Comments (12)
Agree. Working on it.
from nettosphere.
Second this. We would like to help if needed.
from nettosphere.
Yes, I will work on this as soon as I'm back working in 2 weeks :-)
from nettosphere.
Hi,
Has there been any resolution to this issue? In particular SSL support in Nettosphere?
I have another question with regards to securing communications between an external client and a Nettosphere server behind a firewall. What if the SSL was provided by a load-balancer (LB) just past the firewall? Then the Nettosphere server sat behind the LB and the LB directed the request to Nettosphere in plain HTTP. Do you think this scenario would work?
Thanks,
-Jac
from nettosphere.
Working on it.
from nettosphere.
OK fixed, just set an SSLEngine on the Config object to enable it.
from nettosphere.
Hey, thanks for the fix, but you need to create a new SSLEngine for every pipeline. Otherwise, you'll run into a "bad record MAC" SSLException on the second request and netty will just quietly freeze.
from nettosphere.
Euh....my bad. I will fix it ASAP.
from nettosphere.
OK finally fixed. You can now just do:
final SSLContext sslContext = createSSLContext();
Config config = new Config.Builder()
.port(port)
.host("127.0.0.1")
.sslContext(sslContext)
.resource(new Handler() {
@Override
public void handle(AtmosphereResource r) {
r.getResponse().write("Hello World from Nettosphere").closeStreamOrWriter();
}
}).build();
You can also add an SSLContextListener to customize the SSLEngine:
/**
* A callback used to configure {@link javax.net.ssl.SSLEngine} before they get injected in Netty.
*/
public interface SSLContextListener {
SSLContextListener DEFAULT = new SSLContextListener(){
@Override
public void onPostCreate(SSLEngine e) {
e.setEnabledCipherSuites(new String[]{"SSL_DH_anon_WITH_RC4_128_MD5"});
e.setUseClientMode(false);
}
};
/**
* Invoked just after the {@link SSLEngine} has been created, but not yet injected in Netty.
* @param e SSLEngine;
*/
public void onPostCreate(SSLEngine e);
}
from nettosphere.
Hi
I'm trying to set up a WSS(Secured Web Socket) using Nettosphere, is there any tutorial or reference, working sample available? Please help if anyone have one..
I was unable to find one...
from nettosphere.
@rahulva : This worked for me:
- install strong encryption package (http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html) - without modern browsers will fail during SSL handshake
- use in the Config.Builder the call sslContext(..) with org.jboss.netty.handler.ssl.SslContext param, the method with javax.net.ssl.SSLContext doesnt work (seems to be ignored inside Netty)
- the org.jboss.netty.handler.ssl.SslContext you can create like this:
File cert = new File("path/to/cert.pem");
File key = new File("path/to/key.pem.pcks8");
SslContext sslNettyContext = SslContext.newServerContext(SslProvider.JDK, cert, key, "thePassword");
Config config = new Config.Builder()
.port(port)
.host("127.0.0.1")
.sslContext(sslNettyContext)
.resource(new Handler() {
@Override
public void handle(AtmosphereResource r) {
r.getResponse().write("Secure Hello World").closeStreamOrWriter();
}
}).build();
server = new Nettosphere.Builder().config(config).build();
server.start();
- note that the key needs to be PKCS8 format - I converted from "normal" via:
openssl pkcs8 -topk8 -inform PEM -outform PEM -in key.pem -out key.pem.pcks8
- then browser show the normal "untrusted cert" warning and after accepting you see "Secure Hello World"
from nettosphere.
I've been struggling with implementing Nettosphere with keystore file (JKS). Any example of code snippet please? Thanks
from nettosphere.
Related Issues (20)
- request.body().asBytes() always returns null HOT 2
- Empty response for NOT_MODIFIED (304) return for static files
- Error in Ping without Playload HOT 1
- Disable chunked response for HTTP/1.0
- Upload file problem (Entity Too Large) HOT 2
- NettyWebSocket.isOpen() fails with NullPointerException. HOT 2
- Possible NPE when config.webSocketOnly() is used
- Content-Length not set in Http response HOT 2
- Cannot stop Nettosphere HOT 5
- Nettosphere does not fully shutdown in unit tests
- Nettosphere does not fully shutdown in unit tests HOT 1
- Nettosphere does not handle ContinuationWebSocketFrame(s) properly.
- travis CI fails with dist: not set to trusty
- Unexpected and unhandled exception while closing the WebSocket connection
- atmosphere2.2.1, a POST request (header include 'Expect:100-continue') got exception: java.lang.UnsupportedOperationException HOT 1
- SSL WebSocket exception - Received fatal alert: certificate_unknown HOT 49
- SSL Example HOT 1
- Server:Nettosphere/3.2.7 HOT 2
- onReady() not invoked when using supportChunking(false) HOT 1
- Upgrade path from javax to Jakarta HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from nettosphere.