Skip to content

Commit a9bfedd

Browse files
marci4marci4
authored
Merge pull request TooTallNate#493 from marci4/master
Clear implementations for frames and SSLWebsocketServerFactory
2 parents 4682304 + 0712319 commit a9bfedd

36 files changed

+2133
-1212
lines changed

src/main/example/SSLServerCustomWebsocketFactoryExample.java

Lines changed: 67 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,67 @@
1+
import org.java_websocket.WebSocketImpl;
2+
import org.java_websocket.server.CustomSSLWebSocketServerFactory;
3+
4+
import javax.net.ssl.KeyManagerFactory;
5+
import javax.net.ssl.SSLContext;
6+
import javax.net.ssl.SSLEngine;
7+
import javax.net.ssl.TrustManagerFactory;
8+
import java.io.File;
9+
import java.io.FileInputStream;
10+
import java.security.KeyStore;
11+
import java.util.ArrayList;
12+
import java.util.Arrays;
13+
import java.util.List;
14+
15+
/**
16+
* Example for using the CustomSSLWebSocketServerFactory to allow just specific cipher suites
17+
*/
18+
public class SSLServerCustomWebsocketFactoryExample {
19+
20+
/*
21+
* Keystore with certificate created like so (in JKS format):
22+
*
23+
*keytool -genkey -validity 3650 -keystore "keystore.jks" -storepass "storepassword" -keypass "keypassword" -alias "default" -dname "CN=127.0.0.1, OU=MyOrgUnit, O=MyOrg, L=MyCity, S=MyRegion, C=MyCountry"
24+
*/
25+
public static void main(String[] args) throws Exception {
26+
WebSocketImpl.DEBUG = true;
27+
28+
ChatServer chatserver = new ChatServer(8887); // Firefox does allow multible ssl connection only via port 443 //tested on FF16
29+
30+
// load up the key store
31+
String STORETYPE = "JKS";
32+
String KEYSTORE = "keystore.jks";
33+
String STOREPASSWORD = "storepassword";
34+
String KEYPASSWORD = "keypassword";
35+
36+
KeyStore ks = KeyStore.getInstance(STORETYPE);
37+
File kf = new File(KEYSTORE);
38+
ks.load(new FileInputStream(kf), STOREPASSWORD.toCharArray());
39+
40+
KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
41+
kmf.init(ks, KEYPASSWORD.toCharArray());
42+
TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
43+
tmf.init(ks);
44+
45+
SSLContext sslContext = SSLContext.getInstance("TLS");
46+
sslContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
47+
48+
//Lets remove some ciphers and protocols
49+
SSLEngine engine = sslContext.createSSLEngine();
50+
List<String> ciphers = new ArrayList<String>( Arrays.asList(engine.getEnabledCipherSuites()));
51+
ciphers.remove("TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256");
52+
List<String> protocols = new ArrayList<String>( Arrays.asList(engine.getEnabledProtocols()));
53+
protocols.remove("SSLv3");
54+
CustomSSLWebSocketServerFactory factory = new CustomSSLWebSocketServerFactory(sslContext, protocols.toArray(new String[]{}), ciphers.toArray(new String[]{}));
55+
56+
// Different example just using specific ciphers and protocols
57+
/*
58+
String[] enabledProtocols = {"TLSv1.2"};
59+
String[] enabledCipherSuites = {"TLS_RSA_WITH_AES_128_CBC_SHA", "TLS_RSA_WITH_AES_256_CBC_SHA"};
60+
CustomSSLWebSocketServerFactory factory = new CustomSSLWebSocketServerFactory(sslContext, enabledProtocols,enabledCipherSuites);
61+
*/
62+
chatserver.setWebSocketFactory(factory);
63+
64+
chatserver.start();
65+
66+
}
67+
}

0 commit comments

Comments
 (0)