Last active
October 15, 2022 01:25
-
-
Save idurucz/992d95296e39f02646456dc9fc908db8 to your computer and use it in GitHub Desktop.
Java SSL HttpsServer with HttpHandler to send response to client (uses com.sun.net.httpserver.HttpsServer)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import java.io.*; | |
import java.net.InetSocketAddress; | |
import com.sun.net.httpserver.HttpsServer; | |
import java.security.KeyStore; | |
import javax.net.ssl.KeyManagerFactory; | |
import javax.net.ssl.TrustManagerFactory; | |
import com.sun.net.httpserver.*; | |
import javax.net.ssl.SSLEngine; | |
import javax.net.ssl.SSLParameters; | |
import javax.net.ssl.SSLContext; | |
import com.sun.net.httpserver.HttpExchange; | |
import com.sun.net.httpserver.HttpHandler; | |
import java.security.KeyManagementException; | |
import java.security.KeyStoreException; | |
import java.security.NoSuchAlgorithmException; | |
import java.security.UnrecoverableKeyException; | |
import java.security.cert.CertificateException; | |
public class MyHttpsServer { | |
public static class MyHandler implements HttpHandler { | |
@Override | |
public void handle(HttpExchange t) throws IOException { | |
String response = "This is the response"; | |
t.getResponseHeaders().add("Access-Control-Allow-Origin", "*"); | |
t.sendResponseHeaders(200, response.getBytes().length); | |
try (OutputStream os = t.getResponseBody()) { | |
os.write(response.getBytes()); | |
} | |
} | |
} | |
public static void main(String[] args) throws Exception { | |
try { | |
// setup the socket address | |
InetSocketAddress address = new InetSocketAddress(443); | |
// initialise the HTTPS server | |
HttpsServer httpsServer = HttpsServer.create(address, 0); | |
SSLContext sslContext = SSLContext.getInstance("TLS"); | |
// The keystore is generated using the following three files: | |
// - private_key.key | |
// - site.crt | |
// - site.ca-bundle | |
// ...and using the following set of commands (and password as "password"): | |
// openssl pkcs12 -export -out keystore.pkcs12 -inkey private_key.key -certfile site.ca-bundle -in site.crt | |
// keytool -v -importkeystore -srckeystore keystore.pkcs12 -srcstoretype PKCS12 -destkeystore keystore.jks -deststoretype pkcs12 | |
// initialise the keystore | |
char[] password = "password".toCharArray(); | |
KeyStore ks = KeyStore.getInstance("PKCS12"); | |
FileInputStream fis = new FileInputStream("/ssl/keystore.jks"); | |
ks.load(fis, password); | |
// setup the key manager factory | |
KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509"); | |
kmf.init(ks, password); | |
// setup the trust manager factory | |
TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509"); | |
tmf.init(ks); | |
// setup the HTTPS context and parameters | |
sslContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null); | |
httpsServer.setHttpsConfigurator(new HttpsConfigurator(sslContext) { | |
@Override | |
public void configure(HttpsParameters params) { | |
try { | |
// initialise the SSL context | |
SSLContext c = getSSLContext(); | |
SSLEngine engine = c.createSSLEngine(); | |
params.setNeedClientAuth(false); | |
params.setCipherSuites(engine.getEnabledCipherSuites()); | |
params.setProtocols(engine.getEnabledProtocols()); | |
// Set the SSL parameters | |
SSLParameters sslParameters = c.getSupportedSSLParameters(); | |
params.setSSLParameters(sslParameters); | |
} catch (Exception ex) { | |
System.out.println("Failed to create HTTPS port"); | |
System.out.println(ex.getMessage()); | |
} | |
} | |
}); | |
httpsServer.createContext("/", new MyHandler()); | |
httpsServer.setExecutor(null); // creates a default executor | |
httpsServer.start(); | |
} catch (IOException | KeyManagementException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException | CertificateException ex) { | |
System.out.println("Failed to create HTTPS server on port 443"); | |
System.out.println(ex.getMessage()); | |
} | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment