< prev index next >
test/jdk/javax/net/ssl/Stapling/SSLSocketWithStapling.java
Print this page
*** 240,252 ****
new SimpleOCSPServer.CertStatusInfo(
SimpleOCSPServer.CertStatus.CERT_STATUS_REVOKED,
fiveMinsAgo));
intOcsp.updateStatusDb(revInfo);
! System.out.println("=======================================");
! System.out.println("Stapling enabled, default configuration");
! System.out.println("=======================================");
cliParams.pkixParams = new PKIXBuilderParameters(trustStore,
new X509CertSelector());
cliParams.pkixParams.setRevocationEnabled(true);
Security.setProperty("ocsp.enable", "false");
--- 240,252 ----
new SimpleOCSPServer.CertStatusInfo(
SimpleOCSPServer.CertStatus.CERT_STATUS_REVOKED,
fiveMinsAgo));
intOcsp.updateStatusDb(revInfo);
! System.out.println("============================================");
! System.out.println("Stapling enabled, detect revoked certificate");
! System.out.println("============================================");
cliParams.pkixParams = new PKIXBuilderParameters(trustStore,
new X509CertSelector());
cliParams.pkixParams.setRevocationEnabled(true);
Security.setProperty("ocsp.enable", "false");
*** 379,389 ****
// Make OCSP responders accept connections
intOcsp.acceptConnections();
rootOcsp.acceptConnections();
// Wait 5 seconds for server ready
! for (int i = 0; (i < 100 && (!intOcsp.isServerReady() || !rootOcsp.isServerReady())); i++) {
Thread.sleep(50);
}
if (!intOcsp.isServerReady() || !rootOcsp.isServerReady()) {
throw new RuntimeException("Server not ready yet");
}
--- 379,390 ----
// Make OCSP responders accept connections
intOcsp.acceptConnections();
rootOcsp.acceptConnections();
// Wait 5 seconds for server ready
! for (int i = 0; (i < 100 && (!intOcsp.isServerReady() ||
! !rootOcsp.isServerReady())); i++) {
Thread.sleep(50);
}
if (!intOcsp.isServerReady() || !rootOcsp.isServerReady()) {
throw new RuntimeException("Server not ready yet");
}
*** 409,419 ****
intOcsp.setDelay(3000);
rootOcsp.setDelay(3000);
Thread.sleep(1000);
// Wait 5 seconds for server ready
! for (int i = 0; (i < 100 && (!intOcsp.isServerReady() || !rootOcsp.isServerReady())); i++) {
Thread.sleep(50);
}
if (!intOcsp.isServerReady() || !rootOcsp.isServerReady()) {
throw new RuntimeException("Server not ready yet");
}
--- 410,421 ----
intOcsp.setDelay(3000);
rootOcsp.setDelay(3000);
Thread.sleep(1000);
// Wait 5 seconds for server ready
! for (int i = 0; (i < 100 && (!intOcsp.isServerReady() ||
! !rootOcsp.isServerReady())); i++) {
Thread.sleep(50);
}
if (!intOcsp.isServerReady() || !rootOcsp.isServerReady()) {
throw new RuntimeException("Server not ready yet");
}
*** 499,509 ****
KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
kmf.init(serverKeystore, passwd.toCharArray());
TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
tmf.init(trustStore);
! SSLContext sslc = SSLContext.getInstance("TLS");
sslc.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
SSLServerSocketFactory sslssf = sslc.getServerSocketFactory();
try (SSLServerSocket sslServerSocket =
--- 501,511 ----
KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
kmf.init(serverKeystore, passwd.toCharArray());
TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
tmf.init(trustStore);
! SSLContext sslc = SSLContext.getInstance("TLSv1.2");
sslc.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
SSLServerSocketFactory sslssf = sslc.getServerSocketFactory();
try (SSLServerSocket sslServerSocket =
*** 565,575 ****
tmf.init(trustParams);
} else {
tmf.init(trustStore);
}
! SSLContext sslc = SSLContext.getInstance("TLS");
sslc.init(null, tmf.getTrustManagers(), null);
SSLSocketFactory sslsf = sslc.getSocketFactory();
try (SSLSocket sslSocket = (SSLSocket)sslsf.createSocket("localhost",
serverPort);
--- 567,577 ----
tmf.init(trustParams);
} else {
tmf.init(trustStore);
}
! SSLContext sslc = SSLContext.getInstance("TLSv1.2");
sslc.init(null, tmf.getTrustManagers(), null);
SSLSocketFactory sslsf = sslc.getSocketFactory();
try (SSLSocket sslSocket = (SSLSocket)sslsf.createSocket("localhost",
serverPort);
< prev index next >