NetServerOptions options = new NetServerOptions();
if (!startTLS) {
options.setSsl(true);
}
if (serverTrust) {
options.setTrustStoreOptions(new JKSOptions().setPath(findFileOnClasspath("tls/server-truststore.jks")).setPassword("wibble"));
}
if (serverCert) {
options.setKeyStoreOptions(new JKSOptions().setPath(findFileOnClasspath("tls/server-keystore.jks")).setPassword("wibble"));
}
if (requireClientAuth) {
options.setClientAuthRequired(true);
}
for (String suite: enabledCipherSuites) {
options.addEnabledCipherSuite(suite);
}
options.setPort(4043);
server = vertx.createNetServer(options);
Handler<NetSocket> serverHandler = socket -> {
AtomicBoolean upgradedServer = new AtomicBoolean();
socket.handler(buff -> {
socket.write(buff); // echo the data
if (startTLS && !upgradedServer.get()) {
assertFalse(socket.isSsl());
socket.upgradeToSsl(v -> assertTrue(socket.isSsl()));
upgradedServer.set(true);
} else {
assertTrue(socket.isSsl());
}
});
};
server.connectHandler(serverHandler).listen(ar -> {
client.close();
NetClientOptions clientOptions = new NetClientOptions();
if (!startTLS) {
clientOptions.setSsl(true);
if (clientTrustAll) {
clientOptions.setTrustAll(true);
}
if (clientTrust) {
clientOptions.setTrustStoreOptions(new JKSOptions().setPath(findFileOnClasspath("tls/client-truststore.jks")).setPassword("wibble"));
}
if (clientCert) {
clientOptions.setKeyStoreOptions(new JKSOptions().setPath(findFileOnClasspath("tls/client-keystore.jks")).setPassword("wibble"));
}
for (String suite: enabledCipherSuites) {
clientOptions.addEnabledCipherSuite(suite);
}
}