blob: 006a282e1e05205e2fd9740ba83a97a954bf5564 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
|
// Copyright 2017 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
package com.yahoo.jdisc.http.ssl.impl;
import org.eclipse.jetty.util.resource.Resource;
import org.eclipse.jetty.util.security.CertificateUtils;
import org.eclipse.jetty.util.ssl.SslContextFactory;
import java.security.KeyStore;
import java.util.Objects;
/**
* A modified {@link SslContextFactory} that allows passwordless truststore in combination with password protected keystore.
*
* @author bjorncs
*/
class JDiscSslContextFactory extends SslContextFactory.Server {
private String trustStorePassword;
@Override
public void setTrustStorePassword(String password) {
super.setTrustStorePassword(password);
this.trustStorePassword = password;
}
// Overriden to stop Jetty from using the keystore password if no truststore password is specified.
@Override
protected KeyStore loadTrustStore(Resource resource) throws Exception {
return CertificateUtils.getKeyStore(
resource != null ? resource : getKeyStoreResource(),
Objects.toString(getTrustStoreType(), getKeyStoreType()),
Objects.toString(getTrustStoreProvider(), getKeyStoreProvider()),
trustStorePassword);
}
}
|