Java Code Examples for org.apache.rocketmq.remoting.common.TlsMode#ENFORCING

The following examples show how to use org.apache.rocketmq.remoting.common.TlsMode#ENFORCING . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: NettyRemotingServer.java    From DDMQ with Apache License 2.0 4 votes vote down vote up
@Override
protected void channelRead0(ChannelHandlerContext ctx, ByteBuf msg) throws Exception {

    // mark the current position so that we can peek the first byte to determine if the content is starting with
    // TLS handshake
    msg.markReaderIndex();

    byte b = msg.getByte(0);

    if (b == HANDSHAKE_MAGIC_CODE) {
        switch (tlsMode) {
            case DISABLED:
                ctx.close();
                log.warn("Clients intend to establish a SSL connection while this server is running in SSL disabled mode");
                break;
            case PERMISSIVE:
            case ENFORCING:
                if (null != sslContext) {
                    ctx.pipeline()
                        .addAfter(defaultEventExecutorGroup, HANDSHAKE_HANDLER_NAME, TLS_HANDLER_NAME, sslContext.newHandler(ctx.channel().alloc()))
                        .addAfter(defaultEventExecutorGroup, TLS_HANDLER_NAME, FILE_REGION_ENCODER_NAME, new FileRegionEncoder());
                    log.info("Handlers prepended to channel pipeline to establish SSL connection");
                } else {
                    ctx.close();
                    log.error("Trying to establish a SSL connection but sslContext is null");
                }
                break;

            default:
                log.warn("Unknown TLS mode");
                break;
        }
    } else if (tlsMode == TlsMode.ENFORCING) {
        ctx.close();
        log.warn("Clients intend to establish an insecure connection while this server is running in SSL enforcing mode");
    }

    // reset the reader index so that handshake negotiation may proceed as normal.
    msg.resetReaderIndex();

    try {
        // Remove this handler
        ctx.pipeline().remove(this);
    } catch (NoSuchElementException e) {
        log.error("Error while removing HandshakeHandler", e);
    }

    // Hand over this message to the next .
    ctx.fireChannelRead(msg.retain());
}
 
Example 2
Source File: TlsTest.java    From DDMQ with Apache License 2.0 4 votes vote down vote up
@Before
public void setUp() throws InterruptedException {
    tlsMode = TlsMode.ENFORCING;
    tlsTestModeEnable = false;
    tlsServerNeedClientAuth = "require";
    tlsServerKeyPath = getCertsPath("server.key");
    tlsServerCertPath = getCertsPath("server.pem");
    tlsServerAuthClient = true;
    tlsServerTrustCertPath = getCertsPath("ca.pem");
    tlsClientKeyPath = getCertsPath("client.key");
    tlsClientCertPath = getCertsPath("client.pem");
    tlsClientAuthServer = true;
    tlsClientTrustCertPath = getCertsPath("ca.pem");
    tlsClientKeyPassword = "1234";
    tlsServerKeyPassword = "";

    NettyClientConfig clientConfig = new NettyClientConfig();
    clientConfig.setUseTLS(true);

