpty(message.getSubject(), ""), new String(extractBodyContent(message.getBody()))); } else { record = deserializer .deserialize(new ByteArrayInputStream(extractBodyContent(message.getBody()))); if (!record.hasField(FieldDictionary.RECORD_KEY)) { record.setField(FieldDictionary.RECORD_KEY, FieldType.STRING, message.getSubject()); } } Collection<Record> r = Collections.singleton(record); for (ProcessContext processContext : streamContext.getProcessContexts()) { r = processContext.getProcessor().process(processContext, r); } List<Message> toAdd = new ArrayList<>(); for (Record out : r) { ByteArrayOutputStream byteOutputStream = new ByteArrayOutputStream(); serializer.serialize(byteOutputStream, out); Message mo = ProtonHelper.message(); if (out.hasField(FieldDictionary.RECORD_KEY)) { mo.setSubject(out.getField(FieldDictionary.RECORD_KEY).asString()); } if (StringUtils.isNotBlank(contentType)) { mo.setContentType(contentType); } mo.setMessageId(out.getId()); mo.setBody(new Data(Binary.create(ByteBuffer.wrap(byteOutputStream.toByteArray())))); toAdd.add(mo); } toAdd.forEach(sender::send); delivery.disposition(Accepted.getInstance(), true); } catch (Exception e) { Rejected rejected = new Rejected(); delivery.disposition(rejected, true); getLogger().warn("Unable to process message : " + e.getMessage()); } }).open(); }).open(); }); return completableFuture; }
From source file:examples.ConfigVaultExamples.java
License:Apache License
public void exampleWithCerts(Vertx vertx) { JsonObject vault_config = new JsonObject(); // .../*w w w. j a va2 s . c o m*/ PemKeyCertOptions certs = new PemKeyCertOptions().addCertPath("target/vault/config/ssl/client-cert.pem") .addKeyPath("target/vault/config/ssl/client-privatekey.pem"); vault_config.put("pemKeyCertOptions", certs.toJson()); PemTrustOptions trust = new PemTrustOptions().addCertPath("target/vault/config/ssl/cert.pem"); vault_config.put("pemTrustStoreOptions", trust.toJson()); JksOptions jks = new JksOptions().setPath("target/vault/config/ssl/truststore.jks"); vault_config.put("trustStoreOptions", jks.toJson()); vault_config.put("auth-backend", "cert"); // Path to the secret to read. vault_config.put("path", "secret/my-secret"); ConfigStoreOptions store = new ConfigStoreOptions().setType("vault").setConfig(vault_config); ConfigRetriever retriever = ConfigRetriever.create(vertx, new ConfigRetrieverOptions().addStore(store)); }
From source file:examples.MySQLClientExamples.java
public void tlsExample(Vertx vertx) { MySQLConnectOptions options = new MySQLConnectOptions().setPort(3306).setHost("the-host") .setDatabase("the-db").setUser("user").setPassword("secret").setSslMode(SslMode.VERIFY_CA) .setPemTrustOptions(new PemTrustOptions().addCertPath("/path/to/cert.pem")); MySQLConnection.connect(vertx, options, res -> { if (res.succeeded()) { // Connected with SSL } else {//from www. j a v a 2s.c o m System.out.println("Could not connect " + res.cause()); } }); }
From source file:examples.NetExamples.java
License:Open Source License
public void example27(Vertx vertx) { NetServerOptions options = new NetServerOptions().setSsl(true).setClientAuth(ClientAuth.REQUIRED) .setPemTrustOptions(new PemTrustOptions().addCertPath("/path/to/your/server-ca.pem")); NetServer server = vertx.createNetServer(options); }
From source file:examples.NetExamples.java
License:Open Source License
public void example28(Vertx vertx) { Buffer myCaAsABuffer = vertx.fileSystem().readFileBlocking("/path/to/your/server-ca.pfx"); NetServerOptions options = new NetServerOptions().setSsl(true).setClientAuth(ClientAuth.REQUIRED) .setPemTrustOptions(new PemTrustOptions().addCertValue(myCaAsABuffer)); NetServer server = vertx.createNetServer(options); }
From source file:examples.NetExamples.java
License:Open Source License
public void example34(Vertx vertx) { NetClientOptions options = new NetClientOptions().setSsl(true) .setPemTrustOptions(new PemTrustOptions().addCertPath("/path/to/your/ca-cert.pem")); NetClient client = vertx.createNetClient(options); }
From source file:examples.NetExamples.java
License:Open Source License
public void example35(Vertx vertx) { Buffer myTrustStoreAsABuffer = vertx.fileSystem().readFileBlocking("/path/to/your/ca-cert.pem"); NetClientOptions options = new NetClientOptions().setSsl(true) .setPemTrustOptions(new PemTrustOptions().addCertValue(myTrustStoreAsABuffer)); NetClient client = vertx.createNetClient(options); }
