Java 类io.netty.handler.codec.http2.Http2SecurityUtil 实例源码
项目:xrpc
文件:XrpcClient.java
private SslContext buildSslCtx() {
SslProvider provider = OpenSsl.isAlpnSupported() ? SslProvider.OPENSSL : SslProvider.JDK;
try {
return SslContextBuilder.forClient()
.sslProvider(provider)
.ciphers(Http2SecurityUtil.CIPHERS, SupportedCipherSuiteFilter.INSTANCE)
.trustManager(InsecureTrustManagerFactory.INSTANCE)
// TODO(JR): Make a seperate Handler Class for http2 as opposed to autoneg
// .applicationProtocolConfig(new ApplicationProtocolConfig(
// ApplicationProtocolConfig.Protocol.ALPN,
// // NO_ADVERTISE is currently the only mode supported by both OpenSsl and JDK providers.
// ApplicationProtocolConfig.SelectorFailureBehavior.NO_ADVERTISE,
// // ACCEPT is currently the only mode supported by both OpenSsl and JDK providers.
// ApplicationProtocolConfig.SelectedListenerFailureBehavior.ACCEPT,
// ApplicationProtocolNames.HTTP_2,
// ApplicationProtocolNames.HTTP_1_1))
.build();
} catch (SSLException e) {
e.printStackTrace();
}
return null;
}
项目:jmeter-http2-plugin
文件:NettyHttp2Client.java
private SslContext getSslContext() {
SslContext sslCtx = null;
final SslProvider provider = OpenSsl.isAlpnSupported() ? SslProvider.OPENSSL : SslProvider.JDK;
try {
sslCtx = SslContextBuilder.forClient()
.sslProvider(provider)
.ciphers(Http2SecurityUtil.CIPHERS, SupportedCipherSuiteFilter.INSTANCE)
.trustManager(InsecureTrustManagerFactory.INSTANCE)
.applicationProtocolConfig(new ApplicationProtocolConfig(
Protocol.ALPN,
SelectorFailureBehavior.NO_ADVERTISE,
SelectedListenerFailureBehavior.ACCEPT,
ApplicationProtocolNames.HTTP_2))
.build();
} catch(SSLException exception) {
return null;
}
return sslCtx;
}
项目:armeria
文件:AbstractVirtualHostBuilder.java
/**
* Sets the {@link SslContext} of this {@link VirtualHost} from the specified {@link SessionProtocol},
* {@code keyCertChainFile}, {@code keyFile} and {@code keyPassword}.
*/
public B sslContext(
SessionProtocol protocol,
File keyCertChainFile, File keyFile, String keyPassword) throws SSLException {
if (requireNonNull(protocol, "protocol") != SessionProtocol.HTTPS) {
throw new IllegalArgumentException("unsupported protocol: " + protocol);
}
final SslContextBuilder builder = SslContextBuilder.forServer(keyCertChainFile, keyFile, keyPassword);
builder.sslProvider(Flags.useOpenSsl() ? SslProvider.OPENSSL : SslProvider.JDK);
builder.ciphers(Http2SecurityUtil.CIPHERS, SupportedCipherSuiteFilter.INSTANCE);
builder.applicationProtocolConfig(HTTPS_ALPN_CFG);
sslContext(builder.build());
return self();
}
项目:carbon-transports
文件:SSLHandlerFactory.java
/**
* This method will provide netty ssl context which supports HTTP2 over TLS using
* Application Layer Protocol Negotiation (ALPN)
*
* @return instance of {@link SslContext}
* @throws SSLException if any error occurred during building SSL context.
*/
public SslContext createHttp2TLSContext() throws SSLException {
// If listener configuration does not include cipher suites , default ciphers required by the HTTP/2
// specification will be added.
List<String> ciphers = sslConfig.getCipherSuites() != null && sslConfig.getCipherSuites().length > 0 ? Arrays
.asList(sslConfig.getCipherSuites()) : Http2SecurityUtil.CIPHERS;
SslProvider provider = OpenSsl.isAlpnSupported() ? SslProvider.OPENSSL : SslProvider.JDK;
return SslContextBuilder.forServer(this.getKeyManagerFactory())
.trustManager(this.getTrustStoreFactory())
.sslProvider(provider)
.ciphers(ciphers,
SupportedCipherSuiteFilter.INSTANCE)
.clientAuth(needClientAuth ? ClientAuth.REQUIRE : ClientAuth.NONE)
.applicationProtocolConfig(new ApplicationProtocolConfig(
ApplicationProtocolConfig.Protocol.ALPN,
// NO_ADVERTISE is currently the only mode supported by both OpenSsl and JDK providers.
