@Override public Handler<ClientOptionsBase> parse( final JsonObject options) { return Fn.get(() -> { final PemTrustOptions pem = Fn.getSemi( !options.containsKey(PATH_CERT), LOGGER, Trust.CLIENT_PEM, () -> new PemTrustOptions().addCertPath(PATH_CERT) ); return option -> option .setSsl(true) .setUseAlpn(true) .setPemTrustOptions(pem) .setOpenSslEngineOptions(new OpenSSLEngineOptions()); }, options); }
public void ex10(Vertx vertx) { PgConnectOptions options = new PgConnectOptions() .setPort(5432) .setHost("the-host") .setDatabase("the-db") .setUsername("user") .setPassword("secret") .setSsl(true) .setPemTrustOptions(new PemTrustOptions().addCertPath("/path/to/cert.pem")); PgClient.connect(vertx, options, res -> { if (res.succeeded()) { // Connected with SSL } else { System.out.println("Could not connect " + res.cause()); } }); }
@Test public void testTLS(TestContext ctx) { Async async = ctx.async(); PgConnectOptions options = new PgConnectOptions(PgTestBase.options) .setSsl(true) .setPemTrustOptions(new PemTrustOptions().addCertPath("tls/server.crt")); PgClient.connect(vertx, new PgConnectOptions(options).setSsl(true).setTrustAll(true), ctx.asyncAssertSuccess(conn -> { ctx.assertTrue(conn.isSSL()); conn.query("SELECT * FROM Fortune WHERE id=1", ctx.asyncAssertSuccess(result -> { ctx.assertEquals(1, result.size()); Tuple row = result.iterator().next(); ctx.assertEquals(1, row.getInteger(0)); ctx.assertEquals("fortune: No such file or directory", row.getString(1)); async.complete(); })); })); }
private void setGrpcSslOptions(TCPSSLOptions sslOptions) { PemTrustOptions pemTrustOptions = new PemTrustOptions(); this.config.getSslTrustCerts() .forEach(trustKey -> pemTrustOptions.addCertValue(Buffer.buffer(trustKey))); sslOptions .setSsl(true) .setUseAlpn(true) .setPemTrustOptions(pemTrustOptions); final String sslCert = this.config.getSslCert(); final String sslKey = this.config.getSslKey(); if (sslKey != null && sslCert != null) { PemKeyCertOptions pemKeyCertOptions = new PemKeyCertOptions() .setKeyValue(Buffer.buffer(sslKey)) .setCertValue(Buffer.buffer(sslCert)); sslOptions.setPemKeyCertOptions(pemKeyCertOptions); } }
private void setSsl(HttpServerOptions httpServerOptions) { ApiConfig.SslConfig sslConfig = config.getSsl(); if (!sslConfig.isEnable()) { return; } httpServerOptions.setSsl(true); PemKeyCertOptions pemKeyCertOptions = new PemKeyCertOptions() .setKeyValue(Buffer.buffer(sslConfig.getSslKey())) .setCertValue(Buffer.buffer(sslConfig.getSslCert())); httpServerOptions.setPemKeyCertOptions(pemKeyCertOptions); PemTrustOptions pemTrustOptions = new PemTrustOptions(); Arrays.stream(sslConfig.getSslTrustCerts()) .map(Object::toString) .forEach(trustKey -> pemTrustOptions.addCertValue(Buffer.buffer(trustKey))); if (!pemTrustOptions.getCertValues().isEmpty()) { httpServerOptions.setPemTrustOptions(pemTrustOptions); ClientAuth clientAuth = sslConfig.isSslRequireClientAuth() ? ClientAuth.REQUIRED : ClientAuth.REQUEST; httpServerOptions.setClientAuth(clientAuth); } }
/** * Tests authentication with the cert auth backend using PEM file */ @Test public void testLoginByCert_usingPemConfig(TestContext tc) throws VaultException { JsonObject config = new JsonObject(); config.put("host", process.getHost()); config.put("port", process.getPort()); config.put("ssl", true); PemKeyCertOptions options = new PemKeyCertOptions() .addCertPath("target/vault/config/ssl/client-cert.pem") .addKeyPath("target/vault/config/ssl/client-privatekey.pem"); config.put("pemKeyCertOptions", options.toJson()); PemTrustOptions trust = new PemTrustOptions() .addCertPath("target/vault/config/ssl/cert.pem"); config.put("pemTrustStoreOptions", trust.toJson()); JksOptions jks = new JksOptions() .setPath("target/vault/config/ssl/truststore.jks"); config.put("trustStoreOptions", jks.toJson()); client = new SlimVaultClient(vertx, config); checkWeCanLoginAndAccessRestrictedSecrets(tc); }
