mTLS终止在基于Java的Vertx Framework中

huangapple go评论91阅读模式
英文:

mTLS termination in Java based Vertx Framework

问题

我有一个基于Java的Vertx框架的项目,其中涉及到一些内部API调用。
因此,流程是我在端口XXXX上公开了一个API(已配置了TLS - HTTPS),在这个API调用内部,我正在调用另一个位于HTTP的负载均衡器。
所以,在调用Http负载均衡器之前,我需要终止mTLS。

以下是VertX POST调用的示例片段:

private void handleDownstreamRequest(RoutingContext routingContext, String downstreamUrl) {
        VertxUtil.assertOnVertxEventLoop();
        client.postAbs(downstreamUrl) // POST请求
            .sendJson(
                routingContext.getBody(),
                ar -> {
                    asyncHttpResponseHandler(ar, routingContext);
                });
    }

我想知道如何在Vertx框架中终止TLS。Vertx是否提供了任何内置库来终止mTLS,或者任何示例代码片段也将有所帮助。

英文:

I have a project based on Java based Vertx Framework, where I have few internal API calls.
So the flow is I have an API exposed at port XXXX (which has TLS configured - HTTPS), and inside this API call, I am calling another load balancer which is in HTTP. So, I need to terminate the mTLS before calling the Http load balancer.

Below is the sample snippet for VertX POST call:

private void handleDownstreamRequest(RoutingContext routingContext, String downstreamUrl) {
        VertxUtil.assertOnVertxEventLoop();
        client.postAbs(downstreamUrl) // POST request
            .sendJson(
                routingContext.getBody(),
                ar -> {
                    asyncHttpResponseHandler(ar, routingContext);
                });
    }

I wanted to know how to terminate the TLS in Vertx Framework. Is there any inbuilt library exposed by Vertx to terminate mTLS or any sample code snippet will also help.

答案1

得分: 1

配置HTTP服务器以使用证书颁发机构,以便验证客户端的身份:

HttpServerOptions options = new HttpServerOptions()
  .setSsl(true)
  .setClientAuth(ClientAuth.REQUIRED)
  .setTrustStoreOptions(
    new JksOptions()
      .setPath("/path/to/your/truststore.jks")
      .setPassword("password-of-your-truststore")
  );
HttpServer server = vertx.createHttpServer(options);

上面的示例假设您有一个Java信任存储库,但Vert.x也支持PFX/PEM格式。

英文:

Configure the HTTP server for
You can configure the HTTP server to use a certificate authority in order to verify the identity of the clients:

HttpServerOptions options = new HttpServerOptions()
  .setSsl(true)
  .setClientAuth(ClientAuth.REQUIRED)
  .setTrustStoreOptions(
    new JksOptions()
      .setPath("/path/to/your/truststore.jks")
      .setPassword("password-of-your-truststore")
  );
HttpServer server = vertx.createHttpServer(options);

The example above assumes you have a Java trust store but Vert.x support PFX/PEM formats too.

huangapple
  • 本文由 发表于 2020年10月15日 00:16:06
  • 转载请务必保留本文链接:https://go.coder-hub.com/64357482.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定