diff --git a/flink-runtime/src/main/java/org/apache/flink/runtime/net/SSLUtils.java b/flink-runtime/src/main/java/org/apache/flink/runtime/net/SSLUtils.java index 99614baa0828d..74000c58c949a 100644 --- a/flink-runtime/src/main/java/org/apache/flink/runtime/net/SSLUtils.java +++ b/flink-runtime/src/main/java/org/apache/flink/runtime/net/SSLUtils.java @@ -382,6 +382,7 @@ public static SslContext createRestNettySSLContext( } String[] sslProtocols = getEnabledProtocols(config); + List ciphers = Arrays.asList(getEnabledCipherSuites(config)); final SslContextBuilder sslContextBuilder; if (clientMode) { @@ -403,6 +404,7 @@ public static SslContext createRestNettySSLContext( return sslContextBuilder .sslProvider(provider) .protocols(sslProtocols) + .ciphers(ciphers) .clientAuth(clientAuth) .build(); } diff --git a/flink-runtime/src/test/java/org/apache/flink/runtime/net/SSLUtilsTest.java b/flink-runtime/src/test/java/org/apache/flink/runtime/net/SSLUtilsTest.java index 2419501646570..2a71e4e965001 100644 --- a/flink-runtime/src/test/java/org/apache/flink/runtime/net/SSLUtilsTest.java +++ b/flink-runtime/src/test/java/org/apache/flink/runtime/net/SSLUtilsTest.java @@ -22,15 +22,16 @@ import org.apache.flink.configuration.IllegalConfigurationException; import org.apache.flink.configuration.SecurityOptions; import org.apache.flink.runtime.io.network.netty.SSLHandlerFactory; -import org.apache.flink.util.TestLogger; import org.apache.flink.shaded.netty4.io.netty.buffer.UnpooledByteBufAllocator; +import org.apache.flink.shaded.netty4.io.netty.handler.ssl.ClientAuth; +import org.apache.flink.shaded.netty4.io.netty.handler.ssl.JdkSslContext; import org.apache.flink.shaded.netty4.io.netty.handler.ssl.OpenSsl; import org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslHandler; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.junit.runners.Parameterized; +import org.junit.jupiter.api.Test; +import org.junit.jupiter.params.ParameterizedTest; +import org.junit.jupiter.params.provider.MethodSource; import javax.net.ssl.SSLServerSocket; @@ -48,22 +49,18 @@ import java.util.List; import java.util.Locale; -import static org.hamcrest.Matchers.arrayContainingInAnyOrder; -import static org.hamcrest.Matchers.containsString; -import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertNotNull; -import static org.junit.Assert.assertThat; -import static org.junit.Assert.assertTrue; -import static org.junit.Assert.fail; +import static org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslProvider.JDK; +import static org.apache.flink.util.Preconditions.checkNotNull; +import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatThrownBy; /** Tests for the {@link SSLUtils}. */ -@RunWith(Parameterized.class) -public class SSLUtilsTest extends TestLogger { +public class SSLUtilsTest { private static final String TRUST_STORE_PATH = - SSLUtilsTest.class.getResource("/local127.truststore").getFile(); + checkNotNull(SSLUtilsTest.class.getResource("/local127.truststore")).getFile(); private static final String KEY_STORE_PATH = - SSLUtilsTest.class.getResource("/local127.keystore").getFile(); + checkNotNull(SSLUtilsTest.class.getResource("/local127.keystore")).getFile(); private static final String TRUST_STORE_PASSWORD = "password"; private static final String KEY_STORE_PASSWORD = "password"; @@ -73,286 +70,249 @@ public class SSLUtilsTest extends TestLogger { static { if (System.getProperty("flink.tests.with-openssl") != null) { - assertTrue( - "openSSL not available but required (property 'flink.tests.with-openssl' is set)", - OpenSsl.isAvailable()); + assertThat(OpenSsl.isAvailable()).isTrue(); AVAILABLE_SSL_PROVIDERS = Arrays.asList("JDK", "OPENSSL"); } else { AVAILABLE_SSL_PROVIDERS = Collections.singletonList("JDK"); } } - @Parameterized.Parameter public String sslProvider; - - @Parameterized.Parameters(name = "SSL provider = {0}") - public static List parameters() { + private static List parameters() { return AVAILABLE_SSL_PROVIDERS; } @Test - public void testSocketFactoriesWhenSslDisabled() throws Exception { + void testSocketFactoriesWhenSslDisabled() { Configuration config = new Configuration(); - try { - SSLUtils.createSSLServerSocketFactory(config); - fail("exception expected"); - } catch (IllegalConfigurationException ignored) { - } + assertThatThrownBy(() -> SSLUtils.createSSLServerSocketFactory(config)) + .isInstanceOf(IllegalConfigurationException.class); - try { - SSLUtils.createSSLClientSocketFactory(config); - fail("exception expected"); - } catch (IllegalConfigurationException ignored) { - } + assertThatThrownBy(() -> SSLUtils.createSSLClientSocketFactory(config)) + .isInstanceOf(IllegalConfigurationException.class); } // ------------------------ REST client -------------------------- /** Tests if REST Client SSL is created given a valid SSL configuration. */ - @Test - public void testRESTClientSSL() throws Exception { - Configuration clientConfig = createRestSslConfigWithTrustStore(); + @ParameterizedTest + @MethodSource("parameters") + void testRESTClientSSL(String sslProvider) throws Exception { + Configuration clientConfig = createRestSslConfigWithTrustStore(sslProvider); SSLHandlerFactory ssl = SSLUtils.createRestClientSSLEngineFactory(clientConfig); - assertNotNull(ssl); + assertThat(ssl).isNotNull(); } /** Tests that REST Client SSL Client is not created if SSL is not configured. */ - @Test - public void testRESTClientSSLDisabled() throws Exception { - Configuration clientConfig = createRestSslConfigWithTrustStore(); + @ParameterizedTest + @MethodSource("parameters") + void testRESTClientSSLDisabled(String sslProvider) { + Configuration clientConfig = createRestSslConfigWithTrustStore(sslProvider); clientConfig.setBoolean(SecurityOptions.SSL_REST_ENABLED, false); - try { - SSLUtils.createRestClientSSLEngineFactory(clientConfig); - fail("exception expected"); - } catch (IllegalConfigurationException ignored) { - } + assertThatThrownBy(() -> SSLUtils.createRestClientSSLEngineFactory(clientConfig)) + .isInstanceOf(IllegalConfigurationException.class); } /** Tests that REST Client SSL creation fails with bad SSL configuration. */ @Test - public void testRESTClientSSLMissingTrustStore() throws Exception { + void testRESTClientSSLMissingTrustStore() { Configuration config = new Configuration(); config.setBoolean(SecurityOptions.SSL_REST_ENABLED, true); config.setString(SecurityOptions.SSL_REST_TRUSTSTORE_PASSWORD, "some password"); - try { - SSLUtils.createRestClientSSLEngineFactory(config); - fail("exception expected"); - } catch (IllegalConfigurationException ignored) { - } + assertThatThrownBy(() -> SSLUtils.createRestClientSSLEngineFactory(config)) + .isInstanceOf(IllegalConfigurationException.class); } /** Tests that REST Client SSL creation fails with bad SSL configuration. */ @Test - public void testRESTClientSSLMissingPassword() throws Exception { + void testRESTClientSSLMissingPassword() { Configuration config = new Configuration(); config.setBoolean(SecurityOptions.SSL_REST_ENABLED, true); config.setString(SecurityOptions.SSL_REST_TRUSTSTORE, TRUST_STORE_PATH); - try { - SSLUtils.createRestClientSSLEngineFactory(config); - fail("exception expected"); - } catch (IllegalConfigurationException ignored) { - } + assertThatThrownBy(() -> SSLUtils.createRestClientSSLEngineFactory(config)) + .isInstanceOf(IllegalConfigurationException.class); } /** Tests that REST Client SSL creation fails with bad SSL configuration. */ - @Test - public void testRESTClientSSLWrongPassword() throws Exception { - Configuration clientConfig = createRestSslConfigWithTrustStore(); + @ParameterizedTest + @MethodSource("parameters") + void testRESTClientSSLWrongPassword(String sslProvider) { + Configuration clientConfig = createRestSslConfigWithTrustStore(sslProvider); clientConfig.setString(SecurityOptions.SSL_REST_TRUSTSTORE_PASSWORD, "badpassword"); - try { - SSLUtils.createRestClientSSLEngineFactory(clientConfig); - fail("exception expected"); - } catch (Exception ignored) { - } + assertThatThrownBy(() -> SSLUtils.createRestClientSSLEngineFactory(clientConfig)) + .isInstanceOf(Exception.class); + } + + @ParameterizedTest + @MethodSource("parameters") + public void testRESTSSLConfigCipherAlgorithms(String sslProvider) throws Exception { + String testSSLAlgorithms = "test_algorithm1,test_algorithm2"; + Configuration config = createRestSslConfigWithTrustStore(sslProvider); + config.setBoolean(SecurityOptions.SSL_REST_ENABLED, true); + config.setString(SecurityOptions.SSL_ALGORITHMS.key(), testSSLAlgorithms); + JdkSslContext nettySSLContext = + (JdkSslContext) + SSLUtils.createRestNettySSLContext(config, true, ClientAuth.NONE, JDK); + List cipherSuites = checkNotNull(nettySSLContext).cipherSuites(); + assertThat(cipherSuites).hasSize(2); + assertThat(cipherSuites).containsExactlyInAnyOrder(testSSLAlgorithms.split(",")); } // ------------------------ server -------------------------- /** Tests that REST Server SSL Engine is created given a valid SSL configuration. */ - @Test - public void testRESTServerSSL() throws Exception { - Configuration serverConfig = createRestSslConfigWithKeyStore(); + @ParameterizedTest + @MethodSource("parameters") + void testRESTServerSSL(String sslProvider) throws Exception { + Configuration serverConfig = createRestSslConfigWithKeyStore(sslProvider); SSLHandlerFactory ssl = SSLUtils.createRestServerSSLEngineFactory(serverConfig); - assertNotNull(ssl); + assertThat(ssl).isNotNull(); } /** Tests that REST Server SSL Engine is not created if SSL is disabled. */ - @Test - public void testRESTServerSSLDisabled() throws Exception { - Configuration serverConfig = createRestSslConfigWithKeyStore(); + @ParameterizedTest + @MethodSource("parameters") + void testRESTServerSSLDisabled(String sslProvider) { + Configuration serverConfig = createRestSslConfigWithKeyStore(sslProvider); serverConfig.setBoolean(SecurityOptions.SSL_REST_ENABLED, false); - try { - SSLUtils.createRestServerSSLEngineFactory(serverConfig); - fail("exception expected"); - } catch (IllegalConfigurationException ignored) { - } + assertThatThrownBy(() -> SSLUtils.createRestServerSSLEngineFactory(serverConfig)) + .isInstanceOf(IllegalConfigurationException.class); } /** Tests that REST Server SSL Engine creation fails with bad SSL configuration. */ - @Test - public void testRESTServerSSLBadKeystorePassword() { - Configuration serverConfig = createRestSslConfigWithKeyStore(); + @ParameterizedTest + @MethodSource("parameters") + void testRESTServerSSLBadKeystorePassword(String sslProvider) { + Configuration