Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow HttpServerOptionsCustomizer to set KeyManager and TrustManager for HTTPS server #27682

Merged
merged 2 commits into from Sep 4, 2022
Merged

Allow HttpServerOptionsCustomizer to set KeyManager and TrustManager for HTTPS server #27682

merged 2 commits into from Sep 4, 2022

Conversation

tsaarni
Copy link
Contributor

@tsaarni tsaarni commented Sep 2, 2022

This change allows the application to use the HttpServerOptionsCustomizer mechanism to set their own KeyManager and TrustManager to Vert.x. That is achieved by simply moving the check to disable TLS (in absense of server certificate & key) from before the customizer call to after the call.

Without this change the HttpServerOptionsCustomizer.customizeHttpsServer() method is not called unless certificate and key were already defined in quarkus.http.ssl.certificate.* config options. Setting the config option is not desirable when the application wants to customize the HTTPS server by setting its own KeyManager. In that case quarkus.http.ssl.certificate.* options are not applicable, since Quarkus is not in control of setting the server credentials.

Example use case that is enabled by this PR: Application sets custom KeyManager that supports certificate hot-reload without restarting the server (xref #15926).

Fixes #27481

@tsaarni
Allow HttpServerOptionsCustomizer to set KeyManager
23f3a93 
This change allows application to set its own KeyManager and TrustManager to
Vert.x by delaying the check to disable TLS (in absense of certificate&key)
to be done after the call to HttpServerOptionsCustomizer, instead of before.
@tsaarni tsaarni mentioned this pull request Sep 2, 2022
Closed
@quarkus-bot

This comment has been minimized.

Sign in to view
@cescoffier cescoffier merged commit 2d7b4f0 into quarkusio:main Sep 4, 2022
@quarkus-bot quarkus-bot bot added this to the 2.13 - main milestone Sep 4, 2022
@quarkus-bot quarkus-bot bot added the kind/enhancement New feature or request label Sep 4, 2022
@tsaarni tsaarni mentioned this pull request Sep 6, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cescoffier cescoffier cescoffier approved these changes

Assignees
No one assigned
Labels
area/vertx kind/enhancement New feature or request
Projects
None yet
Milestone
2.13.0.CR1
Development

Successfully merging this pull request may close these issues.

Let user to provide own KeyManager and TrustManager for HTTPS server
2 participants
@tsaarni @cescoffier