Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fixes issue #3497 - Add trust store support to HttpsFeature #3498

Merged
merged 1 commit into from
Jul 22, 2023
Merged

Fixes issue #3497 - Add trust store support to HttpsFeature #3498

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
2 changes: 2 additions & 0 deletions dist/coreprofile/src/main/java/cloud/piranha/dist/coreprofile/CoreProfilePiranha.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -150,6 +150,8 @@ public void run() {
httpsFeature.setHttpsKeystoreFile(configuration.getString("httpsKeystoreFile"));
httpsFeature.setHttpsKeystorePassword(configuration.getString("httpsKeystorePassword"));
httpsFeature.setHttpsServerClass(configuration.getString("httpsServerClass"));
httpsFeature.setHttpsTruststoreFile(configuration.getString("httpsTruststoreFile"));
httpsFeature.setHttpsTruststorePassword(configuration.getString("httpsTruststorePassword"));
httpsFeature.setPort(configuration.getInteger("httpsPort"));
httpsFeature.init();
httpsFeature.getHttpsServer().setHttpServerProcessor(webAppFeature.getHttpServerProcessor());
Expand Down
53 changes: 39 additions & 14 deletions dist/coreprofile/src/main/java/cloud/piranha/dist/coreprofile/CoreProfilePiranhaBuilder.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -184,6 +184,28 @@ public CoreProfilePiranhaBuilder httpsServerClass(String httpsServerClass) {
return this;
}

/**
* Set the HTTPS truststore file.
*
* @param httpsTruststoreFile the HTTPS truststore file.
* @return the builder.
*/
public CoreProfilePiranhaBuilder httpsTruststoreFile(String httpsTruststoreFile) {
piranha.getConfiguration().setString("httpsTruststoreFile", httpsTruststoreFile);
return this;
}

/**
* Set the HTTPS truststore password.
*
* @param httpsTruststorePassword the HTTPS truststore password.
* @return the builder.
*/
public CoreProfilePiranhaBuilder httpsTruststorePassword(String httpsTruststorePassword) {
piranha.getConfiguration().setString("httpsTruststorePassword", httpsTruststorePassword);
return this;
}

/**
* Enable/disable JPMS.
*
Expand Down Expand Up @@ -220,19 +242,21 @@ private void showArguments() {
Arguments
=========

Context path : %s
Extension class : %s
Exit on stop : %s
HTTP port : %s
HTTP server class : %s
HTTPS keystore file : %s
HTTPS keystore password : ****
HTTPS port : %s
HTTPS server class : %s
JPMS enabled : %s
PID : %s
WAR filename : %s
Web application dir : %s
Context path : %s
Extension class : %s
Exit on stop : %s
HTTP port : %s
HTTP server class : %s
HTTPS keystore file : %s
HTTPS keystore password : ****
HTTPS port : %s
HTTPS server class : %s
HTTPS truststore file : %s
HTTPS truststore password : ****
JPMS enabled : %s
PID : %s
WAR filename : %s
Web application dir : %s

""".formatted(
configuration.getString("contextPath"),
Expand All @@ -243,14 +267,15 @@ private void showArguments() {
configuration.getString("httpsKeystoreFile"),
configuration.getInteger("httpsPort"),
configuration.getString("httpsServerClass"),
configuration.getString("httpsTruststoreFile"),
configuration.getBoolean("jpms", false),
configuration.getLong("pid"),
configuration.getFile("warFile"),
configuration.getFile("webAppDir")
)
);
}

