aboutsummaryrefslogtreecommitdiff
path: root/juick-server/src/main/java/com/juick/server/XMPPServer.java
diff options
context:
space:
mode:
Diffstat (limited to 'juick-server/src/main/java/com/juick/server/XMPPServer.java')
-rw-r--r--juick-server/src/main/java/com/juick/server/XMPPServer.java16
1 files changed, 4 insertions, 12 deletions
diff --git a/juick-server/src/main/java/com/juick/server/XMPPServer.java b/juick-server/src/main/java/com/juick/server/XMPPServer.java
index 675d79da..f2e41750 100644
--- a/juick-server/src/main/java/com/juick/server/XMPPServer.java
+++ b/juick-server/src/main/java/com/juick/server/XMPPServer.java
@@ -70,10 +70,6 @@ public class XMPPServer implements ConnectionListener {
private Jid jid;
@Value("${s2s_port:5269}")
private int s2sPort;
- @Value("${keystore:juick.p12}")
- public String keystore;
- @Value("${keystore_password:secret}")
- public String keystorePassword;
@Value("${broken_ssl_hosts:}")
public String[] brokenSSLhosts;
@Value("${banned_hosts:}")
@@ -111,21 +107,17 @@ public class XMPPServer implements ConnectionListener {
private BasicXmppSession session;
@Inject
private UserService userService;
+ @Inject
+ private KeystoreManager keystoreManager;
@PostConstruct
public void init() throws KeyStoreException {
closeFlag.set(false);
- KeyStore ks = KeyStore.getInstance("PKCS12");
- try (InputStream ksIs = new FileInputStream(keystore)) {
- ks.load(ksIs, keystorePassword.toCharArray());
- KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory
- .getDefaultAlgorithm());
- kmf.init(ks, keystorePassword.toCharArray());
+ try {
sc = SSLContext.getInstance("TLSv1.2");
- sc.init(kmf.getKeyManagers(), trustAllCerts, new SecureRandom());
+ sc.init(keystoreManager.getKeymanagerFactory().getKeyManagers(), trustAllCerts, new SecureRandom());
TrustManagerFactory trustManagerFactory =
TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
-
Set<TrustAnchor> ca = new HashSet<>();
trustManagerFactory.init((KeyStore)null);
Arrays.stream(trustManagerFactory.getTrustManagers()).forEach(t -> Arrays.stream(((X509TrustManager)t).getAcceptedIssuers()).forEach(cert -> ca.add(new TrustAnchor(cert, null))));
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-04 22:23:15 +0000