@Override protected JsonObject getRetrieverConfiguration() { JsonObject config = new JsonObject(); config.put("host", process.getHost()); config.put("port", process.getPort()); config.put("ssl", true); PemKeyCertOptions options = new PemKeyCertOptions() .addCertPath("target/vault/config/ssl/client-cert.pem") .addKeyPath("target/vault/config/ssl/client-privatekey.pem"); config.put("pemKeyCertOptions", options.toJson()); PemTrustOptions trust = new PemTrustOptions() .addCertPath("target/vault/config/ssl/cert.pem"); config.put("pemTrustStoreOptions", trust.toJson()); JksOptions jks = new JksOptions() .setPath("target/vault/config/ssl/truststore.jks"); config.put("trustStoreOptions", jks.toJson()); config.put("auth-backend", "cert"); return config; }
/** * Create an options instance for the ProtonClient * * @return ProtonClient options instance */ private ProtonClientOptions createClientOptions() { ProtonClientOptions options = new ProtonClientOptions(); options.setConnectTimeout(5000); options.setReconnectAttempts(-1).setReconnectInterval(1000); // reconnect forever, every 1000 millisecs if (certDir != null) { options.setSsl(true) .addEnabledSaslMechanism("EXTERNAL") .setHostnameVerificationAlgorithm("") .setPemTrustOptions(new PemTrustOptions() .addCertPath(new File(certDir, "ca.crt").getAbsolutePath())) .setPemKeyCertOptions(new PemKeyCertOptions() .addCertPath(new File(certDir, "tls.crt").getAbsolutePath()) .addKeyPath(new File(certDir, "tls.key").getAbsolutePath())); } return options; }
/** * Create an options instance for the ProtonClient * * @return ProtonClient options instance */ private ProtonClientOptions createClientOptions() { ProtonClientOptions options = new ProtonClientOptions(); options.setConnectTimeout(1000); options.setReconnectAttempts(-1).setReconnectInterval(1000); // reconnect forever, every 1000 millisecs if (this.bridgeConfigProperties.getEndpointConfigProperties().getCertDir() != null && this.bridgeConfigProperties.getEndpointConfigProperties().getCertDir().length() > 0) { String certDir = this.bridgeConfigProperties.getEndpointConfigProperties().getCertDir(); log.info("Enabling SSL configuration for AMQP with TLS certificates from {}", certDir); options.setSsl(true) .addEnabledSaslMechanism("EXTERNAL") .setHostnameVerificationAlgorithm("") .setPemTrustOptions(new PemTrustOptions() .addCertPath(new File(certDir, "ca.crt").getAbsolutePath())) .setPemKeyCertOptions(new PemKeyCertOptions() .addCertPath(new File(certDir, "tls.crt").getAbsolutePath()) .addKeyPath(new File(certDir, "tls.key").getAbsolutePath())); } return options; }
@Override public void connect(String username, String password, Handler<AsyncResult<Client>> connectHandler) { MqttClientOptions options = new MqttClientOptions() .setUsername(username) .setPassword(password); if (this.serverCert != null && !this.serverCert.isEmpty()) { options.setSsl(true) .setHostnameVerificationAlgorithm("") .setPemTrustOptions(new PemTrustOptions().addCertPath(this.serverCert)); } this.client = io.vertx.mqtt.MqttClient.create(vertx, options); this.client.connect(this.port, this.hostname, done -> { if (done.succeeded()) { log.info("Connected to {}:{}", this.hostname, this.port); this.client.publishHandler(m -> { MessageDelivery messageDelivery = new MessageDelivery(m.topicName(), m.payload().getBytes()); this.receivedHandler.handle(messageDelivery); }); this.client.subscribeCompletionHandler(suback -> { log.info("Subscription [{}], granted QoS levels {}", suback.messageId(), suback.grantedQoSLevels()); }); connectHandler.handle(Future.succeededFuture(this)); } else { log.error("Error connecting to the service", done.cause()); connectHandler.handle(Future.failedFuture(done.cause())); } }); }
/** * Gets the trust options derived from the trust store properties. * * @return The trust options or {@code null} if trust store path is not set or not supported. */ public final TrustOptions getTrustOptions() { if (trustStorePath == null) { return null; } final FileFormat format = FileFormat.orDetect(trustStoreFormat, trustStorePath); if (format == null) { LOG.debug("unsupported trust store format"); return null; } switch (format) { case PEM: LOG.debug("using certificates from file [{}] as trust anchor", trustStorePath); return new PemTrustOptions().addCertPath(trustStorePath); case PKCS12: LOG.debug("using certificates from PKCS12 key store [{}] as trust anchor", trustStorePath); return new PfxOptions() .setPath(getTrustStorePath()) .setPassword(getTrustStorePassword()); case JKS: LOG.debug("using certificates from JKS key store [{}] as trust anchor", trustStorePath); return new JksOptions() .setPath(getTrustStorePath()) .setPassword(getTrustStorePassword()); default: LOG.debug("unsupported trust store format: {}", format); return null; } }
public void exampleWithCerts(Vertx vertx) { JsonObject vault_config = new JsonObject(); // ... PemKeyCertOptions certs = new PemKeyCertOptions() .addCertPath("target/vault/config/ssl/client-cert.pem") .addKeyPath("target/vault/config/ssl/client-privatekey.pem"); vault_config.put("pemKeyCertOptions", certs.toJson()); PemTrustOptions trust = new PemTrustOptions() .addCertPath("target/vault/config/ssl/cert.pem"); vault_config.put("pemTrustStoreOptions", trust.toJson()); JksOptions jks = new JksOptions() .setPath("target/vault/config/ssl/truststore.jks"); vault_config.put("trustStoreOptions", jks.toJson()); vault_config.put("auth-backend", "cert"); // Path to the secret to read. vault_config.put("path", "secret/my-secret"); ConfigStoreOptions store = new ConfigStoreOptions() .setType("vault") .setConfig(vault_config); ConfigRetriever retriever = ConfigRetriever.create(vertx, new ConfigRetrieverOptions().addStore(store)); }
private static ProtonClientOptions createClientOptions(String certDir) { ProtonClientOptions options = new ProtonClientOptions(); if (certDir != null) { options.setSsl(true) .setHostnameVerificationAlgorithm("") .setPemTrustOptions(new PemTrustOptions() .addCertPath(new File(certDir, "ca.crt").getAbsolutePath())) .setPemKeyCertOptions(new PemKeyCertOptions() .setCertPath(new File(certDir, "tls.crt").getAbsolutePath()) .setKeyPath(new File(certDir, "tls.key").getAbsolutePath())); } return options; }
private ProtonClientOptions getOptions() { ProtonClientOptions options = new ProtonClientOptions(); if (certDir != null) { options.setHostnameVerificationAlgorithm("") .setSsl(true) .addEnabledSaslMechanism("EXTERNAL") .setHostnameVerificationAlgorithm("") .setPemTrustOptions(new PemTrustOptions() .addCertPath(new File(certDir, "ca.crt").getAbsolutePath())) .setPemKeyCertOptions(new PemKeyCertOptions() .setCertPath(new File(certDir, "tls.crt").getAbsolutePath()) .setKeyPath(new File(certDir, "tls.key").getAbsolutePath())); } return options; }