/**
* Set the verbose flag.
*
Expand Down
49 changes: 30 additions & 19 deletions dist/coreprofile/src/main/java/cloud/piranha/dist/coreprofile/CoreProfilePiranhaMain.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -101,6 +101,12 @@ private CoreProfilePiranhaBuilder processArguments(String[] arguments) {
if (arguments[i].equals("--https-server-class")) {
builder = builder.httpsServerClass(arguments[i + 1]);
}
if (arguments[i].equals("--https-truststore-file")) {
builder = builder.httpsTruststoreFile(arguments[i + 1]);
}
if (arguments[i].equals("--https-truststore-password")) {
builder = builder.httpsTruststorePassword(arguments[i + 1]);
}
if (arguments[i].equals("--jpms")) {
builder = builder.jpms(true);
}
Expand Down Expand Up @@ -136,25 +142,30 @@ private static void showHelp() {
LOGGER.log(Level.INFO, "");
LOGGER.log(Level.INFO,
"""
--extension-class <className> - Set the extension to use
--help - Show this help
--context-path <string> - Set the Servlet context path
--http-port <integer> - Set the HTTP port (use -1 to disable)
--http-server-class <className> - Set the HTTP server class to use
--https-keystore-file <file> - Set the HTTPS keystore file (applies to
the whole JVM)
--https-keystore-password <string> - Set the HTTPS keystore password (applies
to the whole JVM)
--https-port <integer> - Set the HTTPS port (disabled by default)
--https-server-class <className> - Set the HTTPS server class to use
--jpms - Enable Java Platform Module System
--verbose - Shows the runtime parameters
--war-file <file> - The WAR file to deploy
--webapp-dir <directory> - The directory to use for the web
application (auto creates when it does
not exist, if omitted runtime will use
the filename portion of --war-file)
--write-pid - Write out a PID file
--extension-class <className> - Set the extension to use
--help - Show this help
--context-path <string> - Set the Servlet context path
--http-port <integer> - Set the HTTP port (use -1 to disable)
--http-server-class <className> - Set the HTTP server class to use
--https-keystore-file <file> - Set the HTTPS keystore file (applies to
the whole JVM)
--https-keystore-password <string> - Set the HTTPS keystore password
(applies to the whole JVM)
--https-port <integer> - Set the HTTPS port (disabled by
default)
--https-server-class <className> - Set the HTTPS server class to use
--https-truststore-file <file> - Set the HTTPS keystore file (applies to
the whole JVM)
--https-truststore-password <string> - Set the HTTPS keystore password
(applies to the whole JVM)
--jpms - Enable Java Platform Module System
--verbose - Shows the runtime parameters
--war-file <file> - The WAR file to deploy
--webapp-dir <directory> - The directory to use for the web
application (auto creates when it does
not exist, if omitted runtime will use
the filename portion of --war-file)
--write-pid - Write out a PID file
""");
}
}
2 changes: 2 additions & 0 deletions dist/microprofile/src/main/java/cloud/piranha/dist/microprofile/MicroProfilePiranha.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -146,6 +146,8 @@ public void run() {
httpsFeature.setHttpsKeystoreFile(configuration.getString("httpsKeystoreFile"));
httpsFeature.setHttpsKeystorePassword(configuration.getString("httpsKeystorePassword"));
httpsFeature.setHttpsServerClass(configuration.getString("httpsServerClass"));
httpsFeature.setHttpsTruststoreFile(configuration.getString("httpsTruststoreFile"));
httpsFeature.setHttpsTruststorePassword(configuration.getString("httpsTruststorePassword"));
httpsFeature.setPort(configuration.getInteger("httpsPort"));
httpsFeature.init();
httpsFeature.getHttpsServer().setHttpServerProcessor(webAppFeature.getHttpServerProcessor());
Expand Down
80 changes: 55 additions & 25 deletions ...icroprofile/src/main/java/cloud/piranha/dist/microprofile/MicroProfilePiranhaBuilder.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@
*/
package cloud.piranha.dist.microprofile;

import cloud.piranha.core.api.PiranhaConfiguration;
import cloud.piranha.core.api.WebApplicationExtension;
import java.io.File;
import java.lang.System.Logger;
Expand Down Expand Up @@ -183,6 +184,28 @@ public MicroProfilePiranhaBuilder httpsServerClass(String httpsServerClass) {
return this;
}

/**
* Set the HTTPS truststore file.
*
* @param httpsTruststoreFile the HTTPS truststore file.
* @return the builder.
*/
public MicroProfilePiranhaBuilder httpsTruststoreFile(String httpsTruststoreFile) {
piranha.getConfiguration().setString("httpsTruststoreFile", httpsTruststoreFile);
return this;
}