ApplicationProtocolConfig.SelectorFailureBehavior.NO_ADVERTISE,
// ACCEPT is currently the only mode supported by both OpenSsl and JDK providers.
ApplicationProtocolConfig.SelectedListenerFailureBehavior.ACCEPT,
ApplicationProtocolNames.HTTP_2,
ApplicationProtocolNames.HTTP_1_1)).build();
}
项目:jooby
文件:NettySslContext.java
static SslContext build(final Config conf) throws IOException, CertificateException {
String tmpdir = conf.getString("application.tmpdir");
boolean http2 = conf.getBoolean("server.http2.enabled");
File keyStoreCert = toFile(conf.getString("ssl.keystore.cert"), tmpdir);
File keyStoreKey = toFile(conf.getString("ssl.keystore.key"), tmpdir);
String keyStorePass = conf.hasPath("ssl.keystore.password")
? conf.getString("ssl.keystore.password") : null;
SslContextBuilder scb = SslContextBuilder.forServer(keyStoreCert, keyStoreKey, keyStorePass);
if (conf.hasPath("ssl.trust.cert")) {
scb.trustManager(toFile(conf.getString("ssl.trust.cert"), tmpdir))
.clientAuth(ClientAuth.REQUIRE);
}
if (http2) {
SslProvider provider = OpenSsl.isAlpnSupported() ? SslProvider.OPENSSL : SslProvider.JDK;
return scb.sslProvider(provider)
.ciphers(Http2SecurityUtil.CIPHERS, SupportedCipherSuiteFilter.INSTANCE)
.applicationProtocolConfig(new ApplicationProtocolConfig(
Protocol.ALPN,
SelectorFailureBehavior.NO_ADVERTISE,
SelectedListenerFailureBehavior.ACCEPT,
Arrays.asList(ApplicationProtocolNames.HTTP_2, ApplicationProtocolNames.HTTP_1_1)))
.build();
}
return scb.build();
}
项目:jooby
文件:NettySslContextTest.java
private Block alpn(final SslProvider provider) {
return unit -> {
SslContextBuilder scb = unit.get(SslContextBuilder.class);
expect(scb.sslProvider(provider)).andReturn(scb);
expect(scb.ciphers(Http2SecurityUtil.CIPHERS, SupportedCipherSuiteFilter.INSTANCE))
.andReturn(scb);
ApplicationProtocolConfig apc = unit.constructor(ApplicationProtocolConfig.class)
.args(Protocol.class, SelectorFailureBehavior.class,
SelectedListenerFailureBehavior.class, List.class)
.build(Protocol.ALPN,
SelectorFailureBehavior.NO_ADVERTISE,
SelectedListenerFailureBehavior.ACCEPT,
Arrays.asList(ApplicationProtocolNames.HTTP_2,
ApplicationProtocolNames.HTTP_1_1));
expect(scb.applicationProtocolConfig(apc)).andReturn(scb);
};
}
项目:nitmproxy
文件:TlsUtil.java
public static SslContext ctxForClient(NitmProxyConfig config) throws SSLException {
SslContextBuilder builder = SslContextBuilder
.forClient()
.ciphers(Http2SecurityUtil.CIPHERS, SupportedCipherSuiteFilter.INSTANCE)
.applicationProtocolConfig(applicationProtocolConfig(config, config.isServerHttp2()));
if (config.isInsecure()) {
builder.trustManager(InsecureTrustManagerFactory.INSTANCE);
}
return builder.build();
}
项目:nitmproxy
文件:TlsUtil.java
public static SslContext ctxForServer(NitmProxyConfig config, String serverHost) throws SSLException {
Certificate certificate = CertUtil.newCert(config.getCertFile(), config.getKeyFile(), serverHost);
return SslContextBuilder
.forServer(certificate.getKeyPair().getPrivate(), certificate.getChain())
.ciphers(Http2SecurityUtil.CIPHERS, SupportedCipherSuiteFilter.INSTANCE)
.applicationProtocolConfig(applicationProtocolConfig(config, config.isClientHttp2()))
.build();
}
项目:chromium-net-for-android
文件:Http2TestServer.java
Http2TestServerRunnable(File certFile, File keyFile) throws Exception {
ApplicationProtocolConfig applicationProtocolConfig = new ApplicationProtocolConfig(
