diff options
| author |  Vitaly Takmazov | 2018-09-05 22:46:23 +0300 |
|---|---|---|
| committer | Vitaly Takmazov | 2018-09-05 22:46:23 +0300 |
| commit | 3ad367ca8a9a11c026938459f7b852f6391bd341 (patch) | |
| tree | 263f1309e83c5dc5cd9b7e5cc97459f936d6895d /juick-server/src/main/java/com/juick/server/XMPPServer.java | |
| parent | 302200828e48932dba38dc36fd41dd23fb6dfc76 (diff) | |
KeystoreManager shares keystore between XMPP and ActivityPub
Diffstat (limited to 'juick-server/src/main/java/com/juick/server/XMPPServer.java')
| -rw-r--r-- | juick-server/src/main/java/com/juick/server/XMPPServer.java | 16 |
1 files changed, 4 insertions, 12 deletions
diff --git a/juick-server/src/main/java/com/juick/server/XMPPServer.java b/juick-server/src/main/java/com/juick/server/XMPPServer.java index 675d79da..f2e41750 100644 --- a/juick-server/src/main/java/com/juick/server/XMPPServer.java +++ b/juick-server/src/main/java/com/juick/server/XMPPServer.java @@ -70,10 +70,6 @@ public class XMPPServer implements ConnectionListener { private Jid jid; @Value("${s2s_port:5269}") private int s2sPort; - @Value("${keystore:juick.p12}") - public String keystore; - @Value("${keystore_password:secret}") - public String keystorePassword; @Value("${broken_ssl_hosts:}") public String[] brokenSSLhosts; @Value("${banned_hosts:}") @@ -111,21 +107,17 @@ public class XMPPServer implements ConnectionListener { private BasicXmppSession session; @Inject private UserService userService; + @Inject + private KeystoreManager keystoreManager; @PostConstruct public void init() throws KeyStoreException { closeFlag.set(false); - KeyStore ks = KeyStore.getInstance("PKCS12"); - try (InputStream ksIs = new FileInputStream(keystore)) { - ks.load(ksIs, keystorePassword.toCharArray()); - KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory - .getDefaultAlgorithm()); - kmf.init(ks, keystorePassword.toCharArray()); + try { sc = SSLContext.getInstance("TLSv1.2"); - sc.init(kmf.getKeyManagers(), trustAllCerts, new SecureRandom()); + sc.init(keystoreManager.getKeymanagerFactory().getKeyManagers(), trustAllCerts, new SecureRandom()); TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); - Set<TrustAnchor> ca = new HashSet<>(); trustManagerFactory.init((KeyStore)null); Arrays.stream(trustManagerFactory.getTrustManagers()).forEach(t -> Arrays.stream(((X509TrustManager)t).getAcceptedIssuers()).forEach(cert -> ca.add(new TrustAnchor(cert, null)))); |