private static ProtonServerOptions createOptionsForTls(final String certDir) { ProtonServerOptions options = new ProtonServerOptions(); PemKeyCertOptions pemKeyCertOptions = new PemKeyCertOptions(); pemKeyCertOptions.setCertPath(certDir + File.separator + "tls.crt"); pemKeyCertOptions.setKeyPath(certDir + File.separator + "tls.key"); options.setPemKeyCertOptions(pemKeyCertOptions); options.setClientAuth(ClientAuth.REQUIRED); options.setSsl(true); PemTrustOptions pemTrustOptions = new PemTrustOptions(); pemTrustOptions.addCertPath(certDir + File.separator + "ca.crt"); options.setPemTrustOptions(pemTrustOptions); return options; }
private void go(TestContext tc, boolean trustAll, PemTrustOptions trustOptions) { ConsulClient secureClient = ctx.createSecureClient(trustAll, trustOptions); secureClient.putValue("foo/bars42", "value42", tc.asyncAssertSuccess(b -> { tc.assertTrue(b); secureClient.getValue("foo/bars42", tc.asyncAssertSuccess(pair -> { tc.assertEquals(pair.getValue(), "value42"); ctx.closeClient(secureClient); })); })); }
@Test public void testNoHttp2Push() throws Exception { stat.setWebRoot("webroot/somedir3"); router.route().handler(stat); HttpServer http2Server = vertx.createHttpServer(new HttpServerOptions() .setUseAlpn(true) .setSsl(true) .setPemKeyCertOptions(new PemKeyCertOptions().setKeyPath("tls/server-key.pem").setCertPath("tls/server-cert.pem"))); http2Server.requestHandler(router::accept).listen(8443); HttpClientOptions options = new HttpClientOptions() .setSsl(true) .setUseAlpn(true) .setProtocolVersion(HttpVersion.HTTP_2) .setPemTrustOptions(new PemTrustOptions().addCertPath("tls/server-cert.pem")); HttpClient client = vertx.createHttpClient(options); HttpClientRequest request = client.get(8443, "localhost", "/testLinkPreload.html", resp -> { assertEquals(200, resp.statusCode()); assertEquals(HttpVersion.HTTP_2, resp.version()); resp.bodyHandler(this::assertNotNull); testComplete(); }); request.pushHandler(pushedReq -> pushedReq.handler(pushedResp -> { fail(); })); request.end(); await(); }
@Test public void testHttp2Push() throws Exception { List<Http2PushMapping> mappings = new ArrayList<>(); mappings.add(new Http2PushMapping("style.css", "style", false)); mappings.add(new Http2PushMapping("coin.png", "image", false)); stat.setHttp2PushMapping(mappings) .setWebRoot("webroot/somedir3"); router.route().handler(stat); HttpServer http2Server = vertx.createHttpServer(new HttpServerOptions() .setUseAlpn(true) .setSsl(true) .setPemKeyCertOptions(new PemKeyCertOptions().setKeyPath("tls/server-key.pem").setCertPath("tls/server-cert.pem"))); http2Server.requestHandler(router::accept).listen(8443); HttpClientOptions options = new HttpClientOptions() .setSsl(true) .setUseAlpn(true) .setProtocolVersion(HttpVersion.HTTP_2) .setPemTrustOptions(new PemTrustOptions().addCertPath("tls/server-cert.pem")); HttpClient client = vertx.createHttpClient(options); HttpClientRequest request = client.get(8443, "localhost", "/testLinkPreload.html", resp -> { assertEquals(200, resp.statusCode()); assertEquals(HttpVersion.HTTP_2, resp.version()); resp.bodyHandler(this::assertNotNull); }); CountDownLatch latch = new CountDownLatch(2); request.pushHandler(pushedReq -> pushedReq.handler(pushedResp -> { assertNotNull(pushedResp); pushedResp.bodyHandler(this::assertNotNull); latch.countDown(); })); request.end(); latch.await(); }
