diff --git a/src/main/java/cz/trask/adfs/AdfsAuthMsServer.java b/src/main/java/cz/trask/adfs/AdfsAuthMsServer.java index d6b7357..da850c6 100644 --- a/src/main/java/cz/trask/adfs/AdfsAuthMsServer.java +++ b/src/main/java/cz/trask/adfs/AdfsAuthMsServer.java @@ -38,6 +38,9 @@ public class AdfsAuthMsServer { AdfsTokenService tokenService = new AdfsTokenService(config.getAdfs(), objectMapper); this.server = createServer(config); + + applySslTrustProperties(config); + List contexts = config.getServer().getContexts().getContext(); for (ContextConfig contextConfig : contexts) { logger.debug("Creating context: {} -> {}", contextConfig.getPath(), contextConfig.getClassName()); @@ -64,6 +67,16 @@ public class AdfsAuthMsServer { logger.info("ADFS auth microservice started on {}", server.getAddress()); } + private void applySslTrustProperties(AppConfig config) { + if (config.getTrustStore() != null && !config.getTrustStore().isBlank()) { + logger.info("Setting javax.net.ssl.trustStore to {}", config.getTrustStore()); + System.setProperty("javax.net.ssl.trustStore", config.getTrustStore()); + if (config.getTrustStorePassword() != null) { + System.setProperty("javax.net.ssl.trustStorePassword", config.getTrustStorePassword()); + } + } + } + private HttpServer createServer(AppConfig config) throws Exception { String type = config.getServer().getType(); int port = config.getServer().getPort(); diff --git a/src/main/java/cz/trask/adfs/config/AppConfig.java b/src/main/java/cz/trask/adfs/config/AppConfig.java index 54d2fa9..7378101 100644 --- a/src/main/java/cz/trask/adfs/config/AppConfig.java +++ b/src/main/java/cz/trask/adfs/config/AppConfig.java @@ -8,6 +8,8 @@ public class AppConfig { private ServerConfig server = new ServerConfig(); private AdfsConfig adfs = new AdfsConfig(); private String backendUrl; + private String trustStore; + private String trustStorePassword; public ServerConfig getServer() { return server; @@ -33,6 +35,22 @@ public class AppConfig { this.backendUrl = backendUrl; } + public String getTrustStore() { + return trustStore; + } + + public void setTrustStore(String trustStore) { + this.trustStore = trustStore; + } + + public String getTrustStorePassword() { + return trustStorePassword; + } + + public void setTrustStorePassword(String trustStorePassword) { + this.trustStorePassword = trustStorePassword; + } + public static class ServerConfig { private String type = "http"; private int port = 8080; diff --git a/src/main/resources/config.yaml b/src/main/resources/config.yaml index 7172f54..e306adf 100644 --- a/src/main/resources/config.yaml +++ b/src/main/resources/config.yaml @@ -23,3 +23,5 @@ adfs: proxyPassword: "" backendUrl: "https://calc.kamma.cz/add?x=543&y=123" +trustStore: "/home/kamma/java/jdk-11.0.29+7/lib/security/cacerts" +trustStorePassword: "changeit"