X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;ds=sidebyside;f=src%2Fmain%2Fjava%2Forg%2Fonap%2Fdmaap%2Fdbcapi%2Fserver%2FJettyServer.java;h=4b578b4431b441847e8d9ddd107047af5cc28930;hb=57e352bd4a9ccf0e84cb3289e96d35238e73b667;hp=81c08b2c0751897de0fd8bd9730afc990683ec15;hpb=cee37b37655ed5a52078e37c7da51c887e2d73e5;p=dmaap%2Fdbcapi.git diff --git a/src/main/java/org/onap/dmaap/dbcapi/server/JettyServer.java b/src/main/java/org/onap/dmaap/dbcapi/server/JettyServer.java index 81c08b2..4b578b4 100644 --- a/src/main/java/org/onap/dmaap/dbcapi/server/JettyServer.java +++ b/src/main/java/org/onap/dmaap/dbcapi/server/JettyServer.java @@ -53,12 +53,8 @@ public class JettyServer extends BaseLoggingClass { boolean allowHttp = Boolean.valueOf(params.getProperty("HttpAllowed", "false")); serverLogger.info( "port params: http=" + httpPort + " https=" + sslPort ); serverLogger.info( "allowHttp=" + allowHttp ); - String keystore=null; - String keystorePwd = null; - String keyPwd = null; - - // HTTP Server + // HTTP Server HttpConfiguration http_config = new HttpConfiguration(); http_config.setSecureScheme("https"); http_config.setSecurePort(sslPort); @@ -76,16 +72,9 @@ public class JettyServer extends BaseLoggingClass { HttpConfiguration https_config = new HttpConfiguration(http_config); https_config.addCustomizer(new SecureRequestCustomizer()); SslContextFactory sslContextFactory = new SslContextFactory(); - keystore = params.getProperty("KeyStoreFile", "etc/keystore"); - logger.info("https Server using keystore at " + keystore); - keystorePwd = params.getProperty("KeyStorePassword", "changeit"); - keyPwd = params.getProperty("KeyPassword", "changeit"); - - - sslContextFactory.setKeyStorePath(keystore); - sslContextFactory.setKeyStorePassword(keystorePwd); - sslContextFactory.setKeyManagerPassword(keyPwd); + setUpKeystore(params, sslContextFactory); + setUpTrustStore(params, sslContextFactory); if (sslPort != 0) { try(ServerConnector sslConnector = new ServerConnector(server, @@ -110,7 +99,7 @@ public class JettyServer extends BaseLoggingClass { } } } - + // Set context for servlet. This is shared for http and https ServletContextHandler context = new ServletContextHandler(ServletContextHandler.SESSIONS); context.setContextPath("/"); @@ -138,11 +127,25 @@ public class JettyServer extends BaseLoggingClass { } } catch ( Exception e ) { errorLogger.error( "Exception " + e ); - errorLogger.error( "possibly unable to use keystore " + keystore + " with passwords " + keystorePwd + " and " + keyPwd ); - //System.exit(1); } finally { server.destroy(); } } + + private void setUpKeystore(Properties params, SslContextFactory sslContextFactory) { + String keystore = params.getProperty("KeyStoreFile", "etc/keystore"); + logger.info("https Server using keystore at " + keystore); + sslContextFactory.setKeyStorePath(keystore); + sslContextFactory.setKeyStorePassword(params.getProperty("KeyStorePassword", "changeit")); + sslContextFactory.setKeyManagerPassword(params.getProperty("KeyPassword", "changeit")); + } + + private void setUpTrustStore(Properties params, SslContextFactory sslContextFactory) { + String truststore = params.getProperty("TrustStoreFile", "etc/org.onap.dmaap-bc.trust.jks"); + logger.info("https Server using truststore at " + truststore); + sslContextFactory.setTrustStorePath(truststore); + sslContextFactory.setTrustStoreType(params.getProperty("TrustStoreType", "jks")); + sslContextFactory.setTrustStorePassword(params.getProperty("TrustStorePassword", "changeit")); + } }