public static HttpServerOptions createHttpServerOptions(DynamicCertOptions dynamicCertOptions, boolean jettyAgentAlreadyLoaded) { HttpServerOptions httpOptions = new HttpServerOptions() // basic TCP/HTTP options .setReuseAddress(true) .setCompressionSupported(false) // otherwise it automatically compresses based on response headers even if pre-compressed with e.g. proxy .setUsePooledBuffers(true) .setSsl(true) .setKeyCertOptions(dynamicCertOptions) // TLS tuning .addEnabledSecureTransportProtocol("TLSv1.2") .addEnabledSecureTransportProtocol("TLSv1.3"); // enable HTTP/2 support if we can.. if (USE_OPENSSL) { // TODO this has not really been tested with SNI yet httpOptions .setUseAlpn(true) .setSslEngineOptions(new OpenSSLEngineOptions()); cipherSuites.stream().map(SetupHttpServerOptions::javaCipherNameToOpenSSLName) .forEach(httpOptions::addEnabledCipherSuite); } else { httpOptions .setUseAlpn(jettyAgentAlreadyLoaded || DynamicAgent.enableJettyAlpn()) .setJdkSslEngineOptions(new JdkSSLEngineOptions()); cipherSuites.forEach(httpOptions::addEnabledCipherSuite); } return httpOptions; }
@Override public void start(Future<Void> startFuture) { super.start(startFuture); HttpApiFactory.init(engine.getApiRequestPathParser()); InheritingHttpServerOptions httpsServerOptions = new InheritingHttpServerOptions(); httpsServerOptions .setSsl(true) .setKeyStoreOptions( new JksOptions() .setPath(apimanConfig.getKeyStore()) .setPassword(apimanConfig.getKeyStorePassword()) ) .setTrustStoreOptions( new JksOptions() .setPath(apimanConfig.getTrustStore()) .setPassword(apimanConfig.getTrustStorePassword()) ); if (JdkSSLEngineOptions.isAlpnAvailable()) { httpsServerOptions.setUseAlpn(true); } // Load any provided configuration into the HttpServerOptions. JsonObject httpServerOptionsJson = apimanConfig.getVerticleConfig(verticleType().name()) .getJsonObject("httpServerOptions", new JsonObject()); //$NON-NLS-1$ InheritingHttpServerOptionsConverter.fromJson(httpServerOptionsJson, httpsServerOptions); vertx.createHttpServer(httpsServerOptions) .requestHandler(this::requestHandler) .listen(apimanConfig.getPort(VERTICLE_TYPE), apimanConfig.getHostname()); }
public HttpClientComponentImpl(Vertx vertx, VertxEngineConfig engineConfig, Map<String, String> componentConfig) { HttpClientOptions sslOptions = new HttpClientOptions() .setSsl(true) .setVerifyHost(false) .setTrustAll(true); // TODO if (JdkSSLEngineOptions.isAlpnAvailable()) { sslOptions.setUseAlpn(true); } this.sslClient = vertx.createHttpClient(sslOptions); this.plainClient = vertx.createHttpClient(new HttpClientOptions()); }
private HttpServerOptions getHttpServerOptions(String name) { HttpServerOptions options = new HttpServerOptions(); HttpServerOptionsConverter.fromJson(config().getJsonObject(name, new JsonObject()), options); if (JdkSSLEngineOptions.isAlpnAvailable()) { options.setUseAlpn(true); } return options; }
@Override public PgConnectOptions setJdkSslEngineOptions(JdkSSLEngineOptions sslEngineOptions) { return (PgConnectOptions)super.setJdkSslEngineOptions(sslEngineOptions); }
@Override public AmqpBridgeOptions setJdkSslEngineOptions(JdkSSLEngineOptions sslEngineOptions) { super.setJdkSslEngineOptions(sslEngineOptions); return this; }
@Override public ProtonServerOptions setJdkSslEngineOptions(JdkSSLEngineOptions sslEngineOptions) { super.setJdkSslEngineOptions(sslEngineOptions); return this; }
@Override public ProtonClientOptions setJdkSslEngineOptions(JdkSSLEngineOptions sslEngineOptions) { super.setJdkSslEngineOptions(sslEngineOptions); return this; }
@Override public WebClientOptions setJdkSslEngineOptions(JdkSSLEngineOptions sslEngineOptions) { return (WebClientOptions) super.setJdkSslEngineOptions(sslEngineOptions); }
