Examples of org.eclipse.jetty.util.ssl.SslContextFactory

• org.eclipse.jetty.util.ssl.SslContextFactory
  SslContextFactory is used to configure SSL connectors as well as HttpClient. It holds all SSL parameters and creates SSL context based on these parameters to be used by the SSL connectors.

                KeyStore keyStore = port.getKeyStore();
                if (keyStore == null)
                {
                    throw new IllegalConfigurationException("Key store is not configured. Cannot start management on HTTPS port without keystore");
                }
                SslContextFactory factory = new SslContextFactory();
                try
                {
                    SSLContext sslContext = SSLContext.getInstance("TLS");
                    sslContext.init(keyStore.getKeyManagers(), null, null);
                    factory.setSslContext(sslContext);
                }
                catch (GeneralSecurityException e)
                {
                    throw new RuntimeException("Cannot configure port " + port.getName() + " for transport " + Transport.SSL, e);
                }

        for (Connector connector : connectors)
        {
            CurrentActor.get().message(ManagementConsoleMessages.LISTENING(stringifyConnectorScheme(connector), connector.getPort()));
            if (connector instanceof SslSocketConnector)
            {
                SslContextFactory sslContextFactory = ((SslSocketConnector)connector).getSslContextFactory();
                if (sslContextFactory != null && sslContextFactory.getKeyStorePath() != null)
                {
                    CurrentActor.get().message(ManagementConsoleMessages.SSL_KEYSTORE(sslContextFactory.getKeyStorePath()));
                }
            }
        }
    }

            // use this certificate anywhere important as the passwords are
            // available in the source.

            connector.setConfidentialPort(8443);

            SslContextFactory factory = new SslContextFactory();
            factory.setKeyStoreResource(keystore);
            factory.setKeyStorePassword("wicket");
            factory.setTrustStoreResource(keystore);
            factory.setKeyManagerPassword("wicket");
            SslSocketConnector sslConnector = new SslSocketConnector(factory);
            sslConnector.setMaxIdleTime(timeout);
            sslConnector.setPort(8443);
            sslConnector.setAcceptors(4);
            server.addConnector(sslConnector);

    private boolean onLogoutTriggered;

    @Test
    public void testLogin() throws Exception {

        final SslContextFactory sslContextFactory = new SslContextFactory();
        sslContextFactory.setSslContext(new SSLContextParameters().createSSLContext());
        final HttpClient httpClient = new HttpClient(sslContextFactory);
        httpClient.setConnectTimeout(TIMEOUT);
        httpClient.setTimeout(TIMEOUT);
        httpClient.registerListener(RedirectListener.class.getName());
        httpClient.start();

        // create a Jetty HttpClient if not already set
        if (null == httpClient) {
            if (config != null && config.getHttpClient() != null) {
                httpClient = config.getHttpClient();
            } else {
                final SslContextFactory sslContextFactory = new SslContextFactory();
                final SSLContextParameters contextParameters =
                    sslContextParameters != null ? sslContextParameters : new SSLContextParameters();
                sslContextFactory.setSslContext(contextParameters.createSSLContext());
                httpClient = new HttpClient(sslContextFactory);
                httpClient.setConnectorType(HttpClient.CONNECTOR_SELECT_CHANNEL);
                httpClient.setMaxConnectionsPerAddress(MAX_CONNECTIONS_PER_ADDRESS);
                httpClient.setConnectTimeout(CONNECTION_TIMEOUT);
                httpClient.setTimeout(RESPONSE_TIMEOUT);

        connector.setPort(port);
        if (serverArgs.containsKey("withssl")) {
            final SslSocketConnector sslConnector = new SslSocketConnector();
            sslConnector.setPort(8444);
            SslContextFactory sslFact = sslConnector.getSslContextFactory();
            sslFact.setTrustStore(KEYSTORE);
            sslFact.setTrustStorePassword("password");
            sslFact.setKeyStorePath(KEYSTORE);
            sslFact.setKeyManagerPassword("password");
            sslFact.setKeyStorePassword("password");
            server.setConnectors(new Connector[] { connector, sslConnector });
        } else {
            server.setConnectors(new Connector[] { connector });
        }

    protected int run(CommandLine cmd) throws Exception {
        SelectChannelConnector httpConnector = new SelectChannelConnector();
        httpConnector.setPort(super.getHttpPort());
        httpConnector.setConfidentialPort(super.getHttpsPort());

