• Home
• io.druid
• tranquility-core_2.11
• 0.8.3
• source code
• SSLContextMaker.scala

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.metamx.tranquility.security.SSLContextMaker.scala Maven / Gradle / Ivy

package com.metamx.tranquility.security

import java.io.FileInputStream
import java.io.IOException
import java.security.{NoSuchAlgorithmException, KeyStoreException, KeyManagementException, KeyStore}
import java.security.cert.CertificateException
import javax.net.ssl.{TrustManagerFactory, SSLContext}

import com.metamx.common.scala.Logging

object SSLContextMaker extends Logging
{
  def createSSLContextOption(
    tlsEnable: Option[Boolean] = None,
    tlsProtocol: Option[String] = None,
    tlsTrustStoreType: Option[String] = None,
    tlsTrustStorePath: Option[String] = None,
    tlsTrustStoreAlgorithm: Option[String] = None,
    tlsTrustStorePassword: Option[String] = None
  ): Option[SSLContext] =
  {
    if (!tlsEnable.isDefined || !tlsEnable.get) {
      log.info("TLS is not enabled, skipping SSLContext creation.")
      None
    } else {
      log.info("TLS is enabled, creating SSLContext.")

      var sslContext: SSLContext = null
      try {
        sslContext = SSLContext.getInstance(tlsProtocol.getOrElse("TLSv1.2"))
        var keyStore = KeyStore.getInstance(tlsTrustStoreType.getOrElse(KeyStore.getDefaultType()))
        keyStore.load(
          new FileInputStream(tlsTrustStorePath.getOrElse("")),
          tlsTrustStorePassword.getOrElse("").toCharArray
        )
        var trustManagerFactory = TrustManagerFactory.getInstance(
          tlsTrustStoreAlgorithm.getOrElse(TrustManagerFactory.getDefaultAlgorithm())
        )
        trustManagerFactory.init(keyStore)
        sslContext.init(null, trustManagerFactory.getTrustManagers, null)
      }
      catch {
        case ex@(_: CertificateException |
                 _: KeyManagementException |
                 _: IOException |
                 _: KeyStoreException |
                 _: NoSuchAlgorithmException) =>
          throw new RuntimeException(ex)
      }

      Some(sslContext)
    }
  }
}