|
|
|
@ -22,19 +22,19 @@ import org.slf4j.LoggerFactory; |
|
|
|
|
|
|
|
|
|
public class SslContextCreator { |
|
|
|
|
|
|
|
|
|
private static Logger logger = LoggerFactory.getLogger(SslContextCreator.class); |
|
|
|
|
private static Logger LOGGER = LoggerFactory.getLogger(SslContextCreator.class); |
|
|
|
|
|
|
|
|
|
public static SSLContext createSSLContext() { |
|
|
|
|
return new SslContextCreator().initSSLContext(); |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
public SSLContext initSSLContext() { |
|
|
|
|
logger.info("Checking SSL configuration properties..."); |
|
|
|
|
LOGGER.info("Checking SSL configuration properties..."); |
|
|
|
|
final String jksPath = Config.getInstance().getStringValue("ssl.jksPath"); |
|
|
|
|
logger.info("Initializing SSL context. KeystorePath = {}.", jksPath); |
|
|
|
|
LOGGER.info("Initializing SSL context. KeystorePath = {}.", jksPath); |
|
|
|
|
if (jksPath == null || jksPath.isEmpty()) { |
|
|
|
|
// key_store_password or key_manager_password are empty
|
|
|
|
|
logger.warn("The keystore path is null or empty. The SSL context won't be initialized."); |
|
|
|
|
LOGGER.warn("The keystore path is null or empty. The SSL context won't be initialized."); |
|
|
|
|
return null; |
|
|
|
|
} |
|
|
|
|
|
|
|
|
@ -46,7 +46,7 @@ public class SslContextCreator { |
|
|
|
|
// added to the ServerContext
|
|
|
|
|
|
|
|
|
|
try { |
|
|
|
|
logger.info("Loading keystore. KeystorePath = {}.", jksPath); |
|
|
|
|
LOGGER.info("Loading keystore. KeystorePath = {}.", jksPath); |
|
|
|
|
InputStream jksInputStream = jksDatastore(jksPath); |
|
|
|
|
SSLContext clientSSLContext = SSLContext.getInstance("TLS"); |
|
|
|
|
final KeyStore ks = KeyStore.getInstance("JKS"); |
|
|
|
@ -57,14 +57,14 @@ public class SslContextCreator { |
|
|
|
|
TrustManager[] trustManagers = tmf.getTrustManagers(); |
|
|
|
|
|
|
|
|
|
// init sslContext
|
|
|
|
|
logger.info("Initializing SSL context..."); |
|
|
|
|
LOGGER.info("Initializing SSL context..."); |
|
|
|
|
clientSSLContext.init(null, trustManagers, null); |
|
|
|
|
logger.info("The SSL context has been initialized successfully."); |
|
|
|
|
LOGGER.info("The SSL context has been initialized successfully."); |
|
|
|
|
|
|
|
|
|
return clientSSLContext; |
|
|
|
|
} catch (NoSuchAlgorithmException | CertificateException | KeyStoreException | KeyManagementException |
|
|
|
|
| IOException ex) { |
|
|
|
|
logger.error("Unable to initialize SSL context. Cause = {}, errorMessage = {}.", ex.getCause(), |
|
|
|
|
LOGGER.error("Unable to initialize SSL context. Cause = {}, errorMessage = {}.", ex.getCause(), |
|
|
|
|
ex.getMessage()); |
|
|
|
|
return null; |
|
|
|
|
} |
|
|
|
@ -73,18 +73,18 @@ public class SslContextCreator { |
|
|
|
|
private InputStream jksDatastore(String jksPath) throws FileNotFoundException { |
|
|
|
|
URL jksUrl = getClass().getClassLoader().getResource(jksPath); |
|
|
|
|
if (jksUrl != null) { |
|
|
|
|
logger.info("Starting with jks at {}, jks normal {}", jksUrl.toExternalForm(), jksUrl); |
|
|
|
|
LOGGER.info("Starting with jks at {}, jks normal {}", jksUrl.toExternalForm(), jksUrl); |
|
|
|
|
return getClass().getClassLoader().getResourceAsStream(jksPath); |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
logger.warn("No keystore has been found in the bundled resources. Scanning filesystem..."); |
|
|
|
|
LOGGER.warn("No keystore has been found in the bundled resources. Scanning filesystem..."); |
|
|
|
|
File jksFile = new File(jksPath); |
|
|
|
|
if (jksFile.exists()) { |
|
|
|
|
logger.info("Loading external keystore. Url = {}.", jksFile.getAbsolutePath()); |
|
|
|
|
LOGGER.info("Loading external keystore. Url = {}.", jksFile.getAbsolutePath()); |
|
|
|
|
return new FileInputStream(jksFile); |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
logger.warn("The keystore file does not exist. Url = {}.", jksFile.getAbsolutePath()); |
|
|
|
|
LOGGER.warn("The keystore file does not exist. Url = {}.", jksFile.getAbsolutePath()); |
|
|
|
|
return null; |
|
|
|
|
} |
|
|
|
|
} |