diff options
author | Daniel McCarney <daniel@binaryparadox.net> | 2013-11-18 21:48:27 -0500 |
---|---|---|
committer | Hans-Christoph Steiner <hans@eds.org> | 2015-05-08 16:25:52 -0400 |
commit | a0b8acc4118d1a1b6112c6be8ed341211ca45867 (patch) | |
tree | 3d7bd8692cc90f93d0f9ccd616e6b0f80cd928dd /core | |
parent | b7154d5cec46283c3fdd690e17f743f42b64cd0b (diff) | |
download | nanohttpd-a0b8acc4118d1a1b6112c6be8ed341211ca45867.tar.gz |
makeSSLSocketFactory method that accepts preloaded KeyStore/KeyManagerFactory
The existing makeSSLSocketFactory() method only supports loading a KeyStore
from a classpath relative file using a provided passphrase. An additional
makeSSLSocketFactory added in this commit allows the caller to provided a
preloaded KeyStore/KeyManagerFactory. This can be used by callers that have a
KeyStore/KeyManagerFactory loaded in memory, or from an arbitrary InputStream
not on the classpath.
Diffstat (limited to 'core')
-rw-r--r-- | core/src/main/java/fi/iki/elonen/NanoHTTPD.java | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/core/src/main/java/fi/iki/elonen/NanoHTTPD.java b/core/src/main/java/fi/iki/elonen/NanoHTTPD.java index 37e465d..1b46dab 100644 --- a/core/src/main/java/fi/iki/elonen/NanoHTTPD.java +++ b/core/src/main/java/fi/iki/elonen/NanoHTTPD.java @@ -210,6 +210,26 @@ public abstract class NanoHTTPD { } return res; } + + /** + * Creates an SSLSocketFactory for HTTPS. + * + * Pass a loaded KeyStore and a loaded KeyManagerFactory. + * These objects must properly loaded/initialized by the caller. + */ + public static SSLServerSocketFactory makeSSLSocketFactory(KeyStore loadedKeyStore, KeyManagerFactory loadedKeyFactory) throws IOException { + SSLServerSocketFactory res = null; + try { + TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); + trustManagerFactory.init(loadedKeyStore); + SSLContext ctx = SSLContext.getInstance("TLS"); + ctx.init(loadedKeyFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null); + res = ctx.getServerSocketFactory(); + } catch (Exception e) { + throw new IOException(e); + } + return res; + } /** * Call before start() to serve over HTTPS instead of HTTP |