mirror of https://github.com/OpenIdentityPlatform/OpenDJ.git
parent: 4b2ed369 | patch | commit | show whitespace
vharseko
12.16.2019 c23933a56ed2a7d3cb804e2cf14b78db9bcb6140 
generate selfsigned ssl server cert for SSL tests with not anonymous SSL
ciphers
1 files modified
29 ■■■■■ changed files
opendj-core/src/test/java/org/forgerock/opendj/ldap/LDAPServer.java 29 ●●●●● patch | view | raw | blame | history 
 opendj-core/src/test/java/org/forgerock/opendj/ldap/LDAPServer.java


@@ -23,6 +23,8 @@




import java.io.IOException;


import java.net.InetSocketAddress;


import java.security.KeyStore;


import java.security.cert.X509Certificate;


import java.util.Collections;


import java.util.HashMap;


import java.util.Iterator;


@@ -31,6 +33,7 @@


import java.util.concurrent.ConcurrentHashMap;


import java.util.concurrent.atomic.AtomicBoolean;




import javax.net.ssl.KeyManagerFactory;


import javax.net.ssl.SSLContext;


import javax.net.ssl.SSLEngine;


import javax.security.auth.callback.Callback;


@@ -74,6 +77,9 @@


import com.forgerock.opendj.ldap.controls.AccountUsabilityResponseControl;


import com.forgerock.reactive.ServerConnectionFactoryAdapter;




import sun.security.tools.keytool.CertAndKeyGen;


import sun.security.x509.X500Name;




/**


 * A simple ldap server that manages 1000 entries and used for running


 * testcases.


@@ -404,6 +410,7 @@


            }


        }




        


        @Override


        public void handleModify(final Integer context, final ModifyRequest request,


                final IntermediateResponseHandler intermediateResponseHandler,


@@ -472,7 +479,7 @@


     */


    private final ConcurrentHashMap<Integer, AbandonableRequest> requestsInProgress = new ConcurrentHashMap<>();




    private SSLContext sslContext;


    private static SSLContext sslContext;




    private LDAPServer() {


        // Add the root dse first.


@@ -509,6 +516,25 @@


        return isRunning;


    }






    static {


        final String password="keypassword";


        try {


            CertAndKeyGen keyGen=new CertAndKeyGen("RSA","SHA1WithRSA",null);


            keyGen.generate(2048);


            X509Certificate[] chain=new X509Certificate[1];


            chain[0]=keyGen.getSelfCertificate(new X500Name("CN=localhost"), (long)1*3600);


	        


            KeyStore ks = KeyStore.getInstance("JKS");


            ks.load(null, null);


            ks.setKeyEntry("localhost", keyGen.getPrivateKey(),password.toCharArray(), chain);


            KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());


            kmf.init(ks, password.toCharArray());


            sslContext = new SSLContextBuilder().setKeyManager(kmf.getKeyManagers()[0]).getSSLContext();


        }catch (Exception e) {


            new RuntimeException("generate self-signed certificate",e);


        }


    }


    /**


     * Starts the server.


     *


@@ -518,7 +544,6 @@


        if (isRunning) {


            return;


        }


        sslContext = new SSLContextBuilder().getSSLContext();


        listener = new LDAPListener(Collections.singleton(loopbackWithDynamicPort()),


                new ServerConnectionFactoryAdapter(Options.defaultOptions().get(LDAP_DECODE_OPTIONS),


                        getInstance()),