    if ("serverRejectsUntrustedClientCert".equals(name.getMethodName())) {
        // Create a client. Its credentials come from a CA that the server does not trust. The client
        // trusts both test CAs to ensure the handshake failure is due to the server rejecting the client's cert.
        tlsClientKeyPath = getCertsPath("badClient.key");
        tlsClientCertPath = getCertsPath("badClient.pem");
    } else if ("serverAcceptsUntrustedClientCert".equals(name.getMethodName())) {
        tlsClientKeyPath = getCertsPath("badClient.key");
        tlsClientCertPath = getCertsPath("badClient.pem");
        tlsServerAuthClient = false;
    }
    else if ("noClientAuthFailure".equals(name.getMethodName())) {
        //Clear the client cert config to ensure produce the handshake error
        tlsClientKeyPath = "";
        tlsClientCertPath = "";
    } else if ("clientRejectsUntrustedServerCert".equals(name.getMethodName())) {
        tlsServerKeyPath = getCertsPath("badServer.key");
        tlsServerCertPath = getCertsPath("badServer.pem");
    } else if ("clientAcceptsUntrustedServerCert".equals(name.getMethodName())) {
        tlsServerKeyPath = getCertsPath("badServer.key");
        tlsServerCertPath = getCertsPath("badServer.pem");
        tlsClientAuthServer = false;
    } else if ("serverNotNeedClientAuth".equals(name.getMethodName())) {
        tlsServerNeedClientAuth = "none";
        tlsClientKeyPath = "";
        tlsClientCertPath = "";
    } else if ("serverWantClientAuth".equals(name.getMethodName())) {
        tlsServerNeedClientAuth = "optional";
    } else if ("serverWantClientAuth_ButClientNoCert".equals(name.getMethodName())) {
        tlsServerNeedClientAuth = "optional";
        tlsClientKeyPath = "";
        tlsClientCertPath = "";
    } else if ("serverAcceptsUnAuthClient".equals(name.getMethodName())) {
        tlsMode = TlsMode.PERMISSIVE;
        tlsClientKeyPath = "";
        tlsClientCertPath = "";
        clientConfig.setUseTLS(false);
    } else if ("serverRejectsSSLClient".equals(name.getMethodName())) {
        tlsMode = TlsMode.DISABLED;
    }

    remotingServer = RemotingServerTest.createRemotingServer();
    remotingClient = RemotingServerTest.createRemotingClient(clientConfig);
}
 
Example 3
Source File: NettyRemotingServer.java    From rocketmq-4.3.0 with Apache License 2.0 4 votes vote down vote up
@Override
protected void channelRead0(ChannelHandlerContext ctx, ByteBuf msg) throws Exception {

    // mark the current position so that we can peek the first byte to determine if the content is starting with
    // TLS handshake
    msg.markReaderIndex();

    byte b = msg.getByte(0);

    if (b == HANDSHAKE_MAGIC_CODE) {
        switch (tlsMode) {
            case DISABLED:
                ctx.close();
                log.warn("Clients intend to establish a SSL connection while this server is running in SSL disabled mode");
                break;
            case PERMISSIVE:
            case ENFORCING:
                if (null != sslContext) {
                    ctx.pipeline()
                        .addAfter(defaultEventExecutorGroup, HANDSHAKE_HANDLER_NAME, TLS_HANDLER_NAME, sslContext.newHandler(ctx.channel().alloc()))
                        .addAfter(defaultEventExecutorGroup, TLS_HANDLER_NAME, FILE_REGION_ENCODER_NAME, new FileRegionEncoder());
                    log.info("Handlers prepended to channel pipeline to establish SSL connection");
                } else {
                    ctx.close();
                    log.error("Trying to establish a SSL connection but sslContext is null");
                }
                break;

            default:
                log.warn("Unknown TLS mode");
                break;
        }
    } else if (tlsMode == TlsMode.ENFORCING) {
        ctx.close();
        log.warn("Clients intend to establish an insecure connection while this server is running in SSL enforcing mode");
    }

    // reset the reader index so that handshake negotiation may proceed as normal.
    msg.resetReaderIndex();

    try {
        // Remove this handler
        ctx.pipeline().remove(this);
    } catch (NoSuchElementException e) {
        log.error("Error while removing HandshakeHandler", e);
    }

