Skip to content

How to enable WSS

Jump to bottom
Thomas Volden edited this page Sep 15, 2017 · 11 revisions

WSS Server

In order to create a secure channel, you have to provide the server with a certificate. Once this is done, you should be able to start the server as normal.

The following code is taken from a Java-Websocket example: https://github.com/TooTallNate/Java-WebSocket/blob/master/src/main/example/SSLServerExample.java

	// load up the key store
	String STORETYPE = "JKS";
	String KEYSTORE = "keystore.jks";
	String STOREPASSWORD = "storepassword";
	String KEYPASSWORD = "keypassword";

	KeyStore ks = KeyStore.getInstance( STORETYPE );
	File kf = new File( KEYSTORE );
	ks.load( new FileInputStream( kf ), STOREPASSWORD.toCharArray() );

	KeyManagerFactory kmf = KeyManagerFactory.getInstance( "SunX509" );
	kmf.init( ks, KEYPASSWORD.toCharArray() );
	TrustManagerFactory tmf = TrustManagerFactory.getInstance( "SunX509" );
	tmf.init( ks );

	SSLContext sslContext = null;
	sslContext = SSLContext.getInstance( "TLS" );
	sslContext.init( kmf.getKeyManagers(), tmf.getTrustManagers(), null );`

Once you have the certificate as a SSLContext, you can enable WSS.

I have modified the default example code to demonstrate: https://github.com/ChargeTimeEU/Java-OCA-OCPP/blob/master/ocpp-v1_6-example/src/main/core_features/JSONServerSample.java#L123-L138

    server = new JSONServer(core);
    server.enableWSS(sslContext); // Provide certificate to enable WSS
    server.open("localhost", 8887, new ServerEvents() {

        @Override
        public void newSession(UUID sessionIndex, SessionInformation information) {

            // sessionIndex is used to send messages.
            System.out.println("New session " + sessionIndex + ": " + information.getIdentifier());
        }

        @Override
        public void lostSession(UUID sessionIndex) {
        }
    });

WSS Client

To enable wss for the client, you need to do somewhat the same setup as the server, please see the following taken from this example: https://github.com/TooTallNate/Java-WebSocket/blob/master/src/main/example/SSLClientExample.java#L87-L104

	// load up the key store
	String STORETYPE = "JKS";
	String KEYSTORE = "keystore.jks";
	String STOREPASSWORD = "storepassword";
	String KEYPASSWORD = "keypassword";

	KeyStore ks = KeyStore.getInstance( STORETYPE );
	File kf = new File( KEYSTORE );
	ks.load( new FileInputStream( kf ), STOREPASSWORD.toCharArray() );

	KeyManagerFactory kmf = KeyManagerFactory.getInstance( "SunX509" );
	kmf.init( ks, KEYPASSWORD.toCharArray() );
	TrustManagerFactory tmf = TrustManagerFactory.getInstance( "SunX509" );
	tmf.init( ks );

	SSLContext sslContext = null;
	sslContext = SSLContext.getInstance( "TLS" );
	sslContext.init( kmf.getKeyManagers(), tmf.getTrustManagers(), null );

Now that you have a sslContext prepared, you can pass it on to the client. I have modified an example to do this: https://github.com/ChargeTimeEU/Java-OCA-OCPP/blob/master/ocpp-v1_6-example/src/main/core_features/JSONClientSample.java#L125-L126

    client = new JSONClient(core, "chargeboxIdentity");
    client.enableWSS(sslContext);
    client.connect("ws://hostname:8887", null);
Clone this wiki locally