From source file:examples.PgClientExamples.java
License:Apache License
public void ex10(Vertx vertx) { PgConnectOptions options = new PgConnectOptions().setPort(5432).setHost("the-host").setDatabase("the-db") .setUser("user").setPassword("secret").setSslMode(SslMode.VERIFY_CA) .setPemTrustOptions(new PemTrustOptions().addCertPath("/path/to/cert.pem")); PgConnection.connect(vertx, options, res -> { if (res.succeeded()) { // Connected with SSL } else {/* w w w .j a va 2 s. co m*/ System.out.println("Could not connect " + res.cause()); } }); }
From source file:io.gravitee.gateway.http.connector.VertxHttpClient.java
License:Apache License
@Override protected void doStart() throws Exception { httpClientOptions = new HttpClientOptions(); httpClientOptions.setPipelining(endpoint.getHttpClientOptions().isPipelining()); httpClientOptions.setKeepAlive(endpoint.getHttpClientOptions().isKeepAlive()); httpClientOptions.setIdleTimeout((int) (endpoint.getHttpClientOptions().getIdleTimeout() / 1000)); httpClientOptions.setConnectTimeout((int) endpoint.getHttpClientOptions().getConnectTimeout()); httpClientOptions.setUsePooledBuffers(true); httpClientOptions.setMaxPoolSize(endpoint.getHttpClientOptions().getMaxConcurrentConnections()); httpClientOptions.setTryUseCompression(endpoint.getHttpClientOptions().isUseCompression()); httpClientOptions.setLogActivity(true); // Configure proxy HttpProxy proxy = endpoint.getHttpProxy(); if (proxy != null && proxy.isEnabled()) { ProxyOptions proxyOptions = new ProxyOptions(); proxyOptions.setHost(proxy.getHost()); proxyOptions.setPort(proxy.getPort()); proxyOptions.setUsername(proxy.getUsername()); proxyOptions.setPassword(proxy.getPassword()); proxyOptions.setType(ProxyType.valueOf(proxy.getType().name())); httpClientOptions.setProxyOptions(proxyOptions); }//from w w w. j av a 2 s . c o m URI target = URI.create(endpoint.getTarget()); HttpClientSslOptions sslOptions = endpoint.getHttpClientSslOptions(); if (HTTPS_SCHEME.equalsIgnoreCase(target.getScheme())) { // Configure SSL httpClientOptions.setSsl(true); if (sslOptions != null) { httpClientOptions.setVerifyHost(sslOptions.isHostnameVerifier()) .setTrustAll(sslOptions.isTrustAll()); // Client trust configuration if (!sslOptions.isTrustAll() && sslOptions.getTrustStore() != null) { switch (sslOptions.getTrustStore().getType()) { case PEM: PEMTrustStore pemTrustStore = (PEMTrustStore) sslOptions.getTrustStore(); PemTrustOptions pemTrustOptions = new PemTrustOptions(); if (pemTrustStore.getPath() != null && !pemTrustStore.getPath().isEmpty()) { pemTrustOptions.addCertPath(pemTrustStore.getPath()); } else if (pemTrustStore.getContent() != null && !pemTrustStore.getContent().isEmpty()) { pemTrustOptions .addCertValue(io.vertx.core.buffer.Buffer.buffer(pemTrustStore.getContent())); } else { throw new EndpointException( "Missing PEM certificate value for endpoint " + endpoint.getName()); } this.httpClientOptions.setPemTrustOptions(pemTrustOptions); break; case PKCS12: PKCS12TrustStore pkcs12TrustStore = (PKCS12TrustStore) sslOptions.getTrustStore(); PfxOptions pfxOptions = new PfxOptions(); pfxOptions.setPassword(pkcs12TrustStore.getPassword()); if (pkcs12TrustStore.getPath() != null && !pkcs12TrustStore.getPath().isEmpty()) { pfxOptions.setPath(pkcs12TrustStore.getPath()); } else if (pkcs12TrustStore.getContent() != null && !pkcs12TrustStore.getContent().isEmpty()) { pfxOptions.setValue(io.vertx.core.buffer.Buffer.buffer(pkcs12TrustStore.getContent())); } else { throw new EndpointException("Missing PKCS12 value for endpoint " + endpoint.getName()); } this.httpClientOptions.setPfxTrustOptions(pfxOptions); break; case JKS: JKSTrustStore jksTrustStore = (JKSTrustStore) sslOptions.getTrustStore(); JksOptions jksOptions = new JksOptions(); jksOptions.setPassword(jksTrustStore.getPassword()); if (jksTrustStore.getPath() != null && !jksTrustStore.getPath().isEmpty()) { jksOptions.setPath(jksTrustStore.getPath()); } else if (jksTrustStore.getContent() != null && !jksTrustStore.getContent().isEmpty()) { jksOptions.setValue(io.vertx.core.buffer.Buffer.buffer(jksTrustStore.getContent())); } else { throw new EndpointException("Missing JKS value for endpoint " + endpoint.getName()); } this.httpClientOptions.setTrustStoreOptions(jksOptions); break; } } // Client