    // Hand over this message to the next .
    ctx.fireChannelRead(msg.retain());
}
 
Example 4
Source File: TlsTest.java    From rocketmq-4.3.0 with Apache License 2.0 4 votes vote down vote up
@Before
public void setUp() throws InterruptedException {
    tlsMode = TlsMode.ENFORCING;
    tlsTestModeEnable = false;
    tlsServerNeedClientAuth = "require";
    tlsServerKeyPath = getCertsPath("server.key");
    tlsServerCertPath = getCertsPath("server.pem");
    tlsServerAuthClient = true;
    tlsServerTrustCertPath = getCertsPath("ca.pem");
    tlsClientKeyPath = getCertsPath("client.key");
    tlsClientCertPath = getCertsPath("client.pem");
    tlsClientAuthServer = true;
    tlsClientTrustCertPath = getCertsPath("ca.pem");
    tlsClientKeyPassword = "1234";
    tlsServerKeyPassword = "";

    NettyClientConfig clientConfig = new NettyClientConfig();
    clientConfig.setUseTLS(true);

    if ("serverRejectsUntrustedClientCert".equals(name.getMethodName())) {
        // Create a client. Its credentials come from a CA that the server does not trust. The client
        // trusts both test CAs to ensure the handshake failure is due to the server rejecting the client's cert.
        tlsClientKeyPath = getCertsPath("badClient.key");
        tlsClientCertPath = getCertsPath("badClient.pem");
    } else if ("serverAcceptsUntrustedClientCert".equals(name.getMethodName())) {
        tlsClientKeyPath = getCertsPath("badClient.key");
        tlsClientCertPath = getCertsPath("badClient.pem");
        tlsServerAuthClient = false;
    }
    else if ("noClientAuthFailure".equals(name.getMethodName())) {
        //Clear the client cert config to ensure produce the handshake error
        tlsClientKeyPath = "";
        tlsClientCertPath = "";
    } else if ("clientRejectsUntrustedServerCert".equals(name.getMethodName())) {
        tlsServerKeyPath = getCertsPath("badServer.key");
        tlsServerCertPath = getCertsPath("badServer.pem");
    } else if ("clientAcceptsUntrustedServerCert".equals(name.getMethodName())) {
        tlsServerKeyPath = getCertsPath("badServer.key");
        tlsServerCertPath = getCertsPath("badServer.pem");
        tlsClientAuthServer = false;
    } else if ("serverNotNeedClientAuth".equals(name.getMethodName())) {
        tlsServerNeedClientAuth = "none";
        tlsClientKeyPath = "";
        tlsClientCertPath = "";
    } else if ("serverWantClientAuth".equals(name.getMethodName())) {
        tlsServerNeedClientAuth = "optional";
    } else if ("serverWantClientAuth_ButClientNoCert".equals(name.getMethodName())) {
        tlsServerNeedClientAuth = "optional";
        tlsClientKeyPath = "";
        tlsClientCertPath = "";
    } else if ("serverAcceptsUnAuthClient".equals(name.getMethodName())) {
        tlsMode = TlsMode.PERMISSIVE;
        tlsClientKeyPath = "";
        tlsClientCertPath = "";
        clientConfig.setUseTLS(false);
    } else if ("serverRejectsSSLClient".equals(name.getMethodName())) {
        tlsMode = TlsMode.DISABLED;
    } else if ("reloadSslContextForServer".equals(name.getMethodName())) {
        tlsClientAuthServer = false;
        tlsServerNeedClientAuth = "none";
    }

    remotingServer = RemotingServerTest.createRemotingServer();
    remotingClient = RemotingServerTest.createRemotingClient(clientConfig);
}
 
Example 5
Source File: NettyRemotingServer.java    From rocketmq-read with Apache License 2.0 4 votes vote down vote up
@Override
protected void channelRead0(ChannelHandlerContext ctx, ByteBuf msg) throws Exception {

