Skip to content

Commit

Permalink
Enable SSL for Tomcat 10 (#144)
Browse files Browse the repository at this point in the history 
The SSL configuration of Tomcat 9 does not work any longer.
The existing implementation used deprecated property names.
Additionally, the SSLHostConfig configuration object is no
longer created automatically if missing.
Compare:
http://tomcat.apache.org/tomcat-9.0-doc/config/http.html#SSL_Support_-_Connector_-_NIO_and_NIO2_(deprecated)
to:
http://tomcat.apache.org/tomcat-10.0-doc/config/http.html#SSL_Support_-_SSLHostConfig
  • Loading branch information
@f4lco
f4lco committed May 6, 2020
1 parent 15b75ee commit c524830
Showing 1 changed file with 12 additions and 7 deletions.
19 changes: 12 additions & 7 deletions libs/gretty-runner-tomcat/src/main/groovy/org/akhikhl/gretty/TomcatServerConfigurer.groovy
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@ import org.apache.catalina.startup.Catalina
import org.apache.catalina.startup.Tomcat
import org.apache.catalina.startup.Tomcat.DefaultWebXmlListener
import org.apache.catalina.startup.Tomcat.FixContextListener
import org.apache.tomcat.util.net.SSLHostConfig
import org.slf4j.Logger
import org.slf4j.LoggerFactory
import org.xml.sax.InputSource
Expand Down Expand Up @@ -136,8 +137,12 @@ class TomcatServerConfigurer {
if(httpsConn.port == PortUtils.RANDOM_FREE_PORT)
httpsConn.port = 0

def sslConfig = new SSLHostConfig()
httpsConn.addSslHostConfig(sslConfig)
def cert = sslConfig.getCertificates(true).first()

if(params.sslKeyManagerPassword)
httpsConn.setProperty('keyPass', params.sslKeyManagerPassword)
cert.certificateKeyPassword = params.sslKeyManagerPassword
if(params.sslKeyStorePath) {
if(params.sslKeyStorePath.startsWith('classpath:')) {
String resString = params.sslKeyStorePath - 'classpath:'
Expand All @@ -153,13 +158,13 @@ class TomcatServerConfigurer {
outs << stm
}
}
httpsConn.setProperty('keystoreFile', keystoreFile.absolutePath)
cert.certificateKeystoreFile = keystoreFile.absolutePath
}
else
httpsConn.setProperty('keystoreFile', params.sslKeyStorePath)
cert.certificateKeystoreFile = params.sslKeyStorePath
}
if(params.sslKeyStorePassword)
httpsConn.setProperty('keystorePass', params.sslKeyStorePassword)
cert.certificateKeystorePassword = params.sslKeyStorePassword
if(params.sslTrustStorePath) {
if(params.sslTrustStorePath.startsWith('classpath:')) {
String resString = params.sslTrustStorePath - 'classpath:'
Expand All @@ -175,13 +180,13 @@ class TomcatServerConfigurer {
outs << stm
}
}
httpsConn.setProperty('truststoreFile', truststoreFile.absolutePath)
sslConfig.truststoreFile = truststoreFile.absolutePath
}
else
httpsConn.setProperty('truststoreFile', params.sslTrustStorePath)
sslConfig.truststoreFile = params.sslTrustStorePath
}
if(params.sslTrustStorePassword)
httpsConn.setProperty('truststorePass', params.sslTrustStorePassword)
sslConfig.truststorePassword = params.sslTrustStorePassword

if(params.httpsIdleTimeout)
httpsConn.setProperty('keepAliveTimeout', params.httpsIdleTimeout)
Expand Down

0 comments on commit c524830

Please sign in to comment.