Issue #215 Conscrypt SSL provider

Added module to install Conscrupt SSL provider
This commit is contained in:
Greg Wilkins 2017-08-02 11:52:31 +10:00
parent 29d4fcf80e
commit 7298bed572
4 changed files with 38 additions and 0 deletions

View File

@ -0,0 +1,27 @@
[description]
Installs the Conscrypt JSSE provider
[tags]
3rdparty
[depend]
ssl
[files]
maven://org.conscrypt/conscrypt-openjdk-uber/${conscrypt.version}|lib/conscrypt/conscrypt-uber-${conscrypt.version}.jar
basehome:modules/conscrypt/conscrypt.xml|etc/conscrypt.xml
[lib]
lib/conscrypt/**.jar
[xml]
etc/conscrypt.xml
[license]
Conscrypt is distributed under the Apache Licence 2.0
https://github.com/google/conscrypt/blob/master/LICENSE
[ini]
conscrypt.version?=1.0.0.RC8
jetty.sslContext.provider?=AndroidOpenSSL

View File

@ -0,0 +1,7 @@
<?xml version="1.0"?>
<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_3.dtd">
<Configure id="Conscrypt" class="org.conscrypt.OpenSSLProvider">
<Call class="java.security.Security" name="addProvider">
<Arg><Ref refid="Conscrypt"/></Arg>
</Call>
</Configure>

View File

@ -11,6 +11,7 @@
-->
<Configure id="sslContextFactory" class="org.eclipse.jetty.util.ssl.SslContextFactory">
<Set name="Provider"><Property name="jetty.sslContext.provider"/></Set>
<Set name="KeyStorePath"><Property name="jetty.base" default="." />/<Property name="jetty.sslContext.keyStorePath" deprecated="jetty.keystore" default="etc/keystore"/></Set>
<Set name="KeyStorePassword"><Property name="jetty.sslContext.keyStorePassword" deprecated="jetty.keystore.password" default="OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4"/></Set>
<Set name="KeyStoreType"><Property name="jetty.sslContext.keyStoreType" default="JKS"/></Set>

View File

@ -63,6 +63,9 @@ basehome:modules/ssl/keystore|etc/keystore
## Note that OBF passwords are not secure, just protected from casual observation
## See http://www.eclipse.org/jetty/documentation/current/configuring-security-secure-passwords.html
## SSL JSSE Provider
# jetty.sslContext.provider=
## Keystore file path (relative to $jetty.base)
# jetty.sslContext.keyStorePath=etc/keystore