    // mark the current position so that we can peek the first byte to determine if the content is starting with
    // TLS handshake
    msg.markReaderIndex();

    byte b = msg.getByte(0);

    if (b == HANDSHAKE_MAGIC_CODE) {
        switch (tlsMode) {
            case DISABLED:
                ctx.close();
                log.warn("Clients intend to establish a SSL connection while this server is running in SSL disabled mode");
                break;
            case PERMISSIVE:
            case ENFORCING:
                if (null != sslContext) {
                    ctx.pipeline()
                        .addAfter(defaultEventExecutorGroup, HANDSHAKE_HANDLER_NAME, TLS_HANDLER_NAME, sslContext.newHandler(ctx.channel().alloc()))
                        .addAfter(defaultEventExecutorGroup, TLS_HANDLER_NAME, FILE_REGION_ENCODER_NAME, new FileRegionEncoder());
                    log.info("Handlers prepended to channel pipeline to establish SSL connection");
                } else {
                    ctx.close();
                    log.error("Trying to establish a SSL connection but sslContext is null");
                }
                break;

            default:
                log.warn("Unknown TLS mode");
                break;
        }
    } else if (tlsMode == TlsMode.ENFORCING) {
        ctx.close();
        log.warn("Clients intend to establish an insecure connection while this server is running in SSL enforcing mode");
    }

    // reset the reader index so that handshake negotiation may proceed as normal.
    msg.resetReaderIndex();

    try {
        // Remove this handler
        ctx.pipeline().remove(this);
    } catch (NoSuchElementException e) {
        log.error("Error while removing HandshakeHandler", e);
    }

    // Hand over this message to the next .
    ctx.fireChannelRead(msg.retain());
}
 
Example 6
Source File: TlsTest.java    From rocketmq-read with Apache License 2.0 4 votes vote down vote up
@Before
public void setUp() throws InterruptedException {
    tlsMode = TlsMode.ENFORCING;
    tlsTestModeEnable = false;
    tlsServerNeedClientAuth = "require";
    tlsServerKeyPath = getCertsPath("server.key");
    tlsServerCertPath = getCertsPath("server.pem");
    tlsServerAuthClient = true;
    tlsServerTrustCertPath = getCertsPath("ca.pem");
    tlsClientKeyPath = getCertsPath("client.key");
    tlsClientCertPath = getCertsPath("client.pem");
    tlsClientAuthServer = true;
    tlsClientTrustCertPath = getCertsPath("ca.pem");
    tlsClientKeyPassword = "1234";
    tlsServerKeyPassword = "";

    NettyClientConfig clientConfig = new NettyClientConfig();
    clientConfig.setUseTLS(true);

    if ("serverRejectsUntrustedClientCert".equals(name.getMethodName())) {
        // Create a client. Its credentials come from a CA that the server does not trust. The client
        // trusts both test CAs to ensure the handshake failure is due to the server rejecting the client's cert.
        tlsClientKeyPath = getCertsPath("badClient.key");
        tlsClientCertPath = getCertsPath("badClient.pem");
    } else if ("serverAcceptsUntrustedClientCert".equals(name.getMethodName())) {
        tlsClientKeyPath = getCertsPath("badClient.key");
        tlsClientCertPath = getCertsPath("badClient.pem");
        tlsServerAuthClient = false;
    }
    else if ("noClientAuthFailure".equals(name.getMethodName())) {
        //Clear the client cert config to ensure produce the handshake error
        tlsClientKeyPath = "";
        tlsClientCertPath = "";
    } else if ("clientRejectsUntrustedServerCert".equals(name.getMethodName())) {
        tlsServerKeyPath = getCertsPath("badServer.key");
        tlsServerCertPath = getCertsPath("badServer.pem");
    } else if ("clientAcceptsUntrustedServerCert".equals(name.getMethodName())) {
        tlsServerKeyPath = getCertsPath("badServer.key");
        tlsServerCertPath = getCertsPath("badServer.pem");
        tlsClientAuthServer = false;
    } else if ("serverNotNeedClientAuth".equals(name.getMethodName())) {
        tlsServerNeedClientAuth = "none";
        tlsClientKeyPath = "";
        tlsClientCertPath = "";
    } else if ("serverWantClientAuth".equals(name.getMethodName())) {
        tlsServerNeedClientAuth = "optional";
    } else if ("serverWantClientAuth_ButClientNoCert".equals(name.getMethodName())) {
        tlsServerNeedClientAuth = "optional";
        tlsClientKeyPath = "";
        tlsClientCertPath = "";
    } else if ("serverAcceptsUnAuthClient".equals(name.getMethodName())) {
        tlsMode = TlsMode.PERMISSIVE;
        tlsClientKeyPath = "";
        tlsClientCertPath = "";
        clientConfig.setUseTLS(false);
    } else if ("serverRejectsSSLClient".equals(name.getMethodName())) {
        tlsMode = TlsMode.DISABLED;
    } else if ("reloadSslContextForServer".equals(name.getMethodName())) {
        tlsClientAuthServer = false;
        tlsServerNeedClientAuth = "none";
    }

    remotingServer = RemotingServerTest.createRemotingServer();
    remotingClient = RemotingServerTest.createRemotingClient(clientConfig);
}
 
Example 7
Source File: NettyRemotingServer.java    From DDMQ with Apache License 2.0 4 votes vote down vote up
@Override
protected void channelRead0(ChannelHandlerContext ctx, ByteBuf msg) throws Exception {

    // mark the current position so that we can peek the first byte to determine if the content is starting with
    // TLS handshake
    msg.markReaderIndex();

    byte b = msg.getByte(0);

    if (b == HANDSHAKE_MAGIC_CODE) {
        switch (tlsMode) {
            case DISABLED:
                ctx.close();
                log.warn("Clients intend to establish a SSL connection while this server is running in SSL disabled mode");
                break;
            case PERMISSIVE:
            case ENFORCING:
                if (null != sslContext) {
                    ctx.pipeline()
                        .addAfter(defaultEventExecutorGroup, HANDSHAKE_HANDLER_NAME, TLS_HANDLER_NAME, sslContext.newHandler(ctx.channel().alloc()))
                        .addAfter(defaultEventExecutorGroup, TLS_HANDLER_NAME, FILE_REGION_ENCODER_NAME, new FileRegionEncoder());
                    log.info("Handlers prepended to channel pipeline to establish SSL connection");
                } else {
                    ctx.close();
                    log.error("Trying to establish a SSL connection but sslContext is null");
                }
                break;

            default:
                log.warn("Unknown TLS mode");
                break;
        }
    } else if (tlsMode == TlsMode.ENFORCING) {
        ctx.close();
        log.warn("Clients intend to establish an insecure connection while this server is running in SSL enforcing mode");
    }

    // reset the reader index so that handshake negotiation may proceed as normal.
    msg.resetReaderIndex();

    try {
        // Remove this handler
        ctx.pipeline().remove(this);
    } catch (NoSuchElementException e) {
        log.error("Error while removing HandshakeHandler", e);
    }

    // Hand over this message to the next .
    ctx.fireChannelRead(msg.retain());
}
 
Example 8
Source File: TlsTest.java    From DDMQ with Apache License 2.0 4 votes vote down vote up
@Before
public void setUp() throws InterruptedException {
    tlsMode = TlsMode.ENFORCING;
    tlsTestModeEnable = false;
    tlsServerNeedClientAuth = "require";
    tlsServerKeyPath = getCertsPath("server.key");
    tlsServerCertPath = getCertsPath("server.pem");
    tlsServerAuthClient = true;
    tlsServerTrustCertPath = getCertsPath("ca.pem");
    tlsClientKeyPath = getCertsPath("client.key");
    tlsClientCertPath = getCertsPath("client.pem");
    tlsClientAuthServer = true;
    tlsClientTrustCertPath = getCertsPath("ca.pem");
    tlsClientKeyPassword = "1234";
    tlsServerKeyPassword = "";

