private void addTlsTrustOptions(final ProtonClientOptions clientOptions) { if (config.isTlsEnabled()) { clientOptions.setSsl(true); } if (clientOptions.getTrustOptions() == null) { TrustOptions trustOptions = config.getTrustOptions(); if (trustOptions != null) { clientOptions.setSsl(true).setTrustOptions(trustOptions); } } if (clientOptions.isSsl()) { if (config.isHostnameVerificationRequired()) { clientOptions.setHostnameVerificationAlgorithm("HTTPS"); } else { clientOptions.setHostnameVerificationAlgorithm(""); } } }
/** * Copies TLS trust store configuration to a given set of server options. * <p> * The trust store configuration is taken from <em>config</em> and will * be added only if the <em>ssl</em> flag is set on the given server options. * * @param serverOptions The options to add configuration to. */ protected final void addTlsTrustOptions(final NetServerOptions serverOptions) { if (serverOptions.isSsl() && serverOptions.getTrustOptions() == null) { TrustOptions trustOptions = getConfig().getTrustOptions(); if (trustOptions != null) { serverOptions.setTrustOptions(trustOptions).setClientAuth(ClientAuth.REQUEST); LOG.info("enabling TLS for client authentication"); } } }
/** * Gets the trust options derived from the trust store properties. * * @return The trust options or {@code null} if trust store path is not set or not supported. */ public final TrustOptions getTrustOptions() { if (trustStorePath == null) { return null; } final FileFormat format = FileFormat.orDetect(trustStoreFormat, trustStorePath); if (format == null) { LOG.debug("unsupported trust store format"); return null; } switch (format) { case PEM: LOG.debug("using certificates from file [{}] as trust anchor", trustStorePath); return new PemTrustOptions().addCertPath(trustStorePath); case PKCS12: LOG.debug("using certificates from PKCS12 key store [{}] as trust anchor", trustStorePath); return new PfxOptions() .setPath(getTrustStorePath()) .setPassword(getTrustStorePassword()); case JKS: LOG.debug("using certificates from JKS key store [{}] as trust anchor", trustStorePath); return new JksOptions() .setPath(getTrustStorePath()) .setPassword(getTrustStorePassword()); default: LOG.debug("unsupported trust store format: {}", format); return null; } }
@Override public PgConnectOptions setTrustOptions(TrustOptions options) { return (PgConnectOptions)super.setTrustOptions(options); }
public TrustAndKeyProvider(TrustOptions trust, KeyCertOptions keyCert) { this.trust = trust; this.keyCert = keyCert; }
/** * @return trust options for the wrapped provider implementation. */ public TrustOptions trustOptions() { return trust; }
@Override public MqttServerOptions setTrustOptions(TrustOptions options) { super.setTrustOptions(options); return this; }
@Override public MqttClientOptions setTrustOptions(TrustOptions options) { super.setTrustOptions(options); return this; }
@Override public AmqpBridgeOptions setTrustOptions(TrustOptions options) { super.setTrustOptions(options); return this; }
@Override public ProtonServerOptions setTrustOptions(TrustOptions options) { super.setTrustOptions(options); return this; }
@Override public ProtonClientOptions setTrustOptions(TrustOptions options) { super.setTrustOptions(options); return this; }
@Override public WebClientOptions setTrustOptions(TrustOptions options) { return (WebClientOptions) super.setTrustOptions(options); }