Protocol.ALPN, SelectorFailureBehavior.NO_ADVERTISE,
SelectedListenerFailureBehavior.ACCEPT, ApplicationProtocolNames.HTTP_2);
mSslCtx = new OpenSslServerContext(certFile, keyFile, null, null,
Http2SecurityUtil.CIPHERS, SupportedCipherSuiteFilter.INSTANCE,
applicationProtocolConfig, 0, 0);
}
项目:curiostack
文件:ServerModule.java
private static SslContextBuilder serverSslContext(
InputStream keyCertChainFile, InputStream keyFile) {
return SslContextBuilder.forServer(keyCertChainFile, keyFile, null)
.sslProvider(Flags.useOpenSsl() ? SslProvider.OPENSSL : SslProvider.JDK)
.ciphers(Http2SecurityUtil.CIPHERS, SupportedCipherSuiteFilter.INSTANCE)
.applicationProtocolConfig(HTTPS_ALPN_CFG);
}
项目:grpc-java
文件:GrpcSslContexts.java
/**
* Set ciphers and APN appropriate for gRPC. Precisely what is set is permitted to change, so if
* an application requires particular settings it should override the options set here.
*/
@ExperimentalApi("https://github.com/grpc/grpc-java/issues/1784")
@CanIgnoreReturnValue
public static SslContextBuilder configure(SslContextBuilder builder, SslProvider provider) {
return builder.sslProvider(provider)
.ciphers(Http2SecurityUtil.CIPHERS, SupportedCipherSuiteFilter.INSTANCE)
.applicationProtocolConfig(selectApplicationProtocolConfig(provider));
}
项目:JavaAyo
文件:Http2Server.java
public static void main(String[] args) throws Exception {
// Configure SSL.
final SslContext sslCtx;
if (SSL) {
SslProvider provider = OpenSsl.isAlpnSupported() ? SslProvider.OPENSSL : SslProvider.JDK;
SelfSignedCertificate ssc = new SelfSignedCertificate();
sslCtx = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey())
.sslProvider(provider)
/* NOTE: the cipher filter may not include all ciphers required by the HTTP/2 specification.
* Please refer to the HTTP/2 specification for cipher requirements. */
.ciphers(Http2SecurityUtil.CIPHERS, SupportedCipherSuiteFilter.INSTANCE)
.applicationProtocolConfig(new ApplicationProtocolConfig(
Protocol.ALPN,
// NO_ADVERTISE is currently the only mode supported by both OpenSsl and JDK providers.
SelectorFailureBehavior.NO_ADVERTISE,
// ACCEPT is currently the only mode supported by both OpenSsl and JDK providers.
SelectedListenerFailureBehavior.ACCEPT,
ApplicationProtocolNames.HTTP_2,
ApplicationProtocolNames.HTTP_1_1))
.build();
} else {
sslCtx = null;
}
// Configure the server.
EventLoopGroup group = new NioEventLoopGroup();
try {
ServerBootstrap b = new ServerBootstrap();
b.option(ChannelOption.SO_BACKLOG, 1024);
b.group(group)
.channel(NioServerSocketChannel.class)
.handler(new LoggingHandler(LogLevel.INFO))
.childHandler(new Http2ServerInitializer(sslCtx));
Channel ch = b.bind(PORT).sync().channel();
System.err.println("Open your HTTP/2-enabled web browser and navigate to " +
(SSL? "https" : "http") + "://127.0.0.1:" + PORT + '/');
ch.closeFuture().sync();
} finally {
group.shutdownGracefully();
}
}
项目:JavaAyo
文件:Http2Server.java
public static void main(String[] args) throws Exception {
// Configure SSL.
final SslContext sslCtx;
if (SSL) {
SslProvider provider = OpenSsl.isAlpnSupported() ? SslProvider.OPENSSL : SslProvider.JDK;
SelfSignedCertificate ssc = new SelfSignedCertificate();
sslCtx = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey())
.sslProvider(provider)
/* NOTE: the cipher filter may not include all ciphers required by the HTTP/2 specification.