    NettyClientConfig clientConfig = new NettyClientConfig();
    clientConfig.setUseTLS(true);

    if ("serverRejectsUntrustedClientCert".equals(name.getMethodName())) {
        // Create a client. Its credentials come from a CA that the server does not trust. The client
        // trusts both test CAs to ensure the handshake failure is due to the server rejecting the client's cert.
        tlsClientKeyPath = getCertsPath("badClient.key");
        tlsClientCertPath = getCertsPath("badClient.pem");
    } else if ("serverAcceptsUntrustedClientCert".equals(name.getMethodName())) {
        tlsClientKeyPath = getCertsPath("badClient.key");
        tlsClientCertPath = getCertsPath("badClient.pem");
        tlsServerAuthClient = false;
    }
    else if ("noClientAuthFailure".equals(name.getMethodName())) {
        //Clear the client cert config to ensure produce the handshake error
        tlsClientKeyPath = "";
        tlsClientCertPath = "";
    } else if ("clientRejectsUntrustedServerCert".equals(name.getMethodName())) {
        tlsServerKeyPath = getCertsPath("badServer.key");
        tlsServerCertPath = getCertsPath("badServer.pem");
    } else if ("clientAcceptsUntrustedServerCert".equals(name.getMethodName())) {
        tlsServerKeyPath = getCertsPath("badServer.key");
        tlsServerCertPath = getCertsPath("badServer.pem");
        tlsClientAuthServer = false;
    } else if ("serverNotNeedClientAuth".equals(name.getMethodName())) {
        tlsServerNeedClientAuth = "none";
        tlsClientKeyPath = "";
        tlsClientCertPath = "";
    } else if ("serverWantClientAuth".equals(name.getMethodName())) {
        tlsServerNeedClientAuth = "optional";
    } else if ("serverWantClientAuth_ButClientNoCert".equals(name.getMethodName())) {
        tlsServerNeedClientAuth = "optional";
        tlsClientKeyPath = "";
        tlsClientCertPath = "";
    } else if ("serverAcceptsUnAuthClient".equals(name.getMethodName())) {
        tlsMode = TlsMode.PERMISSIVE;
        tlsClientKeyPath = "";
        tlsClientCertPath = "";
        clientConfig.setUseTLS(false);
    } else if ("serverRejectsSSLClient".equals(name.getMethodName())) {
        tlsMode = TlsMode.DISABLED;
    }

    remotingServer = RemotingServerTest.createRemotingServer();
    remotingClient = RemotingServerTest.createRemotingClient(clientConfig);
}
 
Example 9
Source File: NettyRemotingServer.java    From rocketmq with Apache License 2.0 4 votes vote down vote up
@Override
protected void channelRead0(ChannelHandlerContext ctx, ByteBuf msg) throws Exception {

    // mark the current position so that we can peek the first byte to determine if the content is starting with
    // TLS handshake
    msg.markReaderIndex();

    byte b = msg.getByte(0);

    if (b == HANDSHAKE_MAGIC_CODE) {
        switch (tlsMode) {
            case DISABLED:
                ctx.close();
                log.warn("Clients intend to establish an SSL connection while this server is running in SSL disabled mode");
                break;
            case PERMISSIVE:
            case ENFORCING:
                if (null != sslContext) {
                    ctx.pipeline()
                        .addAfter(defaultEventExecutorGroup, HANDSHAKE_HANDLER_NAME, TLS_HANDLER_NAME, sslContext.newHandler(ctx.channel().alloc()))
                        .addAfter(defaultEventExecutorGroup, TLS_HANDLER_NAME, FILE_REGION_ENCODER_NAME, new FileRegionEncoder());
                    log.info("Handlers prepended to channel pipeline to establish SSL connection");
                } else {
                    ctx.close();
                    log.error("Trying to establish an SSL connection but sslContext is null");
                }
                break;

            default:
                log.warn("Unknown TLS mode");
                break;
        }
    } else if (tlsMode == TlsMode.ENFORCING) {
        ctx.close();
        log.warn("Clients intend to establish an insecure connection while this server is running in SSL enforcing mode");
    }

