-
Notifications
You must be signed in to change notification settings - Fork 33
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[ANCHOR-836] Add configuration
event.queue.kafka.ssl_cert_verify
(#…
…1528) ### Description - Add configuration `event.queue.kafka.ssl_cert_verify` ### Context This flag is for dev and test environment where a valid CA may not be present.
- Loading branch information
Showing
9 changed files
with
256 additions
and
41 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
79 changes: 79 additions & 0 deletions
79
platform/src/main/java/org/stellar/anchor/platform/utils/TrustAllSslEngineFactory.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,79 @@ | ||
package org.stellar.anchor.platform.utils; | ||
|
||
import java.security.KeyManagementException; | ||
import java.security.KeyStore; | ||
import java.security.NoSuchAlgorithmException; | ||
import java.security.SecureRandom; | ||
import java.security.cert.X509Certificate; | ||
import java.util.Map; | ||
import java.util.Set; | ||
import javax.net.ssl.SSLContext; | ||
import javax.net.ssl.SSLEngine; | ||
import javax.net.ssl.TrustManager; | ||
import javax.net.ssl.X509TrustManager; | ||
import org.apache.kafka.common.security.auth.SslEngineFactory; | ||
|
||
public class TrustAllSslEngineFactory implements SslEngineFactory { | ||
|
||
private final TrustManager TRUST_ALL_MANAGER = | ||
new X509TrustManager() { | ||
|
||
public X509Certificate[] getAcceptedIssuers() { | ||
return null; | ||
} | ||
|
||
public void checkClientTrusted(X509Certificate[] certs, String authType) { | ||
// empty | ||
} | ||
|
||
public void checkServerTrusted(X509Certificate[] certs, String authType) { | ||
// empty | ||
} | ||
}; | ||
|
||
@Override | ||
public SSLEngine createClientSslEngine( | ||
String peerHost, int peerPort, String endpointIdentification) { | ||
TrustManager[] trustManagers = new TrustManager[] {TRUST_ALL_MANAGER}; | ||
try { | ||
SSLContext sslContext = SSLContext.getInstance("SSL"); | ||
sslContext.init(null, trustManagers, new SecureRandom()); | ||
SSLEngine sslEngine = sslContext.createSSLEngine(peerHost, peerPort); | ||
sslEngine.setUseClientMode(true); | ||
return sslEngine; | ||
} catch (NoSuchAlgorithmException | KeyManagementException e) { | ||
throw new RuntimeException(e); | ||
} | ||
} | ||
|
||
@Override | ||
public SSLEngine createServerSslEngine(String peerHost, int peerPort) { | ||
return null; | ||
} | ||
|
||
@Override | ||
public boolean shouldBeRebuilt(Map<String, Object> nextConfigs) { | ||
return false; | ||
} | ||
|
||
@Override | ||
public Set<String> reconfigurableConfigs() { | ||
return null; | ||
} | ||
|
||
@Override | ||
public KeyStore keystore() { | ||
return null; | ||
} | ||
|
||
@Override | ||
public KeyStore truststore() { | ||
return null; | ||
} | ||
|
||
@Override | ||
public void close() {} | ||
|
||
@Override | ||
public void configure(Map<String, ?> configs) {} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.