2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END=========================================================
21 package org.openecomp.sdc.fe.utils;
23 import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
24 import org.apache.http.ssl.SSLContexts;
26 import javax.net.ssl.SSLContext;
28 import java.io.FileInputStream;
29 import java.io.IOException;
30 import java.security.GeneralSecurityException;
31 import java.security.KeyStore;
32 import java.util.Properties;
34 public class JettySSLUtils {
35 private JettySSLUtils() {
38 public static JettySslConfig getSSLConfig() throws IOException {
39 Properties sslProperties = new Properties();
41 String sslPropsPath = System.getenv("JETTY_BASE") + File.separator + "/start.d/ssl.ini";
42 File sslPropsFile = new File(sslPropsPath);
43 try (FileInputStream fis = new FileInputStream(sslPropsFile)) {
44 sslProperties.load(fis);
47 return new JettySslConfig(sslProperties);
51 public static SSLContext getSslContext() throws GeneralSecurityException, IOException {
52 JettySSLUtils.JettySslConfig sslProperties = JettySSLUtils.getSSLConfig();
54 KeyStore trustStore = KeyStore.getInstance(sslProperties.getTruststoreType());
55 try (FileInputStream instream = new FileInputStream(new File(sslProperties.getTruststorePath()));
57 trustStore.load(instream, (sslProperties.getTruststorePass()).toCharArray());
60 KeyStore keystore = KeyStore.getInstance(sslProperties.getKeystoreType());
61 try (FileInputStream instream = new FileInputStream(new File(sslProperties.getKeystorePath()));
63 keystore.load(instream, sslProperties.getKeystorePass().toCharArray());
66 // Trust own CA and all self-signed certs
67 return SSLContexts.custom()
68 .loadKeyMaterial(keystore, sslProperties.getKeystorePass().toCharArray())
69 .loadTrustMaterial(trustStore, new TrustSelfSignedStrategy())
74 public static class JettySslConfig {
75 Properties sslProperties;
76 static final String JETTY_BASE = System.getenv("JETTY_BASE");
78 JettySslConfig(Properties sslProperties) {
79 this.sslProperties = sslProperties;
82 public String getJettyBase() {
83 return JettySslConfig.JETTY_BASE;
86 public String getKeystorePath() {
87 return sslProperties.getProperty("jetty.sslContext.keyStorePath");
90 public String getKeystorePass() {
91 return sslProperties.getProperty("jetty.sslContext.keyStorePassword");
94 public String getKeystoreType() {
95 return sslProperties.getProperty("jetty.sslContext.keyStoreType");
98 public String getTruststorePath() {
99 return sslProperties.getProperty("jetty.sslContext.trustStorePath");
102 public String getTruststorePass() {
103 return sslProperties.getProperty("jetty.sslContext.trustStorePassword");
106 public String getTruststoreType() {
107 return sslProperties.getProperty("jetty.sslContext.trustStoreType");
110 public String getKeyStoreManager() {
111 return sslProperties.getProperty("jetty.sslContext.keyManagerPassword");
114 public Boolean getNeedClientAuth() {
115 if (sslProperties.containsKey("jetty.sslContext.needClientAuth")) {
116 return Boolean.valueOf(sslProperties.getProperty("jetty.sslContext.needClientAuth"));
118 return Boolean.FALSE;
122 public String getProperty(String key) {
123 return sslProperties.getProperty(key);