    // reset the reader index so that handshake negotiation may proceed as normal.
    msg.resetReaderIndex();

    try {
        // Remove this handler
        ctx.pipeline().remove(this);
    } catch (NoSuchElementException e) {
        log.error("Error while removing HandshakeHandler", e);
    }

    // Hand over this message to the next .
    ctx.fireChannelRead(msg.retain());
}
 
Example 10
Source File: TlsTest.java    From rocketmq with Apache License 2.0 4 votes vote down vote up
@Before
public void setUp() throws InterruptedException {
    tlsMode = TlsMode.ENFORCING;
    tlsTestModeEnable = false;
    tlsServerNeedClientAuth = "require";
    tlsServerKeyPath = getCertsPath("server.key");
    tlsServerCertPath = getCertsPath("server.pem");
    tlsServerAuthClient = true;
    tlsServerTrustCertPath = getCertsPath("ca.pem");
    tlsClientKeyPath = getCertsPath("client.key");
    tlsClientCertPath = getCertsPath("client.pem");
    tlsClientAuthServer = true;
    tlsClientTrustCertPath = getCertsPath("ca.pem");
    tlsClientKeyPassword = "1234";
    tlsServerKeyPassword = "";

    NettyClientConfig clientConfig = new NettyClientConfig();
    clientConfig.setUseTLS(true);

    if ("serverRejectsUntrustedClientCert".equals(name.getMethodName())) {
        // Create a client. Its credentials come from a CA that the server does not trust. The client
        // trusts both test CAs to ensure the handshake failure is due to the server rejecting the client's cert.
        tlsClientKeyPath = getCertsPath("badClient.key");
        tlsClientCertPath = getCertsPath("badClient.pem");
    } else if ("serverAcceptsUntrustedClientCert".equals(name.getMethodName())) {
        tlsClientKeyPath = getCertsPath("badClient.key");
        tlsClientCertPath = getCertsPath("badClient.pem");
        tlsServerAuthClient = false;
    }
    else if ("noClientAuthFailure".equals(name.getMethodName())) {
        //Clear the client cert config to ensure produce the handshake error
        tlsClientKeyPath = "";
        tlsClientCertPath = "";
    } else if ("clientRejectsUntrustedServerCert".equals(name.getMethodName())) {
        tlsServerKeyPath = getCertsPath("badServer.key");
        tlsServerCertPath = getCertsPath("badServer.pem");
    } else if ("clientAcceptsUntrustedServerCert".equals(name.getMethodName())) {
        tlsServerKeyPath = getCertsPath("badServer.key");
        tlsServerCertPath = getCertsPath("badServer.pem");
        tlsClientAuthServer = false;
    } else if ("serverNotNeedClientAuth".equals(name.getMethodName())) {
        tlsServerNeedClientAuth = "none";
        tlsClientKeyPath = "";
        tlsClientCertPath = "";
    } else if ("serverWantClientAuth".equals(name.getMethodName())) {
        tlsServerNeedClientAuth = "optional";
    } else if ("serverWantClientAuth_ButClientNoCert".equals(name.getMethodName())) {
        tlsServerNeedClientAuth = "optional";
        tlsClientKeyPath = "";
        tlsClientCertPath = "";
    } else if ("serverAcceptsUnAuthClient".equals(name.getMethodName())) {
        tlsMode = TlsMode.PERMISSIVE;
        tlsClientKeyPath = "";
        tlsClientCertPath = "";
        clientConfig.setUseTLS(false);
    } else if ("serverRejectsSSLClient".equals(name.getMethodName())) {
        tlsMode = TlsMode.DISABLED;
    } else if ("reloadSslContextForServer".equals(name.getMethodName())) {
        tlsClientAuthServer = false;
        tlsServerNeedClientAuth = "none";
    }

    remotingServer = RemotingServerTest.createRemotingServer();
    remotingClient = RemotingServerTest.createRemotingClient(clientConfig);
}