* Please refer to the HTTP/2 specification for cipher requirements. */
.ciphers(Http2SecurityUtil.CIPHERS, SupportedCipherSuiteFilter.INSTANCE)
.applicationProtocolConfig(new ApplicationProtocolConfig(
Protocol.ALPN,
// NO_ADVERTISE is currently the only mode supported by both OpenSsl and JDK providers.
SelectorFailureBehavior.NO_ADVERTISE,
// ACCEPT is currently the only mode supported by both OpenSsl and JDK providers.
SelectedListenerFailureBehavior.ACCEPT,
ApplicationProtocolNames.HTTP_2,
ApplicationProtocolNames.HTTP_1_1))
.build();
} else {
sslCtx = null;
}
// Configure the server.
EventLoopGroup group = new NioEventLoopGroup();
try {
ServerBootstrap b = new ServerBootstrap();
b.option(ChannelOption.SO_BACKLOG, 1024);
b.group(group)
.channel(NioServerSocketChannel.class)
.handler(new LoggingHandler(LogLevel.INFO))
.childHandler(new Http2ServerInitializer(sslCtx));
Channel ch = b.bind(PORT).sync().channel();
System.err.println("Open your HTTP/2-enabled web browser and navigate to " +
(SSL? "https" : "http") + "://127.0.0.1:" + PORT + '/');
ch.closeFuture().sync();
} finally {
group.shutdownGracefully();
}
}
项目:armeria
文件:THttp2Client.java
THttp2Client(String uriStr, HttpHeaders defaultHeaders) throws TTransportException {
uri = URI.create(uriStr);
this.defaultHeaders = defaultHeaders;
int port;
switch (uri.getScheme()) {
case "http":
port = uri.getPort();
if (port < 0) {
port = 80;
}
sslCtx = null;
break;
case "https":
port = uri.getPort();
if (port < 0) {
port = 443;
}
try {
sslCtx = SslContextBuilder.forClient()
.ciphers(Http2SecurityUtil.CIPHERS, SupportedCipherSuiteFilter.INSTANCE)
.trustManager(InsecureTrustManagerFactory.INSTANCE)
.applicationProtocolConfig(new ApplicationProtocolConfig(
Protocol.ALPN,
// NO_ADVERTISE is currently the only mode supported by both OpenSsl and
// JDK providers.
SelectorFailureBehavior.NO_ADVERTISE,
// ACCEPT is currently the only mode supported by both OpenSsl and
// JDK providers.
SelectedListenerFailureBehavior.ACCEPT,
ApplicationProtocolNames.HTTP_2))
.build();
} catch (SSLException e) {
throw new TTransportException(TTransportException.UNKNOWN, e);
}
break;
default:
throw new IllegalArgumentException("unknown scheme: " + uri.getScheme());
}
String host = uri.getHost();
if (host == null) {
throw new IllegalArgumentException("host not specified: " + uriStr);
}
String path = uri.getPath();
if (path == null) {
throw new IllegalArgumentException("path not specified: " + uriStr);
}
this.host = host;
this.port = port;
this.path = path;
}
项目:armeria
文件:HttpClientPipelineConfigurator.java
HttpClientPipelineConfigurator(HttpClientFactory clientFactory, SessionProtocol sessionProtocol) {
this.clientFactory = clientFactory;
if (sessionProtocol == HTTP || sessionProtocol == HTTPS) {
httpPreference = HttpPreference.HTTP2_PREFERRED;
} else if (sessionProtocol == H1 || sessionProtocol == H1C) {
httpPreference = HttpPreference.HTTP1_REQUIRED;
} else if (sessionProtocol == H2 || sessionProtocol == H2C) {
httpPreference = HttpPreference.HTTP2_REQUIRED;
} else {
// Should never reach here.
throw new Error();
}
if (sessionProtocol.isTls()) {
try {
final SslContextBuilder builder = SslContextBuilder.forClient();
builder.sslProvider(
Flags.useOpenSsl() ? SslProvider.OPENSSL : SslProvider.JDK);
clientFactory.sslContextCustomizer().accept(builder);
if (httpPreference == HttpPreference.HTTP2_REQUIRED ||
httpPreference == HttpPreference.HTTP2_PREFERRED) {
builder.ciphers(Http2SecurityUtil.CIPHERS, SupportedCipherSuiteFilter.INSTANCE)
.applicationProtocolConfig(new ApplicationProtocolConfig(
ApplicationProtocolConfig.Protocol.ALPN,
// NO_ADVERTISE is currently the only mode supported by both OpenSsl and
// JDK providers.