authentication configuration if (sslOptions.getKeyStore() != null) { switch (sslOptions.getKeyStore().getType()) { case PEM: PEMKeyStore pemKeyStore = (PEMKeyStore) sslOptions.getKeyStore(); PemKeyCertOptions pemKeyCertOptions = new PemKeyCertOptions(); if (pemKeyStore.getCertPath() != null && !pemKeyStore.getCertPath().isEmpty()) { pemKeyCertOptions.setCertPath(pemKeyStore.getCertPath()); } else if (pemKeyStore.getCertContent() != null && !pemKeyStore.getCertContent().isEmpty()) { pemKeyCertOptions .setCertValue(io.vertx.core.buffer.Buffer.buffer(pemKeyStore.getCertContent())); } if (pemKeyStore.getKeyPath() != null && !pemKeyStore.getKeyPath().isEmpty()) { pemKeyCertOptions.setKeyPath(pemKeyStore.getKeyPath()); } else if (pemKeyStore.getKeyContent() != null && !pemKeyStore.getKeyContent().isEmpty()) { pemKeyCertOptions .setKeyValue(io.vertx.core.buffer.Buffer.buffer(pemKeyStore.getKeyContent())); } this.httpClientOptions.setPemKeyCertOptions(pemKeyCertOptions); break; case PKCS12: PKCS12KeyStore pkcs12KeyStore = (PKCS12KeyStore) sslOptions.getKeyStore(); PfxOptions pfxOptions = new PfxOptions(); pfxOptions.setPassword(pkcs12KeyStore.getPassword()); if (pkcs12KeyStore.getPath() != null && !pkcs12KeyStore.getPath().isEmpty()) { pfxOptions.setPath(pkcs12KeyStore.getPath()); } else if (pkcs12KeyStore.getContent() != null && !pkcs12KeyStore.getContent().isEmpty()) { pfxOptions.setValue(io.vertx.core.buffer.Buffer.buffer(pkcs12KeyStore.getContent())); } this.httpClientOptions.setPfxKeyCertOptions(pfxOptions); break; case JKS: JKSKeyStore jksKeyStore = (JKSKeyStore) sslOptions.getKeyStore(); JksOptions jksOptions = new JksOptions(); jksOptions.setPassword(jksKeyStore.getPassword()); if (jksKeyStore.getPath() != null && !jksKeyStore.getPath().isEmpty()) { jksOptions.setPath(jksKeyStore.getPath()); } else if (jksKeyStore.getContent() != null && !jksKeyStore.getContent().isEmpty()) { jksOptions.setValue(io.vertx.core.buffer.Buffer.buffer(jksKeyStore.getContent())); } this.httpClientOptions.setKeyStoreOptions(jksOptions); break; } } } } printHttpClientConfiguration(httpClientOptions); }
From source file:io.gravitee.gateway.http.vertx.VertxHttpClient.java
License:Apache License
@Override protected void doStart() throws Exception { // TODO: Prepare HttpClientOptions according to the endpoint to improve performance when creating a new // instance of the Vertx client httpClientOptions = new HttpClientOptions(); httpClientOptions.setPipelining(endpoint.getHttpClientOptions().isPipelining()); httpClientOptions.setKeepAlive(endpoint.getHttpClientOptions().isKeepAlive()); httpClientOptions.setIdleTimeout((int) (endpoint.getHttpClientOptions().getIdleTimeout() / 1000)); httpClientOptions.setConnectTimeout((int) endpoint.getHttpClientOptions().getConnectTimeout()); httpClientOptions.setUsePooledBuffers(true); httpClientOptions.setMaxPoolSize(endpoint.getHttpClientOptions().getMaxConcurrentConnections()); httpClientOptions.setTryUseCompression(endpoint.getHttpClientOptions().isUseCompression()); // Configure proxy HttpProxy proxy = endpoint.getHttpProxy(); if (proxy != null && proxy.isEnabled()) { ProxyOptions proxyOptions = new ProxyOptions(); proxyOptions.setHost(proxy.getHost()); proxyOptions.setPort(proxy.getPort()); proxyOptions.setUsername(proxy.getUsername()); proxyOptions.setPassword(proxy.getPassword()); proxyOptions.setType(ProxyType.valueOf(proxy.getType().name())); httpClientOptions.setProxyOptions(proxyOptions); }//from w w w . j a v a 2 s . c om URI target = URI.create(endpoint.getTarget()); // Configure SSL HttpClientSslOptions sslOptions = endpoint.getHttpClientSslOptions(); if (sslOptions != null && sslOptions.isEnabled()) { httpClientOptions.setSsl(sslOptions.isEnabled()).setVerifyHost(sslOptions.isHostnameVerifier()) .setTrustAll(sslOptions.isTrustAll()); if (sslOptions.getPem() != null && !sslOptions.getPem().isEmpty()) { httpClientOptions.setPemTrustOptions(new PemTrustOptions() .addCertValue(io.vertx.core.buffer.Buffer.buffer(sslOptions.getPem()))); } } else if (HTTPS_SCHEME.equalsIgnoreCase(target.getScheme())) { // SSL is not configured but the endpoint scheme is HTTPS so let's enable the SSL on Vert.x HTTP client // automatically httpClientOptions.setSsl(true).setTrustAll(true); } printHttpClientConfiguration(httpClientOptions); }