-
Notifications
You must be signed in to change notification settings - Fork 912
/
SSLAutoReloadTest.java
85 lines (72 loc) · 3.7 KB
/
SSLAutoReloadTest.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.activemq.artemis.tests.integration.ssl;
import java.io.File;
import java.util.HashMap;
import java.util.Map;
import org.apache.activemq.artemis.api.core.TransportConfiguration;
import org.apache.activemq.artemis.api.core.client.ActiveMQClient;
import org.apache.activemq.artemis.api.core.client.ServerLocator;
import org.apache.activemq.artemis.core.config.impl.ConfigurationImpl;
import org.apache.activemq.artemis.core.remoting.impl.netty.TransportConstants;
import org.apache.activemq.artemis.core.server.ActiveMQServer;
import org.apache.activemq.artemis.tests.util.ActiveMQTestBase;
import org.apache.activemq.artemis.utils.Wait;
import org.junit.Test;
/**
* See the tests/security-resources/build.sh script for details on the security resources used.
*/
public class SSLAutoReloadTest extends ActiveMQTestBase {
private final String PASSWORD = "securepass";
@Test
public void testOneWaySSLWithAutoReload() throws Exception {
File parentDir = new File(temporaryFolder.getRoot(), "sub");
parentDir.mkdirs();
// reference keystore from temp location that we can update
final File keyStoreToReload = new File(parentDir, "server-ks.p12");
copyRecursive(new File(this.getClass().getClassLoader().getResource("unknown-server-keystore.p12").getFile()), keyStoreToReload);
Map<String, Object> params = new HashMap<>();
params.put(TransportConstants.SSL_AUTO_RELOAD_PROP_NAME, true);
params.put(TransportConstants.SSL_ENABLED_PROP_NAME, true);
params.put(TransportConstants.KEYSTORE_PATH_PROP_NAME, keyStoreToReload.getAbsolutePath());
params.put(TransportConstants.KEYSTORE_PASSWORD_PROP_NAME, PASSWORD);
params.put(TransportConstants.HOST_PROP_NAME, "localhost");
ConfigurationImpl config = createBasicConfig().addAcceptorConfiguration(new TransportConfiguration(NETTY_ACCEPTOR_FACTORY, params, "nettySSL"));
ActiveMQServer server = createServer(false, config);
server.getConfiguration().setConfigurationFileRefreshPeriod(50);
server.start();
waitForServerToStart(server);
String url = "tcp://127.0.0.1:61616?sslEnabled=true;trustStorePath=server-ca-truststore.p12;trustStorePassword=" + PASSWORD;
ServerLocator locator = addServerLocator(ActiveMQClient.createServerLocator(url)).setCallTimeout(3000);
try {
createSessionFactory(locator);
fail("Creating session here should fail due to SSL handshake problems.");
} catch (Exception ignored) {
}
// update the server side keystore
copyRecursive(new File(this.getClass().getClassLoader().getResource("server-keystore.p12").getFile()), keyStoreToReload);
// expect success after auto reload, which we wait for
Wait.waitFor(() -> {
try {
addSessionFactory(createSessionFactory(locator));
return true;
} catch (Throwable ignored) {
}
return false;
}, 5000, 100);
}
}