@Override public PgConnectOptions setPemTrustOptions(PemTrustOptions options) { return (PgConnectOptions)super.setPemTrustOptions(options); }
@Override public void connect(String username, String password, Handler<AsyncResult<Client>> connectHandler) { this.client = ProtonClient.create(vertx); ProtonClientOptions options = new ProtonClientOptions(); if (this.serverCert != null && !this.serverCert.isEmpty()) { options .setSsl(true) .setHostnameVerificationAlgorithm("") .setPemTrustOptions(new PemTrustOptions().addCertPath(this.serverCert)); } this.client.connect(options, this.hostname, this.port, username, password, done -> { if (done.succeeded()) { log.info("Connected to {}:{}", this.hostname, this.port); this.connection = done.result(); this.connection.open(); if (this.senders != null) { this.senders.clear(); } else { this.senders = new HashMap<>(); } if (this.receivers != null) { this.receivers.clear(); } else { this.receivers = new HashMap<>(); } connectHandler.handle(Future.succeededFuture(this)); } else { log.error("Error connecting to the service", done.cause()); connectHandler.handle(Future.failedFuture(done.cause())); } }); }
@Override public MqttServerOptions setPemTrustOptions(PemTrustOptions options) { super.setPemTrustOptions(options); return this; }
@Override public MqttClientOptions setPemTrustOptions(PemTrustOptions options) { super.setPemTrustOptions(options); return this; }
@Override public void start() { ProtonServerOptions options = new ProtonServerOptions(); if (certDir != null) { options.setSsl(true) .setClientAuth(ClientAuth.REQUIRED) .setPemKeyCertOptions(new PemKeyCertOptions() .setKeyPath(new File(certDir, "tls.key").getAbsolutePath()) .setCertPath(new File(certDir, "tls.crt").getAbsolutePath())) .setPemTrustOptions(new PemTrustOptions() .addCertPath(new File(certDir, "ca.crt").getAbsolutePath())); } server = ProtonServer.create(vertx, options); server.saslAuthenticatorFactory(saslAuthenticatorFactory); server.connectHandler(connection -> { connection.setContainer("queue-scheduler"); connection.openHandler(result -> { connection.open(); connectionOpened(connection); }).closeHandler(conn -> { log.info("Broker connection " + connection.getRemoteContainer() + " closed"); executeBlocking(() -> schedulerState.brokerRemoved(getGroupId(connection), connection.getRemoteContainer()), "Error removing broker"); connection.close(); connection.disconnect(); }).disconnectHandler(protonConnection -> { log.info("Broker connection " + connection.getRemoteContainer() + " disconnected"); executeBlocking(() -> schedulerState.brokerRemoved(getGroupId(connection), connection.getRemoteContainer()), "Error removing broker"); connection.disconnect(); }); }); server.listen(port, event -> { if (event.succeeded()) { log.info("QueueScheduler is up and running"); } else { log.error("Error starting queue scheduler", event.cause()); } }); }
private ProtonServer startServer(Future<Void> startPromise, String certDir, boolean isRouteContainer) { ProtonServerOptions serverOptions = new ProtonServerOptions(); if (certDir != null) { serverOptions .setPemKeyCertOptions(new PemKeyCertOptions() .addKeyPath(certDir + "/tls.key") .addCertPath(certDir + "/tls.crt")) .setPemTrustOptions(new PemTrustOptions() .addCertPath(certDir + "/ca.crt")) .setSsl(true); } ProtonServer server = ProtonServer.create(vertx, serverOptions); if (certDir != null) { server.saslAuthenticatorFactory(ExternalSaslAuthenticator::new); } server.connectHandler(connection -> { connection.sessionOpenHandler(ProtonSession::open); connection.receiverOpenHandler(this::receiverOpen); connection.senderOpenHandler(this::senderOpen); connection.openHandler(ar -> connectionOpen(ar, isRouteContainer)); connection.disconnectHandler(conn -> { log.info("Connection disconnected!"); connection.disconnect(); }); connection.closeHandler(handle -> { log.info("Connection closing!"); connection.close(); connection.disconnect(); }); connection.setContainer("dispatch-router-j"); }).listen(0, "localhost", result -> { if (result.succeeded()) { log.info("Started server on port {}", server.actualPort()); startPromise.complete(); } else { startPromise.fail(result.cause()); } }); return server; }
@Test public void withTrustOptions(TestContext tc) throws Exception { PemTrustOptions options = new PemTrustOptions() .addCertValue(Buffer.buffer(Utils.readResource("client-cert.pem"))); go(tc, false, options); }
public ConsulClient createSecureClient(boolean trustAll, PemTrustOptions trustOptions) { ConsulClientOptions options = config(ConsulCluster.writeToken(), true) .setTrustAll(trustAll) .setPemTrustOptions(trustOptions); return creator.apply(options); }
@Override protected void doStart() throws Exception { // TODO: Prepare HttpClientOptions according to the endpoint to improve performance when creating a new // instance of the Vertx client httpClientOptions = new HttpClientOptions(); httpClientOptions.setPipelining(endpoint.getHttpClientOptions().isPipelining()); httpClientOptions.setKeepAlive(endpoint.getHttpClientOptions().isKeepAlive()); httpClientOptions.setIdleTimeout((int) (endpoint.getHttpClientOptions().getIdleTimeout() / 1000)); httpClientOptions.setConnectTimeout((int) endpoint.getHttpClientOptions().getConnectTimeout()); httpClientOptions.setUsePooledBuffers(true); httpClientOptions.setMaxPoolSize(endpoint.getHttpClientOptions().getMaxConcurrentConnections()); httpClientOptions.setTryUseCompression(endpoint.getHttpClientOptions().isUseCompression()); // Configure proxy HttpProxy proxy = endpoint.getHttpProxy(); if (proxy != null && proxy.isEnabled()) { ProxyOptions proxyOptions = new ProxyOptions(); proxyOptions.setHost(proxy.getHost()); proxyOptions.setPort(proxy.getPort()); proxyOptions.setUsername(proxy.getUsername()); proxyOptions.setPassword(proxy.getPassword()); proxyOptions.setType(ProxyType.valueOf(proxy.getType().name())); httpClientOptions.setProxyOptions(proxyOptions); } URI target = URI.create(endpoint.getTarget()); // Configure SSL HttpClientSslOptions sslOptions = endpoint.getHttpClientSslOptions(); if (sslOptions != null && sslOptions.isEnabled()) { httpClientOptions .setSsl(sslOptions.isEnabled()) .setVerifyHost(sslOptions.isHostnameVerifier()) .setTrustAll(sslOptions.isTrustAll()); if (sslOptions.getPem() != null && ! sslOptions.getPem().isEmpty()) { httpClientOptions.setPemTrustOptions( new PemTrustOptions().addCertValue( io.vertx.core.buffer.Buffer.buffer(sslOptions.getPem()))); } } else if(HTTPS_SCHEME.equalsIgnoreCase(target.getScheme())) { // SSL is not configured but the endpoint scheme is HTTPS so let's enable the SSL on Vert.x HTTP client // automatically httpClientOptions.setSsl(true).setTrustAll(true); } printHttpClientConfiguration(httpClientOptions); }
@Override public RestClientOptions setPemTrustOptions(PemTrustOptions options) { super.setPemTrustOptions(options); return this; }
@Override public TelnetTermOptions setPemTrustOptions(PemTrustOptions options) { return (TelnetTermOptions) super.setPemTrustOptions(options); }
