+ Server server = new Server();
+
+ // HTTP configuration
+ HttpConfiguration httpConfiguration = new HttpConfiguration();
+ httpConfiguration.setRequestHeaderSize(2048);
+
+ // HTTP connector
+ try (ServerConnector httpServerConnector = new ServerConnector(server,
+ new HttpConnectionFactory(httpConfiguration))) {
+ httpServerConnector.setPort(nodeConfigManager.getHttpPort());
+ httpServerConnector.setIdleTimeout(2000);
+
+ // HTTPS configuration
+ SslContextFactory sslContextFactory = new SslContextFactory();
+ sslContextFactory.setKeyStoreType(nodeConfigManager.getKSType());
+ sslContextFactory.setKeyStorePath(nodeConfigManager.getKSFile());
+ sslContextFactory.setKeyStorePassword(nodeConfigManager.getKSPass());
+ sslContextFactory.setKeyManagerPassword(nodeConfigManager.getKPass());
+
+ //SP-6: Fixes for SDV scan to exclude/remove DES/3DES
+ // ciphers are taken care by upgrading jdk in descriptor.xml
+ sslContextFactory.setExcludeCipherSuites(
+ "SSL_RSA_WITH_DES_CBC_SHA",
+ "SSL_DHE_RSA_WITH_DES_CBC_SHA",
+ "SSL_DHE_DSS_WITH_DES_CBC_SHA",
+ "SSL_RSA_EXPORT_WITH_RC4_40_MD5",
+ "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA",
+ "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA",
+ "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA"
+ );
+
+ sslContextFactory.addExcludeProtocols("SSLv3");
+ sslContextFactory.setIncludeProtocols(nodeConfigManager.getEnabledprotocols());
+ nodeMainLogger.debug("NODE00004 Unsupported protocols node server:-"
+ + String.join(",", sslContextFactory.getExcludeProtocols()));
+ nodeMainLogger.debug("NODE00004 Supported protocols node server:-"
+ + String.join(",", sslContextFactory.getIncludeProtocols()));
+ nodeMainLogger.debug("NODE00004 Unsupported ciphers node server:-"
+ + String.join(",", sslContextFactory.getExcludeCipherSuites()));
+
+ HttpConfiguration httpsConfiguration = new HttpConfiguration(httpConfiguration);
+ httpsConfiguration.setRequestHeaderSize(8192);
+
+ SecureRequestCustomizer secureRequestCustomizer = new SecureRequestCustomizer();
+ secureRequestCustomizer.setStsMaxAge(2000);
+ secureRequestCustomizer.setStsIncludeSubDomains(true);
+ httpsConfiguration.addCustomizer(secureRequestCustomizer);
+
+ // HTTPS connector
+ try (ServerConnector httpsServerConnector = new ServerConnector(server,
+ new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()),
+ new HttpConnectionFactory(httpsConfiguration))) {
+
+ httpsServerConnector.setPort(nodeConfigManager.getHttpsPort());
+ httpsServerConnector.setIdleTimeout(3600000);
+ httpsServerConnector.setAcceptQueueSize(2);
+
+ //Context Handler
+ ServletContextHandler servletContextHandler = new ServletContextHandler(0);
+ servletContextHandler.setContextPath("/");
+ servletContextHandler.addServlet(new ServletHolder(new NodeServlet(delivery)), "/*");
+
+ //CADI Filter activation check
+ if (nodeConfigManager.getCadiEnabled()) {
+ enableCadi(servletContextHandler);
+ }
+
+ server.setHandler(servletContextHandler);
+ server.setConnectors(new Connector[]{httpServerConnector, httpsServerConnector});
+ }
+ }
+
+ try {
+ server.start();
+ nodeMainLogger.debug("NODE00006 Node Server started-" + server.getState());
+ } catch (Exception e) {
+ nodeMainLogger.error("NODE00006 Jetty failed to start. Reporting will we unavailable: " + e.getMessage(), e);
+ }
+ server.join();
+ nodeMainLogger.debug("NODE00007 Node Server joined - " + server.getState());
+ }