ApplicationProtocolConfig.SelectorFailureBehavior.NO_ADVERTISE,
// ACCEPT is currently the only mode supported by both OpenSsl and JDK
// providers.
ApplicationProtocolConfig.SelectedListenerFailureBehavior.ACCEPT,
ApplicationProtocolNames.HTTP_2));
}
sslCtx = builder.build();
} catch (SSLException e) {
throw new IllegalStateException("failed to create an SslContext", e);
}
} else {
sslCtx = null;
}
}
项目:carbon-transports
文件:HTTP2Client.java
public HTTP2Client(boolean ssl, String host, int port) throws Exception {
try {
final SslContext sslCtx;
if (ssl) {
SslProvider provider = OpenSsl.isAlpnSupported() ? SslProvider.OPENSSL : SslProvider.JDK;
sslCtx = SslContextBuilder.forClient()
.sslProvider(provider)
.ciphers(Http2SecurityUtil.CIPHERS, SupportedCipherSuiteFilter.INSTANCE)
.trustManager(InsecureTrustManagerFactory.INSTANCE)
.applicationProtocolConfig(new ApplicationProtocolConfig(
Protocol.ALPN,
// NO_ADVERTISE is currently the only mode supported by both OpenSsl and JDK providers.
SelectorFailureBehavior.NO_ADVERTISE,
// ACCEPT is currently the only mode supported by both OpenSsl and JDK providers.
SelectedListenerFailureBehavior.ACCEPT,
ApplicationProtocolNames.HTTP_2,
ApplicationProtocolNames.HTTP_1_1))
.build();
} else {
sslCtx = null;
}
workerGroup = new NioEventLoopGroup();
HTTP2ClientInitializer initializer = new HTTP2ClientInitializer(sslCtx, Integer.MAX_VALUE);
// Configure the client.
Bootstrap b = new Bootstrap();
b.group(workerGroup);
b.channel(NioSocketChannel.class);
b.option(ChannelOption.SO_KEEPALIVE, true);
b.remoteAddress(host, port);
b.handler(initializer);
// Start the client.
channel = b.connect().syncUninterruptibly().channel();
log.info("Connected to [" + host + ':' + port + ']');
// Wait for the HTTP/2 upgrade to occur.
HTTP2SettingsHandler http2SettingsHandler = initializer.settingsHandler();
http2SettingsHandler.awaitSettings(TestUtil.HTTP2_RESPONSE_TIME_OUT, TestUtil.HTTP2_RESPONSE_TIME_UNIT);
responseHandler = initializer.responseHandler();
scheme = ssl ? HttpScheme.HTTPS : HttpScheme.HTTP;
hostName = new AsciiString(host + ':' + port);
} catch (Exception ex) {
log.error("Error while initializing http2 client " + ex);
this.close();
}
}
项目:pushy
文件:ApnsClientBuilder.java
/**
* Constructs a new {@link ApnsClient} with the previously-set configuration.