serverConfig = createRestSslConfigWithKeyStore(sslProvider); serverConfig.setString(SecurityOptions.SSL_REST_KEYSTORE_PASSWORD, "badpassword"); - try { - SSLUtils.createRestServerSSLEngineFactory(serverConfig); - fail("exception expected"); - } catch (Exception ignored) { - } + assertThatThrownBy(() -> SSLUtils.createRestServerSSLEngineFactory(serverConfig)) + .isInstanceOf(Exception.class); } /** Tests that REST Server SSL Engine creation fails with bad SSL configuration. */ - @Test - public void testRESTServerSSLBadKeyPassword() { - Configuration serverConfig = createRestSslConfigWithKeyStore(); + @ParameterizedTest + @MethodSource("parameters") + void testRESTServerSSLBadKeyPassword(String sslProvider) { + Configuration serverConfig = createRestSslConfigWithKeyStore(sslProvider); serverConfig.setString(SecurityOptions.SSL_REST_KEY_PASSWORD, "badpassword"); - try { - SSLUtils.createRestServerSSLEngineFactory(serverConfig); - fail("exception expected"); - } catch (Exception ignored) { - } + assertThatThrownBy(() -> SSLUtils.createRestServerSSLEngineFactory(serverConfig)) + .isInstanceOf(Exception.class); } // ----------------------- mutual auth contexts -------------------------- - @Test - public void testInternalSSL() throws Exception { - final Configuration config = createInternalSslConfigWithKeyAndTrustStores(); - assertNotNull(SSLUtils.createInternalServerSSLEngineFactory(config)); - assertNotNull(SSLUtils.createInternalClientSSLEngineFactory(config)); + @ParameterizedTest + @MethodSource("parameters") + void testInternalSSL(String sslProvider) throws Exception { + final Configuration config = createInternalSslConfigWithKeyAndTrustStores(sslProvider); + assertThat(SSLUtils.createInternalServerSSLEngineFactory(config)).isNotNull(); + assertThat(SSLUtils.createInternalClientSSLEngineFactory(config)).isNotNull(); } - @Test - public void testInternalSSLWithSSLPinning() throws Exception { - final Configuration config = createInternalSslConfigWithKeyAndTrustStores(); + @ParameterizedTest + @MethodSource("parameters") + void testInternalSSLWithSSLPinning(String sslProvider) throws Exception { + final Configuration config = createInternalSslConfigWithKeyAndTrustStores(sslProvider); config.setString( SecurityOptions.SSL_INTERNAL_CERT_FINGERPRINT, getCertificateFingerprint(config, "flink.test")); - assertNotNull(SSLUtils.createInternalServerSSLEngineFactory(config)); - assertNotNull(SSLUtils.createInternalClientSSLEngineFactory(config)); + assertThat(SSLUtils.createInternalServerSSLEngineFactory(config)).isNotNull(); + assertThat(SSLUtils.createInternalClientSSLEngineFactory(config)).isNotNull(); } - @Test - public void testInternalSSLDisables() throws Exception { - final Configuration config = createInternalSslConfigWithKeyAndTrustStores(); + @ParameterizedTest + @MethodSource("parameters") + void testInternalSSLDisables(String sslProvider) { + final Configuration config = createInternalSslConfigWithKeyAndTrustStores(sslProvider); config.setBoolean(SecurityOptions.SSL_INTERNAL_ENABLED, false); - try { - SSLUtils.createInternalServerSSLEngineFactory(config); - fail("exception expected"); - } catch (Exception ignored) { - } + assertThatThrownBy(() -> SSLUtils.createInternalServerSSLEngineFactory(config)) + .isInstanceOf(Exception.class); - try { - SSLUtils.createInternalClientSSLEngineFactory(config); - fail("exception expected"); - } catch (Exception ignored) { - } + assertThatThrownBy(() -> SSLUtils.createInternalClientSSLEngineFactory(config)) + .isInstanceOf(Exception.class); } - @Test - public void testInternalSSLKeyStoreOnly() throws Exception { - final Configuration config = createInternalSslConfigWithKeyStore(); + @ParameterizedTest + @MethodSource("parameters") + void testInternalSSLKeyStoreOnly(String sslProvider) { + final Configuration config = createInternalSslConfigWithKeyStore(sslProvider); - try { - SSLUtils.createInternalServerSSLEngineFactory(config); - fail("exception expected"); - } catch (Exception ignored) { - } + assertThatThrownBy(() -> SSLUtils.createInternalServerSSLEngineFactory(config)) + .isInstanceOf(Exception.class); - try { - SSLUtils.createInternalClientSSLEngineFactory(config); - fail("exception expected"); - } catch (Exception ignored) { - } + assertThatThrownBy(() -> SSLUtils.createInternalClientSSLEngineFactory(config)) + .isInstanceOf(Exception.class); } - @Test - public void testInternalSSLTrustStoreOnly() throws Exception { - final Configuration config = createInternalSslConfigWithTrustStore(); + @ParameterizedTest + @MethodSource("parameters") + void testInternalSSLTrustStoreOnly(String sslProvider) { + final Configuration config = createInternalSslConfigWithTrustStore(sslProvider); - try { - SSLUtils.createInternalServerSSLEngineFactory(config); - fail("exception expected"); - } catch (Exception ignored) { - } + assertThatThrownBy(() -> SSLUtils.createInternalServerSSLEngineFactory(config)) + .isInstanceOf(Exception.class); - try { - SSLUtils.createInternalClientSSLEngineFactory(config); - fail("exception expected"); - } catch (Exception ignored) { - } + assertThatThrownBy(() -> SSLUtils.createInternalClientSSLEngineFactory(config)) + .isInstanceOf(Exception.class); } - @Test - public void testInternalSSLWrongKeystorePassword() throws Exception { - final Configuration config = createInternalSslConfigWithKeyAndTrustStores(); + @ParameterizedTest + @MethodSource("parameters") + void testInternalSSLWrongKeystorePassword(String sslProvider) { + final Configuration config = createInternalSslConfigWithKeyAndTrustStores(sslProvider); config.setString(SecurityOptions.SSL_INTERNAL_KEYSTORE_PASSWORD, "badpw"); - try { - SSLUtils.createInternalServerSSLEngineFactory(config); - fail("exception expected"); - } catch (Exception ignored) { - } + assertThatThrownBy(() -> SSLUtils.createInternalServerSSLEngineFactory(config)) + .isInstanceOf(Exception.class); - try { - SSLUtils.createInternalClientSSLEngineFactory(config); - fail("exception expected"); - } catch (Exception ignored) { - } + assertThatThrownBy(() -> SSLUtils.createInternalClientSSLEngineFactory(config)) + .isInstanceOf(Exception.class); } - @Test - public void testInternalSSLWrongTruststorePassword() throws Exception { - final Configuration config = createInternalSslConfigWithKeyAndTrustStores(); + @ParameterizedTest + @MethodSource("parameters") + void testInternalSSLWrongTruststorePassword(String sslProvider) { + final Configuration config = createInternalSslConfigWithKeyAndTrustStores(sslProvider); config.setString(SecurityOptions.SSL_INTERNAL_TRUSTSTORE_PASSWORD, "badpw"); - try { - SSLUtils.createInternalServerSSLEngineFactory(config); - fail("exception expected"); - } catch (Exception ignored) { - } + assertThatThrownBy(() -> SSLUtils.createInternalServerSSLEngineFactory(config)) + .isInstanceOf(Exception.class); - try { - SSLUtils.createInternalClientSSLEngineFactory(config); - fail("exception expected"); - } catch (Exception ignored) { - } + assertThatThrownBy(() -> SSLUtils.createInternalClientSSLEngineFactory(config)) + .isInstanceOf(Exception.class); } - @Test - public void testInternalSSLWrongKeyPassword() throws Exception { - final Configuration config = createInternalSslConfigWithKeyAndTrustStores(); + @ParameterizedTest + @MethodSource("parameters") + void testInternalSSLWrongKeyPassword(String sslProvider) { + final Configuration config = createInternalSslConfigWithKeyAndTrustStores(sslProvider); config.setString(SecurityOptions.SSL_INTERNAL_KEY_PASSWORD, "badpw"); - try { - SSLUtils.createInternalServerSSLEngineFactory(config); - fail("exception expected"); - } catch (Exception ignored) { - } + assertThatThrownBy(() -> SSLUtils.createInternalServerSSLEngineFactory(config)) + .isInstanceOf(Exception.class); - try { - SSLUtils.createInternalClientSSLEngineFactory(config); - fail("exception expected"); - } catch (Exception ignored) { - } + assertThatThrownBy(() -> SSLUtils.createInternalClientSSLEngineFactory(config)) + .isInstanceOf(Exception.class); } // -------------------- protocols and cipher suites ----------------------- /** Tests if SSLUtils set the right ssl version and cipher suites for SSLServerSocket. */ - @Test - public void testSetSSLVersionAndCipherSuitesForSSLServerSocket() throws Exception { - Configuration serverConfig = createInternalSslConfigWithKeyAndTrustStores(); + @ParameterizedTest + @MethodSource("parameters") + void testSetSSLVersionAndCipherSuitesForSSLServerSocket(String sslProvider) throws Exception { + Configuration serverConfig = createInternalSslConfigWithKeyAndTrustStores(sslProvider); // set custom protocol and cipher suites serverConfig.setString(SecurityOptions.SSL_PROTOCOL, "TLSv1.1"); @@ -362,26 +322,25 @@ public void testSetSSLVersionAndCipherSuitesForSSLServerSocket() throws Exceptio try (ServerSocket socket = SSLUtils.createSSLServerSocketFactory(serverConfig).createServerSocket(0)) { - assertTrue(socket instanceof SSLServerSocket); + assertThat(socket).isInstanceOf(SSLServerSocket.class); final SSLServerSocket sslSocket = (SSLServerSocket) socket; String[] protocols = sslSocket.getEnabledProtocols(); String[] algorithms = sslSocket.getEnabledCipherSuites(); - assertEquals(1, protocols.length); - assertEquals("TLSv1.1", protocols[0]); - assertEquals(2, algorithms.length); - assertThat( - algorithms, - arrayContainingInAnyOrder( - "TLS_RSA_WITH_AES_128_CBC_SHA", "TLS_RSA_WITH_AES_128_CBC_SHA256")); + assertThat(protocols).hasSize(1); + assertThat(protocols[0]).isEqualTo("TLSv1.1"); + assertThat(algorithms).hasSize(2); + assertThat(algorithms) + .contains("TLS_RSA_WITH_AES_128_CBC_SHA", "TLS_RSA_WITH_AES_128_CBC_SHA256"); } } /** Tests that {@link SSLHandlerFactory} is created correctly. */ - @Test - public void testCreateSSLEngineFactory() throws Exception { - Configuration serverConfig = createInternalSslConfigWithKeyAndTrustStores(); + @ParameterizedTest + @MethodSource("parameters") + void testCreateSSLEngineFactory(String sslProvider) throws Exception { + Configuration serverConfig = createInternalSslConfigWithKeyAndTrustStores(sslProvider); final String[] sslAlgorithms; final String[] expectedSslProtocols; if (sslProvider.equalsIgnoreCase("OPENSSL")) { @@ -408,37 +367,30 @@ public void testCreateSSLEngineFactory() throws Exception { final SslHandler sslHandler = serverSSLHandlerFactory.createNettySSLHandler(UnpooledByteBufAllocator.DEFAULT); - assertEquals(expectedSslProtocols.length, sslHandler.engine().getEnabledProtocols().length); - assertThat( - sslHandler.engine().getEnabledProtocols(), - arrayContainingInAnyOrder(expectedSslProtocols)); + assertThat(sslHandler.engine().getEnabledProtocols()).hasSameSizeAs(expectedSslProtocols); + assertThat(sslHandler.engine().getEnabledProtocols()).contains(expectedSslProtocols); - assertEquals(sslAlgorithms.length, sslHandler.engine().getEnabledCipherSuites().length); - assertThat( - sslHandler.engine().getEnabledCipherSuites(), - arrayContainingInAnyOrder(sslAlgorithms)); + assertThat(sslHandler.engine().getEnabledCipherSuites()).hasSameSizeAs(sslAlgorithms); + assertThat(sslHandler.engine().getEnabledCipherSuites()).contains(sslAlgorithms); } - @Test - public void testInvalidFingerprintParsing() throws Exception { - final Configuration config = createInternalSslConfigWithKeyAndTrustStores(); + @ParameterizedTest + @MethodSource("parameters") + void testInvalidFingerprintParsing(String sslProvider) throws Exception { + final Configuration config = createInternalSslConfigWithKeyAndTrustStores(sslProvider); final String fingerprint = getCertificateFingerprint(config, "flink.test"); config.setString( SecurityOptions.SSL_INTERNAL_CERT_FINGERPRINT, fingerprint.substring(0, fingerprint.length() - 3)); - try { - SSLUtils.createInternalServerSSLEngineFactory(config); - fail("expected exception"); - } catch (IllegalArgumentException e) { - assertThat(e.getMessage(), containsString("malformed fingerprint")); - } + assertThatThrownBy(() -> SSLUtils.createInternalServerSSLEngineFactory(config)) + .isInstanceOf(IllegalArgumentException.class); } // ------------------------------- utils ---------------------------------- - private Configuration createRestSslConfigWithKeyStore() { + private Configuration createRestSslConfigWithKeyStore(String sslProvider) { final Configuration config = new Configuration(); config.setBoolean(SecurityOptions.SSL_REST_ENABLED, true); addSslProviderConfig(config, sslProvider); @@ -446,7 +398,7 @@ private Configuration createRestSslConfigWithKeyStore() { return config; } - private Configuration createRestSslConfigWithTrustStore() { + private Configuration createRestSslConfigWithTrustStore(String sslProvider) { final Configuration config = new Configuration(); config.setBoolean(SecurityOptions.SSL_REST_ENABLED, true); addSslProviderConfig(config, sslProvider); @@ -463,7 +415,7 @@ public static Configuration createRestSslConfigWithKeyAndTrustStores(String sslP return config; } - private Configuration createInternalSslConfigWithKeyStore() { + private Configuration createInternalSslConfigWithKeyStore(String sslProvider) { final Configuration config = new Configuration(); config.setBoolean(SecurityOptions.SSL_INTERNAL_ENABLED, true); addSslProviderConfig(config, sslProvider); @@ -471,7 +423,7 @@ private Configuration createInternalSslConfigWithKeyStore() { return config; } - private Configuration createInternalSslConfigWithTrustStore() { + private Configuration createInternalSslConfigWithTrustStore(String sslProvider) { final Configuration config = new Configuration(); config.setBoolean(SecurityOptions.SSL_INTERNAL_ENABLED, true); addSslProviderConfig(config, sslProvider); @@ -479,10 +431,6 @@ private Configuration createInternalSslConfigWithTrustStore() { return config; } - private Configuration createInternalSslConfigWithKeyAndTrustStores() { - return createInternalSslConfigWithKeyAndTrustStores(sslProvider); - } - public static Configuration createInternalSslConfigWithKeyAndTrustStores(String sslProvider) { final Configuration config = new Configuration(); config.setBoolean(SecurityOptions.SSL_INTERNAL_ENABLED, true);