        SslContextFactory sslContextFactory = new SslContextFactory();
        sslContextFactory.setKeyStorePath(super.getKeyStorePath());
        sslContextFactory.setKeyStorePassword(super.getKeyStorePassword());
        sslContextFactory.setTrustStore(super.getTrustStorePath());
        sslContextFactory.setTrustStorePassword(super.getTrustStorePassword());
        sslContextFactory.setNeedClientAuth(super.getRequireClientCert());
        SslSelectChannelConnector httpsConnector = new SslSelectChannelConnector(sslContextFactory);
        httpsConnector.setPort(super.getHttpsPort());

        WebAppContext webAppContext = new WebAppContext();
        webAppContext.setContextPath(this.getContextPath());

    LogbackHook.attachToRootLogger();

    this.server = new Server();

    {
      SslContextFactory sslContextFactory = new SslContextFactory(SslContextFactory.DEFAULT_KEYSTORE_PATH);

      {
        CertificateAndKey certificateAndKey = encryptionStore.getCertificateAndKey("https");
        String secret = KeyStoreUtils.DEFAULT_KEYSTORE_SECRET;
        KeyStore keystore = KeyStoreUtils.createEmpty(secret);

        String alias = "https";

        KeyStoreUtils.put(keystore, alias, certificateAndKey, secret);
        sslContextFactory.setKeyStore(keystore);
        sslContextFactory.setKeyStorePassword(secret);
        sslContextFactory.setCertAlias(alias);
      }

      // TODO: Preconfigure a better SSLContext??
      SSLContext sslContext = SSLContext.getDefault();
      sslContextFactory.setIncludeCipherSuites(SslPolicy.DEFAULT.getEngineConfig(sslContext)
          .getEnabledCipherSuites());
      sslContextFactory.setIncludeProtocols(SslPolicy.DEFAULT.getEngineConfig(sslContext).getEnabledProtocols());

      SslSelectChannelConnector connector = new SslSelectChannelConnector(sslContextFactory);
      connector.setPort(PORT);
      String host = configuration.lookup("http.host", null);
      if (host != null) {

     */
    private static ServerConnector createSecureSocketConnector(String keystoreFile,
                                                               String keystorePassword, String truststoreFile,
                                                               String truststorePassword) {

        SslContextFactory sslContextFactory = new SslContextFactory(
                keystoreFile);

        if (keystorePassword != null) {
            sslContextFactory.setKeyStorePassword(keystorePassword);
        }
        if (truststoreFile != null) {
            sslContextFactory.setTrustStorePath(truststoreFile);
        }
        if (truststorePassword != null) {
            sslContextFactory.setTrustStorePassword(truststorePassword);
        }
        return new ServerConnector(new Server(), sslContextFactory);
    }

      // SSL for HTTPS and SPDY (X.509 Setup)
      // TODO : Add password control to the key store
      hostKeyStore = HostKeyStore.loadOrCreate(actorExtractor.extract()
          .getHost(), "", sa);
      final SslContextFactory sslCnxt = new SslContextFactory();
      // sslCnxt.setCertAlias(hostKeyStore.getAlias());
      sslCnxt.setKeyStore(hostKeyStore.getKeyStore());
      sslCnxt.setKeyStoreType(hostKeyStore.getKeyStore().getType());
      sslCnxt.setKeyStoreProvider(hostKeyStore.getKeyStore()
          .getProvider().getName());
      sslCnxt.setIncludeProtocols(PROTOCOL_INCLUDE);
      sslCnxt.setTrustAll(false);

      // HTTP Configuration
      final HttpConfiguration httpConf = new HttpConfiguration();
      httpConf.setSecureScheme(HttpScheme.HTTPS.asString());
      httpConf.setSecurePort(actorExtractor.extract().getHost()