summaryrefslogtreecommitdiffstats
path: root/infra/minimal-distribution/src/main/java/io/fd/honeycomb/infra/distro/restconf/HttpsConnectorProvider.groovy
diff options
context:
space:
mode:
Diffstat (limited to 'infra/minimal-distribution/src/main/java/io/fd/honeycomb/infra/distro/restconf/HttpsConnectorProvider.groovy')
-rw-r--r--infra/minimal-distribution/src/main/java/io/fd/honeycomb/infra/distro/restconf/HttpsConnectorProvider.groovy15
1 files changed, 7 insertions, 8 deletions
diff --git a/infra/minimal-distribution/src/main/java/io/fd/honeycomb/infra/distro/restconf/HttpsConnectorProvider.groovy b/infra/minimal-distribution/src/main/java/io/fd/honeycomb/infra/distro/restconf/HttpsConnectorProvider.groovy
index 6ce5a1555..388aa2bbe 100644
--- a/infra/minimal-distribution/src/main/java/io/fd/honeycomb/infra/distro/restconf/HttpsConnectorProvider.groovy
+++ b/infra/minimal-distribution/src/main/java/io/fd/honeycomb/infra/distro/restconf/HttpsConnectorProvider.groovy
@@ -11,9 +11,6 @@ import org.eclipse.jetty.util.ssl.SslContextFactory
class HttpsConnectorProvider extends ProviderTrait<ServerConnector> {
- public static final String KEYSTORE_PASSWORD = "OBF:1v9s1unr1unn1vv51zlk1t331vg91x1b1vgl1t331zly1vu51uob1uo71v8u"
- public static final String KEYSTORE_NAME = "/honeycomb-keystore"
-
@Inject
HoneycombConfiguration cfg
@Inject
@@ -32,12 +29,14 @@ class HttpsConnectorProvider extends ProviderTrait<ServerConnector> {
// openssl pkcs12 -inkey honeycomb.key -in honeycomb.crt -export -out honeycomb.pkcs12
// keytool -importkeystore -srckeystore honeycomb.pkcs12 -srcstoretype PKCS12 -destkeystore honeycomb-keystore
def sslContextFactory = new SslContextFactory()
- def keystoreURL = getClass().getResource(KEYSTORE_NAME)
+ def keystoreURL = getClass().getResource(cfg.restconfKeystore.get())
sslContextFactory.setKeyStorePath(keystoreURL.path)
- sslContextFactory.setKeyStorePassword(KEYSTORE_PASSWORD)
- sslContextFactory.setKeyManagerPassword(KEYSTORE_PASSWORD)
- sslContextFactory.setTrustStorePath(keystoreURL.path)
- sslContextFactory.setTrustStorePassword(KEYSTORE_PASSWORD)
+ sslContextFactory.setKeyStorePassword(cfg.keystorePassword.get())
+ sslContextFactory.setKeyManagerPassword((cfg.keystoreManagerPassword.get()))
+ def truststoreURL = getClass().getResource(cfg.restconfTruststore.get())
+ sslContextFactory.setTrustStorePath(truststoreURL.path)
+ sslContextFactory.setTrustStorePassword((cfg.truststorePassword.get()))
+ // TODO make this more configurable
sslContextFactory.setExcludeCipherSuites(
"SSL_RSA_WITH_DES_CBC_SHA",
"SSL_DHE_RSA_WITH_DES_CBC_SHA",