Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- import io.r2.simplepemkeystore.ExpiringCacheKeyManagerParameters;
- import io.r2.simplepemkeystore.MultiFileConcatSource;
- import io.r2.simplepemkeystore.ReloadablePemKeyStoreConfig;
- import javax.net.ssl.*;
- import java.io.InputStream;
- import java.io.OutputStream;
- import java.net.Socket;
- import java.security.KeyStore;
- import java.security.SecureRandom;
- public class SimplePemReload {
- public static void main(String[] argv) throws Exception {
- // init provider
- io.r2.simplepemkeystore.SimplePemKeyStoreProvider.register();
- // set up keystore
- KeyStore ks = KeyStore.getInstance("simplepemreload");
- ks.load(
- new ReloadablePemKeyStoreConfig()
- .addCertificate("server", new String[]{"certificate.pem", "key.pem"})
- .withRefreshInterval(60)
- .asInputStream(),
- new char[0]
- );
- // set up key manager factory
- KeyManagerFactory kmf = KeyManagerFactory.getInstance("simplepemreload");
- kmf.init( ExpiringCacheKeyManagerParameters.forKeyStore(ks).withRevalidation(60) );
- KeyManager[] km = kmf.getKeyManagers();
- // set up ssl context
- SSLContext context = SSLContext.getInstance("TLSv1.2");
- context.init(km, new TrustManager[0], new SecureRandom());
- // open socket
- SSLServerSocketFactory factory = context.getServerSocketFactory();
- SSLServerSocket ssocket = (SSLServerSocket) factory.createServerSocket(4444);
- ssocket.setEnabledProtocols(new String[] { "TLSv1.2" });
- ssocket.setNeedClientAuth(false);
- // accept and hello
- Socket socket = ssocket.accept();
- InputStream in = socket.getInputStream();
- OutputStream out = socket.getOutputStream();
- out.write("***hello***\n".getBytes());
- in.close();
- out.close();
- }
- }
Add Comment
Please, Sign In to add comment