+ // SSL Context
+ SslContextFactory sslContextFactory = new SslContextFactory();
+ sslContextFactory.setKeyStoreType(AafPropsUtils.KEYSTORE_TYPE_PROPERTY);
+ sslContextFactory.setKeyStorePath(aafPropsUtils.getKeystorePathProperty());
+ sslContextFactory.setKeyStorePassword(aafPropsUtils.getKeystorePassProperty());
+ sslContextFactory.setKeyManagerPassword(aafPropsUtils.getKeystorePassProperty());
+
+ String truststorePathProperty = aafPropsUtils.getTruststorePathProperty();
+ if (truststorePathProperty != null && truststorePathProperty.length() > 0) {
+ intlogger.info("@@ TS -> " + truststorePathProperty);
+ sslContextFactory.setTrustStoreType(AafPropsUtils.TRUESTSTORE_TYPE_PROPERTY);
+ sslContextFactory.setTrustStorePath(truststorePathProperty);
+ sslContextFactory.setTrustStorePassword(aafPropsUtils.getTruststorePassProperty());
+ } else {
+ sslContextFactory.setTrustStorePath(AafPropsUtils.DEFAULT_TRUSTSTORE);
+ sslContextFactory.setTrustStorePassword("changeit");
+ }
+
+ sslContextFactory.setWantClientAuth(true);
+ sslContextFactory.setExcludeCipherSuites(
+ "SSL_RSA_WITH_DES_CBC_SHA",
+ "SSL_DHE_RSA_WITH_DES_CBC_SHA",
+ "SSL_DHE_DSS_WITH_DES_CBC_SHA",
+ "SSL_RSA_EXPORT_WITH_RC4_40_MD5",
+ "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA",
+ "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA",
+ "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA"
+ );
+ sslContextFactory.addExcludeProtocols("SSLv3");
+ sslContextFactory.setIncludeProtocols(provProperties.getProperty(
+ "org.onap.dmaap.datarouter.provserver.https.include.protocols",
+ "TLSv1.1|TLSv1.2").trim().split("\\|"));
+
+ intlogger.info("Not supported protocols prov server:-"
+ + String.join(",", sslContextFactory.getExcludeProtocols()));
+ intlogger.info("Supported protocols prov server:-"
+ + String.join(",", sslContextFactory.getIncludeProtocols()));
+ intlogger.info("Not supported ciphers prov server:-"
+ + String.join(",", sslContextFactory.getExcludeCipherSuites()));
+ intlogger.info("Supported ciphers prov server:-"
+ + String.join(",", sslContextFactory.getIncludeCipherSuites()));
+