public static SslPolicy MakeSslPolicy(SslResource sslResource, SslProvider sslProvider, string protocols, string ciphers) { IDictionary <string, string> config = new Dictionary <string, string>(); config[SslSystemSettings.netty_ssl_provider.name()] = sslProvider.name(); SslPolicyConfig policyConfig = new SslPolicyConfig("default"); File baseDirectory = sslResource.PrivateKey().ParentFile; (new File(baseDirectory, "trusted")).mkdirs(); (new File(baseDirectory, "revoked")).mkdirs(); config[policyConfig.BaseDirectory.name()] = baseDirectory.Path; config[policyConfig.PrivateKey.name()] = sslResource.PrivateKey().Path; config[policyConfig.PublicCertificate.name()] = sslResource.PublicCertificate().Path; config[policyConfig.TrustedDir.name()] = sslResource.TrustedDirectory().Path; config[policyConfig.RevokedDir.name()] = sslResource.RevokedDirectory().Path; config[policyConfig.VerifyHostname.name()] = "false"; if (!string.ReferenceEquals(protocols, null)) { config[policyConfig.TlsVersions.name()] = protocols; } if (!string.ReferenceEquals(ciphers, null)) { config[policyConfig.Ciphers.name()] = ciphers; } SslPolicyLoader sslPolicyFactory = SslPolicyLoader.create(Config.fromSettings(config).build(), NullLogProvider.Instance); return(sslPolicyFactory.GetPolicy("default")); }
private void SetSslOptions() { // SSL Options should be set regardless of the type of the original request, // in case an http->https redirection occurs. // // While this does slow down the theoretical best path of the request the code // to decide that we need to register the callback is more complicated than, and // potentially more expensive than, just always setting the callback. SslProvider.SetSslOptions(this, _handler.ClientCertificateOptions); }
public SslPolicy(PrivateKey privateKey, X509Certificate[] keyCertChain, IList <string> tlsVersions, IList <string> ciphers, ClientAuth clientAuth, TrustManagerFactory trustManagerFactory, SslProvider sslProvider, bool verifyHostname, LogProvider logProvider) { this._privateKey = privateKey; this._keyCertChain = keyCertChain; this._tlsVersions = tlsVersions == null ? null : tlsVersions.ToArray(); this._ciphers = ciphers; this._clientAuth = clientAuth; this._trustManagerFactory = trustManagerFactory; this._sslProvider = sslProvider; this._verifyHostname = verifyHostname; this._log = logProvider.GetLog(typeof(SslPolicy)); }
public static SslPolicy MakeSslPolicy(SslResource sslResource, SslProvider sslProvider) { return(MakeSslPolicy(sslResource, sslProvider, null, null)); }
private SslPolicyLoader(Config config, LogProvider logProvider) { this._config = config; this._sslProvider = config.Get(SslSystemSettings.NettySslProvider); this._logProvider = logProvider; }