1 /* Copyright (C)2013 Pantheon Technologies, s.r.o. All rights reserved. */
2 package org.openflow.lib;
4 import java.security.KeyStore;
5 import java.security.Security;
7 import javax.net.ssl.KeyManagerFactory;
8 import javax.net.ssl.SSLContext;
11 * Class for setting up TLS connection.
13 * @author michal.polkorab
15 public final class SslContextFactory {
18 // "TLS" - supports some version of TLS
19 // Use "TLSv1", "TLSv1.1", "TLSv1.2" for specific TLS version
20 private static final String PROTOCOL = "TLS";
21 private static final SSLContext SERVER_CONTEXT;
22 private static final SSLContext CLIENT_CONTEXT;
25 String algorithm = Security.getProperty("ssl.KeyManagerFactory.algorithm");
26 if (algorithm == null) {
27 algorithm = "SunX509";
30 SSLContext serverContext;
31 SSLContext clientContext;
33 KeyStore ks = KeyStore.getInstance("JKS");
34 ks.load(SslKeyStore.asInputStream(),
35 SslKeyStore.getKeyStorePassword());
37 KeyManagerFactory kmf = KeyManagerFactory.getInstance(algorithm);
38 kmf.init(ks, SslKeyStore.getCertificatePassword());
40 serverContext = SSLContext.getInstance(PROTOCOL);
41 serverContext.init(kmf.getKeyManagers(), null, null);
42 } catch (Exception e) {
44 "Failed to initialize the server-side SSLContext", e);
47 clientContext = SSLContext.getInstance(PROTOCOL);
48 clientContext.init(null, SslTrustManagerFactory.getTrustManagers(), null);
49 } catch (Exception e) {
51 "Failed to initialize the client-side SSLContext", e);
54 SERVER_CONTEXT = serverContext;
55 CLIENT_CONTEXT = clientContext;
59 * @return servercontext
61 public static SSLContext getServerContext() {
62 return SERVER_CONTEXT;
66 * @return cliencontext
68 public static SSLContext getClientContext() {
69 return CLIENT_CONTEXT;