jetty websocket certificate validation [message #1781108] |
Thu, 01 February 2018 13:38 |
venky m Messages: 2 Registered: February 2018 |
Junior Member |
|
|
We have a Websocket application where server code is deployed in Tomcat and client is in Jetty.
The issue we have is when a certificate is expired on Server, client is still connecting to server and communicating without any issues, we want to validate the server certificate expiry and stop the client from connecting to it.Can you please find the below code snippets and dependencies and guide us to achieve this?
Currently we have the following code snippet to establish Connection in Client:
private Future<Session> establishWebSocketConnection(String destinationURI)
throws Exception, URISyntaxException, IOException, InterruptedException {
SslContextFactory sslContextFactory = createSSLContextFactory();
if (webSocketClient == null) {
webSocketClient = new WebSocketClient(sslContextFactory);
webSocketClient.setMaxIdleTimeout(99999999);
this.socket = new CustomMessageSocket();
webSocketClient.start();
}
String agentId = "1234";
URI URI = new URI(destinationURI + "/" + agentId);
ClientUpgradeRequest request = new ClientUpgradeRequest();
Future<Session> objSession = webSocketClient.connect(socket, URI, request);
webSocketClient.getConnectionManager().
return objSession;
}
private SslContextFactory createSSLContextFactory() throws Exception {
SslContextFactory sslContextFactory = new SslContextFactory();
sslContextFactory.setKeyStorePath("/home/venkat/Downloads/downloadGIhXV063058/rna-keystore.p12");
// sslContextFactory.setCertAlias("rna-cert");
sslContextFactory.setKeyStorePassword("sample@123");
sslContextFactory.setTrustStorePath("/usr/lib/jvm/java-8-oracle/jre/lib/security/cacerts");
sslContextFactory.setTrustStorePassword("changeit");
// sslContextFactory.setWantClientAuth(true);
return sslContextFactory;
}
We are using following dependency in Websocket client to communicate with Server,
<dependency>
<groupId>org.eclipse.jetty.websocket</groupId>
<artifactId>websocket-client</artifactId>
<version>9.2.15.v20160210</version>
</dependency>
|
|
|
Powered by
FUDForum. Page generated in 0.07234 seconds