/**
* Set the HTTPS truststore password.
*
* @param httpsTruststorePassword the HTTPS truststore password.
* @return the builder.
*/
public MicroProfilePiranhaBuilder httpsTruststorePassword(String httpsTruststorePassword) {
piranha.getConfiguration().setString("httpsTruststorePassword", httpsTruststorePassword);
return this;
}

/**
* Enable/disable JPMS.
*
Expand All @@ -198,6 +221,8 @@ public MicroProfilePiranhaBuilder jpms(boolean jpms) {
* Show the arguments used.
*/
private void showArguments() {
PiranhaConfiguration configuration = piranha.getConfiguration();

LOGGER.log(Level.INFO,
"""

Expand All @@ -206,33 +231,38 @@ private void showArguments() {
Arguments
=========

Context path : %s
Extension class : %s
Exit on stop : %s
HTTP port : %s
HTTP server class : %s
HTTPS keystore file : %s
HTTPS keystore password : ****
HTTPS port : %s
HTTPS server class : %s
JPMS enabled : %s
PID : %s
WAR filename : %s
Web application dir : %s
Context path : %s
Extension class : %s
Exit on stop : %s
HTTP port : %s
HTTP server class : %s
HTTPS keystore file : %s
HTTPS keystore password : ****
HTTPS port : %s
HTTPS server class : %s
HTTPS truststore file : %s
HTTPS truststore password : ****
JPMS enabled : %s
PID : %s
WAR filename : %s
Web application dir : %s

""".formatted(
piranha.getConfiguration().getString("contextPath"),
piranha.getConfiguration().getClass("extensionClass"),
piranha.getConfiguration().getBoolean("exitOnStop", false),
piranha.getConfiguration().getInteger("httpPort"),
piranha.getConfiguration().getString("httpServerClass"),
piranha.getConfiguration().getString("httpsKeystoreFile"),
piranha.getConfiguration().getInteger("httpsPort"),
piranha.getConfiguration().getString("httpsServerClass"),
piranha.getConfiguration().getBoolean("jpmsEnabled", false),
piranha.getConfiguration().getLong("pid"),
piranha.getConfiguration().getFile("warFile"),
piranha.getConfiguration().getFile("webappDir")));
configuration.getString("contextPath"),
configuration.getClass("extensionClass"),
configuration.getBoolean("exitOnStop", false),
configuration.getInteger("httpPort"),
configuration.getString("httpServerClass"),
configuration.getString("httpsKeystoreFile"),
configuration.getInteger("httpsPort"),
configuration.getString("httpsServerClass"),
configuration.getString("httpsTruststoreFile"),
configuration.getBoolean("jpms", false),
configuration.getLong("pid"),
configuration.getFile("warFile"),
configuration.getFile("webAppDir")
)
);
}

