aboutsummaryrefslogtreecommitdiffstats
path: root/src/main/java/org
diff options
context:
space:
mode:
authorpkaras <piotr.karas@nokia.com>2019-03-22 13:48:06 +0100
committerpkaras <piotr.karas@nokia.com>2019-03-22 13:48:06 +0100
commit57e352bd4a9ccf0e84cb3289e96d35238e73b667 (patch)
tree5f342b8042096d806fb4b95be57360445d7e1fff /src/main/java/org
parentcee37b37655ed5a52078e37c7da51c887e2d73e5 (diff)
SSL setup for jetty server
Change-Id: I7ee8c956e556469f25eba6f0e30540393a9759ce Issue-ID: DMAAP-1111 Signed-off-by: piotr.karas <piotr.karas@nokia.com>
Diffstat (limited to 'src/main/java/org')
-rw-r--r--src/main/java/org/onap/dmaap/dbcapi/server/JettyServer.java37
1 files changed, 20 insertions, 17 deletions
diff --git a/src/main/java/org/onap/dmaap/dbcapi/server/JettyServer.java b/src/main/java/org/onap/dmaap/dbcapi/server/JettyServer.java
index 81c08b2..4b578b4 100644
--- a/src/main/java/org/onap/dmaap/dbcapi/server/JettyServer.java
+++ b/src/main/java/org/onap/dmaap/dbcapi/server/JettyServer.java
@@ -53,12 +53,8 @@ public class JettyServer extends BaseLoggingClass {
boolean allowHttp = Boolean.valueOf(params.getProperty("HttpAllowed", "false"));
serverLogger.info( "port params: http=" + httpPort + " https=" + sslPort );
serverLogger.info( "allowHttp=" + allowHttp );
- String keystore=null;
- String keystorePwd = null;
- String keyPwd = null;
-
- // HTTP Server
+ // HTTP Server
HttpConfiguration http_config = new HttpConfiguration();
http_config.setSecureScheme("https");
http_config.setSecurePort(sslPort);
@@ -76,16 +72,9 @@ public class JettyServer extends BaseLoggingClass {
HttpConfiguration https_config = new HttpConfiguration(http_config);
https_config.addCustomizer(new SecureRequestCustomizer());
SslContextFactory sslContextFactory = new SslContextFactory();
- keystore = params.getProperty("KeyStoreFile", "etc/keystore");
- logger.info("https Server using keystore at " + keystore);
- keystorePwd = params.getProperty("KeyStorePassword", "changeit");
- keyPwd = params.getProperty("KeyPassword", "changeit");
-
-
- sslContextFactory.setKeyStorePath(keystore);
- sslContextFactory.setKeyStorePassword(keystorePwd);
- sslContextFactory.setKeyManagerPassword(keyPwd);
+ setUpKeystore(params, sslContextFactory);
+ setUpTrustStore(params, sslContextFactory);
if (sslPort != 0) {
try(ServerConnector sslConnector = new ServerConnector(server,
@@ -110,7 +99,7 @@ public class JettyServer extends BaseLoggingClass {
}
}
}
-
+
// Set context for servlet. This is shared for http and https
ServletContextHandler context = new ServletContextHandler(ServletContextHandler.SESSIONS);
context.setContextPath("/");
@@ -138,11 +127,25 @@ public class JettyServer extends BaseLoggingClass {
}
} catch ( Exception e ) {
errorLogger.error( "Exception " + e );
- errorLogger.error( "possibly unable to use keystore " + keystore + " with passwords " + keystorePwd + " and " + keyPwd );
- //System.exit(1);
} finally {
server.destroy();
}
}
+
+ private void setUpKeystore(Properties params, SslContextFactory sslContextFactory) {
+ String keystore = params.getProperty("KeyStoreFile", "etc/keystore");
+ logger.info("https Server using keystore at " + keystore);
+ sslContextFactory.setKeyStorePath(keystore);
+ sslContextFactory.setKeyStorePassword(params.getProperty("KeyStorePassword", "changeit"));
+ sslContextFactory.setKeyManagerPassword(params.getProperty("KeyPassword", "changeit"));
+ }
+
+ private void setUpTrustStore(Properties params, SslContextFactory sslContextFactory) {
+ String truststore = params.getProperty("TrustStoreFile", "etc/org.onap.dmaap-bc.trust.jks");
+ logger.info("https Server using truststore at " + truststore);
+ sslContextFactory.setTrustStorePath(truststore);
+ sslContextFactory.setTrustStoreType(params.getProperty("TrustStoreType", "jks"));
+ sslContextFactory.setTrustStorePassword(params.getProperty("TrustStorePassword", "changeit"));
+ }
}