Java Code Examples for io.vertx.core.http.HttpClientOptions#setSsl()

The following examples show how to use io.vertx.core.http.HttpClientOptions#setSsl() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: MyResource.java    From redpipe with Apache License 2.0 6 votes vote down vote up 
@Path("3")
@GET
public void hello3(@Suspended final AsyncResponse asyncResponse,
	      // Inject the Vertx instance
	      @Context Vertx vertx){
	System.err.println("Creating client");
	HttpClientOptions options = new HttpClientOptions();
	options.setSsl(true);
	options.setTrustAll(true);
	options.setVerifyHost(false);
	HttpClient client = vertx.createHttpClient(options);
	client.getNow(443,
			"www.google.com", 
			"/robots.txt", 
			resp -> {
				System.err.println("Got response");
				resp.bodyHandler(body -> {
					System.err.println("Got body");
					asyncResponse.resume(Response.ok(body.toString()).build());
				});
			});
	System.err.println("Created client");
}
Example 2
Source File: ProxyVerticle.java    From quarantyne with Apache License 2.0 5 votes vote down vote up 
@Override
public void start(Future<Void> startFuture) {
  this.bouncer = new Bouncer(vertx, configSupplier, configArgs);
  // proxy server (this server)
  HttpServerOptions httpServerOptions = new HttpServerOptions();
  httpServerOptions.setHost(configArgs.getIngress().getIp());
  httpServerOptions.setUsePooledBuffers(true);
  HttpServer httpServer = vertx.createHttpServer(httpServerOptions);

  // http client to remote
  HttpClientOptions httpClientOptions = new HttpClientOptions();
  httpClientOptions.setKeepAlive(true);
  httpClientOptions.setLogActivity(true);

  if (configArgs.getEgress().isSsl()) {
    httpClientOptions.setSsl(true);
  }
  httpClientOptions.setDefaultHost(configArgs.getEgress().getHost());
  httpClientOptions.setDefaultPort(configArgs.getEgress().getPort());

  this.httpClient = vertx.createHttpClient(httpClientOptions);

  httpServer.requestHandler(frontReq -> {
    if (frontReq.method().equals(HttpMethod.POST) || frontReq.method().equals(HttpMethod.PUT)) {
      frontReq.bodyHandler(reqBody -> {
        proxiedRequestHandler(frontReq, reqBody);
      });
    } else {
      proxiedRequestHandler(frontReq, null);
    }
  }).exceptionHandler(ex -> {
    log.error("HTTP server error", ex);
  }).listen(configArgs.getIngress().getPort(), configArgs.getIngress().getIp(), h -> {
    if (h.failed()) {
      log.error("proxy failed to start", h.cause());
      startFuture.fail(h.cause());
    }
  });
}
Example 3
Source File: Bouncer.java    From quarantyne with Apache License 2.0 5 votes vote down vote up 
public Bouncer(Vertx vertx, Supplier<Config> configSupplier, ConfigArgs configArgs) {

    this.configSupplier = configSupplier;
    this.configArgs = configArgs;

    String blockedPage = configSupplier.get().getBlockedRequestPage();
    egressUrl = configArgs.getEgress();
    path = null;
    if (!blockedPage.startsWith("/") && blockedPage.startsWith("http")) {
      try {
        URL url = new URL(blockedPage);
        int port = url.getPort();
        if (url.getPort() < 0 && url.getProtocol().equals("https")) {
          port = 443;
        }
        if (url.getPort() < 0 && url.getProtocol().equals("http")) {
          port = 80;
        }
        egressUrl = new EgressUrl(url.getProtocol(), url.getHost(), port);
        path = url.getPath();
      } catch (MalformedURLException ex) {
        path = "/";
        log.error("cannot parse bounced page URL, defaulting to remote /");
      }
    } else {
      path = blockedPage;
    }

    HttpClientOptions httpClientOptions = new HttpClientOptions();
    httpClientOptions.setKeepAlive(true);
    if (egressUrl.isSsl()) {
      httpClientOptions.setSsl(true);
    }

    this.httpClient = vertx.createHttpClient(httpClientOptions);
  }
Example 4
Source File: MyResource.java    From redpipe with Apache License 2.0 5 votes vote down vote up 
@Path("5")
@GET
public void hello5(@Suspended final AsyncResponse asyncResponse,
	      // Inject the Vertx instance
	      @Context Vertx vertx){
	io.vertx.reactivex.core.Vertx rxVertx = io.vertx.reactivex.core.Vertx.newInstance(vertx);
	System.err.println("Creating client");
	HttpClientOptions options = new HttpClientOptions();
	options.setSsl(true);
	options.setTrustAll(true);
	options.setVerifyHost(false);
	io.vertx.reactivex.core.http.HttpClient client = rxVertx.createHttpClient(options);
	// DOES NOT WORK: https://github.com/vert-x3/vertx-rx/issues/13
	Observable<io.vertx.reactivex.core.http.HttpClientResponse> responseHandler = client.get(443,
			"www.google.com", 
			"/robots.txt").toObservable();

	responseHandler.map(resp -> {
		System.err.println("Got response");
		return resp.toObservable(); 
	})
	.subscribe(body -> {
		System.err.println("Got body");
		asyncResponse.resume(Response.ok(body.toString()).build());
	});
	