@Override public HttpTermOptions setPemTrustOptions(PemTrustOptions options) { return (HttpTermOptions) super.setPemTrustOptions(options); }
@Override public AmqpBridgeOptions setPemTrustOptions(PemTrustOptions options) { super.setPemTrustOptions(options); return this; }
@Override public ProtonServerOptions setPemTrustOptions(PemTrustOptions options) { super.setPemTrustOptions(options); return this; }
@Override public ProtonClientOptions setPemTrustOptions(PemTrustOptions options) { super.setPemTrustOptions(options); return this; }
@Override public WebClientOptions setPemTrustOptions(PemTrustOptions options) { return (WebClientOptions) super.setPemTrustOptions(options); }
@Override public void start() throws Exception { address = MQTTSession.ADDRESS; JsonObject conf = config(); localBridgePort = conf.getInteger("local_bridge_port", 7007); idleTimeout = conf.getInteger("socket_idle_timeout", 120); ssl_cert_key = conf.getString("ssl_cert_key"); ssl_cert = conf.getString("ssl_cert"); ssl_trust = conf.getString("ssl_trust"); // [TCP -> BUS] listen TCP publish to BUS NetServerOptions opt = new NetServerOptions() .setTcpKeepAlive(true) .setIdleTimeout(idleTimeout) .setPort(localBridgePort) ; if(ssl_cert_key != null && ssl_cert != null && ssl_trust != null) { opt.setSsl(true).setClientAuth(ClientAuth.REQUIRED) .setPemKeyCertOptions(new PemKeyCertOptions() .setKeyPath(ssl_cert_key) .setCertPath(ssl_cert) ) .setPemTrustOptions(new PemTrustOptions() .addCertPath(ssl_trust) ) ; } netServer = vertx.createNetServer(opt); netServer.connectHandler(sock -> { final EventBusNetBridge ebnb = new EventBusNetBridge(sock, vertx.eventBus(), address); sock.closeHandler(aVoid -> { logger.info("Bridge Server - closed connection from client ip: " + sock.remoteAddress()); ebnb.stop(); }); sock.exceptionHandler(throwable -> { logger.error("Bridge Server - Exception: " + throwable.getMessage(), throwable); ebnb.stop(); }); logger.info("Bridge Server - new connection from client ip: " + sock.remoteAddress()); RecordParser parser = ebnb.initialHandhakeProtocolParser(); sock.handler(parser::handle); }).listen(); }
@Override public void start() throws Exception { address = MQTTSession.ADDRESS; JsonObject conf = config(); localBridgePort = conf.getInteger("local_bridge_port", 7007); idleTimeout = conf.getInteger("socket_idle_timeout", 120); ssl_cert_key = conf.getString("ssl_cert_key"); ssl_cert = conf.getString("ssl_cert"); ssl_trust = conf.getString("ssl_trust"); // [WebSocket -> BUS] listen WebSocket publish to BUS HttpServerOptions opt = new HttpServerOptions() .setTcpKeepAlive(true) .setIdleTimeout(idleTimeout) .setPort(localBridgePort) ; if(ssl_cert_key != null && ssl_cert != null && ssl_trust != null) { opt.setSsl(true).setClientAuth(ClientAuth.REQUIRED) .setPemKeyCertOptions(new PemKeyCertOptions() .setKeyPath(ssl_cert_key) .setCertPath(ssl_cert) ) .setPemTrustOptions(new PemTrustOptions() .addCertPath(ssl_trust) ) ; } netServer = vertx.createHttpServer(opt); netServer.websocketHandler(sock -> { final EventBusWebsocketBridge ebnb = new EventBusWebsocketBridge(sock, vertx.eventBus(), address); sock.closeHandler(aVoid -> { logger.info("Bridge Server - closed connection from client ip: " + sock.remoteAddress()); ebnb.stop(); }); sock.exceptionHandler(throwable -> { logger.error("Bridge Server - Exception: " + throwable.getMessage(), throwable); ebnb.stop(); }); logger.info("Bridge Server - new connection from client ip: " + sock.remoteAddress()); RecordParser parser = ebnb.initialHandhakeProtocolParser(); sock.handler(parser::handle); }).listen(); }