Prosoft Git

keycloak-uncached

[KEYCLOAK-8145] - Configure keystore when running KeycloakServer

8/24/2018 5:55:41 PM
Pedro Igor

Pedro Igor

Commit: 3ccffdb

Tree: 36d9d2b

Parents: 56c9740

Changes

testsuite/utils/src/main/java/org/keycloak/testsuite/KeycloakServer.java 36(+35 -1)

Details

testsuite/utils/src/main/java/org/keycloak/testsuite/KeycloakServer.java 36(+35 -1) 

diff --git a/testsuite/utils/src/main/java/org/keycloak/testsuite/KeycloakServer.java b/testsuite/utils/src/main/java/org/keycloak/testsuite/KeycloakServer.java
index 9ab36b0..ea54e0e 100755
--- a/testsuite/utils/src/main/java/org/keycloak/testsuite/KeycloakServer.java
+++ b/testsuite/utils/src/main/java/org/keycloak/testsuite/KeycloakServer.java
@@ -40,6 +40,7 @@ import org.keycloak.services.resources.KeycloakApplication;
 import org.keycloak.testsuite.util.cli.TestsuiteCLI;
 import org.keycloak.util.JsonSerialization;
 
+import javax.net.ssl.KeyManagerFactory;
 import javax.net.ssl.SSLContext;
 import javax.servlet.DispatcherType;
 import java.io.File;
@@ -47,6 +48,8 @@ import java.io.FileInputStream;
 import java.io.IOException;
 import java.io.InputStream;
 import java.nio.file.Files;
+import java.nio.file.Paths;
+import java.security.KeyStore;
 import java.text.SimpleDateFormat;
 import java.util.Date;
 import java.util.HashMap;
@@ -376,7 +379,7 @@ public class KeycloakServer {
                 .setIoThreads(config.getWorkerThreads() / 8);
 
         if (config.getPortHttps() != -1) {
-            builder = builder.addHttpsListener(config.getPortHttps(), config.getHost(), SSLContext.getDefault());
+            builder = builder.addHttpsListener(config.getPortHttps(), config.getHost(), createSSLContext());
         }
 
         server = new UndertowJaxrsServer();
@@ -471,4 +474,35 @@ public class KeycloakServer {
         }
     }
 
+    private SSLContext createSSLContext() throws Exception {
+        String keyStorePath = System.getProperty("keycloak.tls.keystore.path");
+
+        if (keyStorePath == null) {
+            return SSLContext.getDefault();
+        }
+
+        InputStream stream = Files.newInputStream(Paths.get(keyStorePath));
+
+        if (stream == null) {
+            throw new RuntimeException("Could not load keystore");
+        }
+
+        try (InputStream is = stream) {
+            KeyStore keyStore = KeyStore.getInstance("JKS");
+
+            char[] keyStorePassword = System.getProperty("keycloak.tls.keystore.password", "password").toCharArray();
+
+            keyStore.load(is, keyStorePassword);
+
+            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
+
+            keyManagerFactory.init(keyStore, keyStorePassword);
+
+            SSLContext sslContext = SSLContext.getInstance("TLS");
+
+            sslContext.init(keyManagerFactory.getKeyManagers(), null, null);
+
+            return sslContext;
+        }
+    }
 }

Bonobo Git Server (6.3.0.632) © 2015 Jakub Chodounský · Official Page · Github