*
* @return a new ApnsClient instance with the previously-set configuration
*
* @throws SSLException if an SSL context could not be created for the new client for any reason
* @throws IllegalStateException if this method is called without specifying an APNs server address, if this method
* is called without providing TLS credentials or a signing key, or if this method is called with both TLS
* credentials and a signing key
*
* @since 0.8
*/
public ApnsClient build() throws SSLException {
if (this.apnsServerAddress == null) {
throw new IllegalStateException("No APNs server address specified.");
}
if (this.clientCertificate == null && this.privateKey == null && this.signingKey == null) {
throw new IllegalStateException("No client credentials specified; either TLS credentials (a " +
"certificate/private key) or an APNs signing key must be provided before building a client.");
} else if ((this.clientCertificate != null || this.privateKey != null) && this.signingKey != null) {
throw new IllegalStateException("Clients may not have both a signing key and TLS credentials.");
}
final SslContext sslContext;
{
final SslProvider sslProvider = SslUtil.getSslProvider();
final SslContextBuilder sslContextBuilder = SslContextBuilder.forClient()
.sslProvider(sslProvider)
.ciphers(Http2SecurityUtil.CIPHERS, SupportedCipherSuiteFilter.INSTANCE)
.applicationProtocolConfig(
new ApplicationProtocolConfig(Protocol.ALPN,
SelectorFailureBehavior.NO_ADVERTISE,
SelectedListenerFailureBehavior.ACCEPT,
ApplicationProtocolNames.HTTP_2));
if (this.clientCertificate != null && this.privateKey != null) {
sslContextBuilder.keyManager(this.privateKey, this.privateKeyPassword, this.clientCertificate);
}
if (this.trustedServerCertificatePemFile != null) {
sslContextBuilder.trustManager(this.trustedServerCertificatePemFile);
} else if (this.trustedServerCertificateInputStream != null) {
sslContextBuilder.trustManager(this.trustedServerCertificateInputStream);
} else if (this.trustedServerCertificates != null) {
sslContextBuilder.trustManager(this.trustedServerCertificates);
}
sslContext = sslContextBuilder.build();
}
final ApnsClient client = new ApnsClient(this.apnsServerAddress, sslContext, this.signingKey,
this.proxyHandlerFactory, this.connectionTimeoutMillis, this.idlePingIntervalMillis,
this.gracefulShutdownTimeoutMillis, this.concurrentConnections, this.metricsListener,
this.frameLogger, this.eventLoopGroup);
if (sslContext instanceof ReferenceCounted) {
((ReferenceCounted) sslContext).release();
}
return client;
}
项目:pushy
文件:MockApnsServerBuilder.java
/**
* Constructs a new {@link MockApnsServer} with the previously-set configuration.
*
* @return a new MockApnsServer instance with the previously-set configuration
*
* @throws SSLException if an SSL context could not be created for the new server for any reason
*
* @since 0.8
*/
public MockApnsServer build() throws SSLException {
if (this.handlerFactory == null) {
throw new IllegalStateException("Must provide a push notification handler factory before building a mock server.");
}
final SslContext sslContext;
{
final SslProvider sslProvider;
if (OpenSsl.isAvailable()) {
if (OpenSsl.isAlpnSupported()) {
log.info("Native SSL provider is available and supports ALPN; will use native provider.");
sslProvider = SslProvider.OPENSSL;
} else {
log.info("Native SSL provider is available, but does not support ALPN; will use JDK SSL provider.");
sslProvider = SslProvider.JDK;
}
} else {
log.info("Native SSL provider not available; will use JDK SSL provider.");
sslProvider = SslProvider.JDK;
}
final SslContextBuilder sslContextBuilder;
if (this.certificateChain != null && this.privateKey != null) {
sslContextBuilder = SslContextBuilder.forServer(this.privateKey, this.privateKeyPassword, this.certificateChain);
} else if (this.certificateChainPemFile != null && this.privateKeyPkcs8File != null) {
sslContextBuilder = SslContextBuilder.forServer(this.certificateChainPemFile, this.privateKeyPkcs8File, this.privateKeyPassword);
} else if (this.certificateChainInputStream != null && this.privateKeyPkcs8InputStream != null) {
sslContextBuilder = SslContextBuilder.forServer(this.certificateChainInputStream, this.privateKeyPkcs8InputStream, this.privateKeyPassword);
} else {
throw new IllegalStateException("Must specify server credentials before building a mock server.");
}
sslContextBuilder.sslProvider(sslProvider)
.ciphers(Http2SecurityUtil.CIPHERS, SupportedCipherSuiteFilter.INSTANCE)
.clientAuth(ClientAuth.OPTIONAL)
.applicationProtocolConfig(new ApplicationProtocolConfig(
Protocol.ALPN,
SelectorFailureBehavior.NO_ADVERTISE,
SelectedListenerFailureBehavior.ACCEPT,
ApplicationProtocolNames.HTTP_2));
if (this.trustedClientCertificatePemFile != null) {
sslContextBuilder.trustManager(this.trustedClientCertificatePemFile);
} else if (this.trustedClientCertificateInputStream != null) {
sslContextBuilder.trustManager(this.trustedClientCertificateInputStream);
} else if (this.trustedClientCertificates != null) {
sslContextBuilder.trustManager(this.trustedClientCertificates);
}
sslContext = sslContextBuilder.build();
}
final MockApnsServer server = new MockApnsServer(sslContext, this.handlerFactory, this.listener, this.maxConcurrentStreams, this.eventLoopGroup);
if (sslContext instanceof ReferenceCounted) {
((ReferenceCounted) sslContext).release();
}
return server;
}