/**
Expand Down
49 changes: 30 additions & 19 deletions dist/microprofile/src/main/java/cloud/piranha/dist/microprofile/MicroProfilePiranhaMain.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -103,6 +103,12 @@ private MicroProfilePiranhaBuilder processArguments(String[] arguments) {
if (arguments[i].equals("--https-server-class")) {
builder = builder.httpsServerClass(arguments[i + 1]);
}
if (arguments[i].equals("--https-truststore-file")) {
builder = builder.httpsTruststoreFile(arguments[i + 1]);
}
if (arguments[i].equals("--https-truststore-password")) {
builder = builder.httpsTruststorePassword(arguments[i + 1]);
}
if (arguments[i].equals("--jpms")) {
builder = builder.jpms(true);
}
Expand Down Expand Up @@ -138,25 +144,30 @@ private static void showHelp() {
LOGGER.log(Level.INFO, "");
LOGGER.log(Level.INFO,
"""
--extension-class <className> - Set the extension to use
--help - Show this help
--context-path <string> - Set the Servlet context path
--http-port <integer> - Set the HTTP port (use -1 to disable)
--http-server-class <className> - Set the HTTP server class to use
--https-port <integer> - Set the HTTPS port (disabled by default)
--https-server-class <className> - Set the HTTPS server class to use
--jpms - Enable Java Platform Module System
--https-keystore-file <file> - Set the HTTPS keystore file (applies to
the whole JVM)
--https-keystore-password <string> - Set the HTTPS keystore password (applies
to the whole JVM
--verbose - Shows the runtime parameters
--war-file <file> - The WAR file to deploy
--webapp-dir <directory> - The directory to use for the web
application (auto creates when it does
not exist, if omitted runtime will use
the filename portion of --war-file)
--write-pid - Write out a PID file
--extension-class <className> - Set the extension to use
--help - Show this help
--context-path <string> - Set the Servlet context path
--http-port <integer> - Set the HTTP port (use -1 to disable)
--http-server-class <className> - Set the HTTP server class to use
--https-keystore-file <file> - Set the HTTPS keystore file (applies to
the whole JVM)
--https-keystore-password <string> - Set the HTTPS keystore password
(applies to the whole JVM)
--https-port <integer> - Set the HTTPS port (disabled by
default)
--https-server-class <className> - Set the HTTPS server class to use
--https-truststore-file <file> - Set the HTTPS keystore file (applies to
the whole JVM)
--https-truststore-password <string> - Set the HTTPS keystore password
(applies to the whole JVM)
--jpms - Enable Java Platform Module System
--verbose - Shows the runtime parameters
--war-file <file> - The WAR file to deploy
--webapp-dir <directory> - The directory to use for the web
application (auto creates when it does
not exist, if omitted runtime will use
the filename portion of --war-file)
--write-pid - Write out a PID file
""");
}
}
45 changes: 2 additions & 43 deletions dist/platform/src/main/java/cloud/piranha/dist/platform/PlatformPiranha.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -189,6 +189,8 @@ public void run() {
httpsFeature.setHttpsKeystoreFile(configuration.getString("httpsKeystoreFile"));
httpsFeature.setHttpsKeystorePassword(configuration.getString("httpsKeystorePassword"));
httpsFeature.setHttpsServerClass(configuration.getString("httpsServerClass"));
httpsFeature.setHttpsTruststoreFile(configuration.getString("httpsTruststoreFile"));
httpsFeature.setHttpsTruststorePassword(configuration.getString("httpsTruststorePassword"));
httpsFeature.setPort(configuration.getInteger("httpsPort"));
httpsFeature.init();
httpsFeature.getHttpsServer().setHttpServerProcessor(webAppsFeature.getHttpServerProcessor());
Expand Down Expand Up @@ -268,49 +270,6 @@ public void run() {
featureManager.stop();
}

/**
* Set the HTTPS truststore file.
*
* <p>
* Convenience wrapper around the <code>javax.net.ssl.trustStore</code>
* system property. Note using this method sets the property for the entire
* JVM.
* </p>
*
* @param httpsTruststoreFile the HTTPS truststore file.
*/
public void setHttpsTruststoreFile(String httpsTruststoreFile) {
if (httpsTruststoreFile != null) {
System.setProperty("javax.net.ssl.trustStore", httpsTruststoreFile);
}
}

/**
* Set the HTTPS truststore password.
*
* <p>
* Convenience wrapper around the
* <code>javax.net.ssl.trustStorePassword</code> system property. Note using
* this method sets the property for the entire JVM.
* </p>
*
* @param httpsTruststorePassword the HTTPS truststore password.
*/
void setHttpsTruststorePassword(String httpsTruststorePassword) {
if (httpsTruststorePassword != null) {
System.setProperty("javax.net.ssl.trustStorePassword", httpsTruststorePassword);
}
}

/**
* Set the web applications directory.
*
* @param webAppsDir the web applications directory.
*/
public void setWebAppsDir(File webAppsDir) {
this.configuration.setFile("webAppsDir", webAppsDir);
}

/**
* Start the server.
*/
Expand Down