diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/http/HttpConfig.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/http/HttpConfig.java index d6180b5fce0..4ed7fbd9865 100644 --- a/hbase-server/src/main/java/org/apache/hadoop/hbase/http/HttpConfig.java +++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/http/HttpConfig.java @@ -27,13 +27,13 @@ import org.apache.hadoop.conf.Configuration; @InterfaceAudience.Private @InterfaceStability.Unstable public class HttpConfig { - private static Policy policy; + private Policy policy; public enum Policy { HTTP_ONLY, HTTPS_ONLY, HTTP_AND_HTTPS; - public static Policy fromString(String value) { + public Policy fromString(String value) { if (HTTPS_ONLY.name().equalsIgnoreCase(value)) { return HTTPS_ONLY; } else if (HTTP_AND_HTTPS.name().equalsIgnoreCase(value)) { @@ -51,27 +51,30 @@ public class HttpConfig { } } - static { - Configuration conf = new Configuration(); + public HttpConfig(final Configuration conf) { boolean sslEnabled = conf.getBoolean( - ServerConfigurationKeys.HBASE_SSL_ENABLED_KEY, - ServerConfigurationKeys.HBASE_SSL_ENABLED_DEFAULT); + ServerConfigurationKeys.HBASE_SSL_ENABLED_KEY, + ServerConfigurationKeys.HBASE_SSL_ENABLED_DEFAULT); policy = sslEnabled ? Policy.HTTPS_ONLY : Policy.HTTP_ONLY; + if (sslEnabled) { + conf.addResource("ssl-server.xml"); + conf.addResource("ssl-client.xml"); + } } - public static void setPolicy(Policy policy) { - HttpConfig.policy = policy; + public void setPolicy(Policy policy) { + this.policy = policy; } - public static boolean isSecure() { + public boolean isSecure() { return policy == Policy.HTTPS_ONLY; } - public static String getSchemePrefix() { + public String getSchemePrefix() { return (isSecure()) ? "https://" : "http://"; } - public static String getScheme(Policy policy) { + public String getScheme(Policy policy) { return policy == Policy.HTTPS_ONLY ? "https://" : "http://"; } } diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/http/InfoServer.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/http/InfoServer.java index ffaaeaa279d..e9b76bc752f 100644 --- a/hbase-server/src/main/java/org/apache/hadoop/hbase/http/InfoServer.java +++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/http/InfoServer.java @@ -54,15 +54,25 @@ public class InfoServer { public InfoServer(String name, String bindAddress, int port, boolean findPort, final Configuration c) throws IOException { + HttpConfig httpConfig = new HttpConfig(c); HttpServer.Builder builder = new org.apache.hadoop.hbase.http.HttpServer.Builder(); - builder - .setName(name) - .addEndpoint(URI.create("http://" + bindAddress + ":" + port)) - .setAppDir(HBASE_APP_DIR).setFindPort(findPort).setConf(c); - String logDir = System.getProperty("hbase.log.dir"); - if (logDir != null) { - builder.setLogDir(logDir); + + builder.setName(name).addEndpoint(URI.create(httpConfig.getSchemePrefix() + + bindAddress + ":" + + port)).setAppDir(HBASE_APP_DIR).setFindPort(findPort).setConf(c); + String logDir = System.getProperty("hbase.log.dir"); + if (logDir != null) { + builder.setLogDir(logDir); + } + if (httpConfig.isSecure()) { + builder.keyPassword(c.get("ssl.server.keystore.keypassword")) + .keyStore(c.get("ssl.server.keystore.location"), + c.get("ssl.server.keystore.password"), + c.get("ssl.server.keystore.type", "jks")) + .trustStore(c.get("ssl.server.truststore.location"), + c.get("ssl.server.truststore.password"), + c.get("ssl.server.truststore.type", "jks")); } this.httpServer = builder.build(); } diff --git a/hbase-server/src/test/java/org/apache/hadoop/hbase/TestHBaseTestingUtility.java b/hbase-server/src/test/java/org/apache/hadoop/hbase/TestHBaseTestingUtility.java index 856cc9e87a4..84ee9636b1d 100644 --- a/hbase-server/src/test/java/org/apache/hadoop/hbase/TestHBaseTestingUtility.java +++ b/hbase-server/src/test/java/org/apache/hadoop/hbase/TestHBaseTestingUtility.java @@ -26,6 +26,7 @@ import static org.junit.Assert.assertTrue; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.apache.hadoop.fs.FileSystem; +import org.apache.hadoop.fs.FileUtil; import org.apache.hadoop.fs.Path; import org.apache.hadoop.hbase.client.Get; import org.apache.hadoop.hbase.client.Put; @@ -35,8 +36,10 @@ import org.apache.hadoop.hbase.testclassification.LargeTests; import org.apache.hadoop.hbase.util.Bytes; import org.apache.hadoop.hbase.zookeeper.MiniZooKeeperCluster; import org.apache.hadoop.hdfs.MiniDFSCluster; +import org.apache.hadoop.hbase.http.ssl.KeyStoreTestUtil; import org.junit.Test; import org.junit.experimental.categories.Category; +import java.io.File; /** * Test our testing utility class @@ -136,6 +139,32 @@ public class TestHBaseTestingUtility { } } + @Test + public void testMiniClusterWithSSLOn() throws Exception { + final String BASEDIR = System.getProperty("test.build.dir", + "target/test-dir") + "/" + TestHBaseTestingUtility.class.getSimpleName(); + String sslConfDir = KeyStoreTestUtil.getClasspathDir(TestHBaseTestingUtility.class); + String keystoresDir = new File(BASEDIR).getAbsolutePath(); + + HBaseTestingUtility hbt = new HBaseTestingUtility(); + File base = new File(BASEDIR); + FileUtil.fullyDelete(base); + base.mkdirs(); + + KeyStoreTestUtil.setupSSLConfig(keystoresDir, sslConfDir, hbt.getConfiguration(), false); + + hbt.getConfiguration().set("hbase.ssl.enabled", "true"); + hbt.getConfiguration().addResource("ssl-server.xml"); + hbt.getConfiguration().addResource("ssl-client.xml"); + + MiniHBaseCluster cluster = hbt.startMiniCluster(); + try { + assertEquals(1, cluster.getLiveRegionServerThreads().size()); + } finally { + hbt.shutdownMiniCluster(); + } + } + /** * Test that we can start and stop multiple time a cluster * with the same HBaseTestingUtility.