	System.err.println("Created client");
}
Example 5
Source File: EventBusBridgeWebsocketClientVerticle.java    From vertx-mqtt-broker with Apache License 2.0 5 votes vote down vote up 
private void createClient() {
    // [WebSocket <- BUS] listen BUS write to WebSocket
    HttpClientOptions opt = new HttpClientOptions()
            .setConnectTimeout(connectTimeout) // (The default value of connect timeout = 60000 ms) we set to 1 second
            .setTcpKeepAlive(true)
            .setIdleTimeout(idleTimeout)
            ;

    if(ssl_enabled) {
        opt.setSsl(true);
    }

    if(ssl_cert_key != null && ssl_cert != null && ssl_trust != null) {
        opt.setSsl(true)
            .setPemKeyCertOptions(new PemKeyCertOptions()
                .setKeyPath(ssl_cert_key)
                .setCertPath(ssl_cert)
            )
            .setPemTrustOptions(new PemTrustOptions()
                .addCertPath(ssl_trust)
            )
        ;
        tenant = new CertInfo(ssl_cert).getTenant();
    }

    netClient = vertx.createHttpClient(opt);
}
Example 6
Source File: HttpClientOptionsFactory.java    From apiman with Apache License 2.0 5 votes vote down vote up 
public static HttpClientOptions parseTlsOptions(TLSOptions tlsOptions, URI apiEndpoint) {
    HttpClientOptions clientOptions = new HttpClientOptions();

    if (apiEndpoint.getScheme().equals("http")) { //$NON-NLS-1$
        return clientOptions.setSsl(false);
    } else {
        clientOptions.setSsl(true);
    }

    clientOptions.setTrustAll(tlsOptions.isTrustSelfSigned() || tlsOptions.isDevMode())
        .setVerifyHost(!(tlsOptions.isAllowAnyHost() || tlsOptions.isDevMode()));

    if (tlsOptions.getTrustStore() != null) {
        clientOptions.setTrustStoreOptions(
            new JksOptions().setPath(tlsOptions.getTrustStore()).setPassword(tlsOptions.getTrustStorePassword())
        );
    }

    if (tlsOptions.getKeyStore() != null) {
        clientOptions.setKeyStoreOptions(
            new JksOptions().setPath(tlsOptions.getKeyStore()).setPassword(tlsOptions.getKeyStorePassword())
        );
    }

    if (tlsOptions.getAllowedCiphers() != null) {
        String[] ciphers = arrayDifference(tlsOptions.getAllowedCiphers(), tlsOptions.getDisallowedCiphers(), getDefaultCipherSuites());
        for (String cipher : ciphers) {
            clientOptions.addEnabledCipherSuite(cipher);
        }
    }

    if (tlsOptions.getAllowedProtocols() != null) {
        log.info("Can't set allowed protocols on Vert.x gateway"); //$NON-NLS-1$
    }

    return clientOptions;
}
Example 7
Source File: NodeHttpClientBuilder.java    From orion with Apache License 2.0 4 votes vote down vote up 
public static HttpClient build(final Vertx vertx, final Config config, final int clientTimeoutMs) {
  final HttpClientOptions options =
      new HttpClientOptions().setConnectTimeout(clientTimeoutMs).setIdleTimeout(clientTimeoutMs).setMaxWaitQueueSize(
          MAX_WAIT_QUEUE_SIZE);

  if ("strict".equals(config.tls())) {
    final Path workDir = config.workDir();
    final Path tlsClientCert = workDir.resolve(config.tlsClientCert());
    final Path tlsClientKey = workDir.resolve(config.tlsClientKey());

    final PemKeyCertOptions pemKeyCertOptions =
        new PemKeyCertOptions().setKeyPath(tlsClientKey.toString()).setCertPath(tlsClientCert.toString());

    options.setSsl(true);
    options.setPemKeyCertOptions(pemKeyCertOptions);

    if (!config.tlsClientChain().isEmpty()) {
      final PemTrustOptions pemTrustOptions = new PemTrustOptions();
      for (final Path chainCert : config.tlsClientChain()) {
        pemTrustOptions.addCertPath(chainCert.toAbsolutePath().toString());
      }
      options.setPemTrustOptions(pemTrustOptions);
    }

    final Path knownServersFile = config.tlsKnownServers();
    final String clientTrustMode = config.tlsClientTrust();
    switch (clientTrustMode) {
      case "whitelist":
        options.setTrustOptions(VertxTrustOptions.whitelistServers(knownServersFile, false));
        break;
      case "ca":
        // use default trust options
        break;
      case "ca-or-whitelist":
        options.setTrustOptions(VertxTrustOptions.whitelistServers(knownServersFile, true));
        break;
      case "tofu":
        options.setTrustOptions(VertxTrustOptions.trustServerOnFirstUse(knownServersFile, false));
        break;
      case "ca-or-tofu":
        options.setTrustOptions(VertxTrustOptions.trustServerOnFirstUse(knownServersFile, true));
        break;
      case "insecure-no-validation":
      case "insecure-record":
        options.setTrustOptions(VertxTrustOptions.recordServerFingerprints(knownServersFile, false));
        break;
      case "insecure-ca-or-record":
        options.setTrustOptions(VertxTrustOptions.recordServerFingerprints(knownServersFile, true));
        break;

      default:
        throw new UnsupportedOperationException(
            "\"" + clientTrustMode + "\" option for tlsclienttrust is not supported");
    }
  }
  return vertx.createHttpClient(options);
}