316382: support a more strict SSL option with certificates
git-svn-id: svn+ssh://dev.eclipse.org/svnroot/rt/org.eclipse.jetty/jetty/trunk@2801 7e9141cc-0065-0410-87d8-b60c137991c4
This commit is contained in:
parent
fafe5c905e
commit
603942da1f
|
@ -118,7 +118,7 @@ public class SslContextFactory extends AbstractLifeCycle
|
||||||
/** Keystore password */
|
/** Keystore password */
|
||||||
private transient Password _keyStorePassword;
|
private transient Password _keyStorePassword;
|
||||||
/** Key manager password */
|
/** Key manager password */
|
||||||
private transient Password _keymanagerPassword;
|
private transient Password _keyManagerPassword;
|
||||||
/** Truststore password */
|
/** Truststore password */
|
||||||
private transient Password _trustStorePassword;
|
private transient Password _trustStorePassword;
|
||||||
|
|
||||||
|
@ -168,6 +168,8 @@ public class SslContextFactory extends AbstractLifeCycle
|
||||||
*/
|
*/
|
||||||
@Override
|
@Override
|
||||||
protected void doStart() throws Exception
|
protected void doStart() throws Exception
|
||||||
|
{
|
||||||
|
if (_context == null)
|
||||||
{
|
{
|
||||||
if (_keyStoreInputStream == null && _keyStorePath == null &&
|
if (_keyStoreInputStream == null && _keyStorePath == null &&
|
||||||
_trustStoreInputStream == null && _trustStorePath == null )
|
_trustStoreInputStream == null && _trustStorePath == null )
|
||||||
|
@ -197,6 +199,7 @@ public class SslContextFactory extends AbstractLifeCycle
|
||||||
createSSLContext();
|
createSSLContext();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
/* ------------------------------------------------------------ */
|
/* ------------------------------------------------------------ */
|
||||||
/**
|
/**
|
||||||
|
@ -548,7 +551,7 @@ public class SslContextFactory extends AbstractLifeCycle
|
||||||
{
|
{
|
||||||
checkStarted();
|
checkStarted();
|
||||||
|
|
||||||
_keymanagerPassword = Password.getPassword(KEYPASSWORD_PROPERTY,password,null);
|
_keyManagerPassword = Password.getPassword(KEYPASSWORD_PROPERTY,password,null);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* ------------------------------------------------------------ */
|
/* ------------------------------------------------------------ */
|
||||||
|
@ -791,7 +794,7 @@ public class SslContextFactory extends AbstractLifeCycle
|
||||||
if (keyStore != null)
|
if (keyStore != null)
|
||||||
{
|
{
|
||||||
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(_keyManagerFactoryAlgorithm);
|
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(_keyManagerFactoryAlgorithm);
|
||||||
keyManagerFactory.init(keyStore,_keymanagerPassword == null?(_keyStorePassword == null?null:_keyStorePassword.toString().toCharArray()):_keymanagerPassword.toString().toCharArray());
|
keyManagerFactory.init(keyStore,_keyManagerPassword == null?(_keyStorePassword == null?null:_keyStorePassword.toString().toCharArray()):_keyManagerPassword.toString().toCharArray());
|
||||||
managers = keyManagerFactory.getKeyManagers();
|
managers = keyManagerFactory.getKeyManagers();
|
||||||
|
|
||||||
if (_certAlias != null)
|
if (_certAlias != null)
|
||||||
|
|
Loading…
Reference in New Issue