tsai
/
thingsboard
mirror of https://github.com/thingsboard/thingsboard.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Improved SSL context init - trust manager can be build without custom cert file

pull/5158/head
Volodymyr Babak 5 years ago
parent
0ee4907567
commit
5cb1aa12ea
1 changed files with 8 additions and 6 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 14
      common/edge-api/src/main/java/org/thingsboard/edge/rpc/EdgeGrpcClient.java

14
common/edge-api/src/main/java/org/thingsboard/edge/rpc/EdgeGrpcClient.java
View File

@ -15,16 +15,17 @@
*/
package org.thingsboard.edge.rpc;
import com.google.common.io.Resources;
import io.grpc.ManagedChannel;
import io.grpc.netty.GrpcSslContexts;
import io.grpc.netty.NettyChannelBuilder;
import io.grpc.stub.StreamObserver;
import io.netty.handler.ssl.SslContextBuilder;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Service;
import org.thingsboard.edge.exception.EdgeConnectionException;
import org.thingsboard.server.common.data.ResourceUtils;
import org.thingsboard.server.common.data.StringUtils;
import org.thingsboard.server.gen.edge.v1.ConnectRequestMsg;
import org.thingsboard.server.gen.edge.v1.ConnectResponseCode;
import org.thingsboard.server.gen.edge.v1.ConnectResponseMsg;
@ -40,9 +41,6 @@ import org.thingsboard.server.gen.edge.v1.UplinkMsg;
import org.thingsboard.server.gen.edge.v1.UplinkResponseMsg;
import javax.net.ssl.SSLException;
import java.io.File;
import java.net.URISyntaxException;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.locks.ReentrantLock;
import java.util.function.Consumer;
@ -61,7 +59,7 @@ public class EdgeGrpcClient implements EdgeRpcClient {
private int keepAliveTimeSec;
@Value("${cloud.rpc.ssl.enabled}")
private boolean sslEnabled;
@Value("${cloud.rpc.ssl.cert}")
@Value("${cloud.rpc.ssl.cert:}")
private String certResource;
private ManagedChannel channel;
@ -81,7 +79,11 @@ public class EdgeGrpcClient implements EdgeRpcClient {
.keepAliveTime(keepAliveTimeSec, TimeUnit.SECONDS);
if (sslEnabled) {
try {
builder.sslContext(GrpcSslContexts.forClient().trustManager(ResourceUtils.getInputStream(this, certResource)).build());
SslContextBuilder sslContextBuilder = GrpcSslContexts.forClient();
if (StringUtils.isNotEmpty(certResource)) {
sslContextBuilder.trustManager(ResourceUtils.getInputStream(this, certResource));
}
builder.sslContext(sslContextBuilder.build());
} catch (SSLException e) {
log.error("Failed to initialize channel!", e);
throw new RuntimeException(e);

Write Preview
Loading…
Cancel
Save