iplatform_group/walker-dependencies.git

			@@ -6,7 +6,15 @@
			import io.netty.handler.codec.http.HttpServerCodec;
			import io.netty.handler.logging.LogLevel;
			import io.netty.handler.logging.LoggingHandler;
			import io.netty.handler.ssl.SslHandler;
			import io.netty.handler.stream.ChunkedWriteHandler;

			import javax.net.ssl.KeyManagerFactory;
			import javax.net.ssl.SSLContext;
			import javax.net.ssl.SSLEngine;
			import java.io.FileInputStream;
			import java.io.InputStream;
			import java.security.KeyStore;

			public class WebSocketServerInitializer extends DefaultServerInitializer {

			@@ -38,4 +46,40 @@
			pipeline.addLast("handler", this.getHandler());
			}

			/**
			* 创建支持wss可靠连接的通信。暂时不使用。
			* <pre>
			* 1) 不过目前情况看，一般是在 nginx 端代理设置即可，一般不必在程序中支持
			* 2) 确实需要在程序中支持，需要配置证书，这在集群环境下很难维护。
			* </pre>
			* @param pipeline
			* @param password
			* @throws Exception
			* @date 2024-01-31
			*/
			private void createSSLHandler(ChannelPipeline pipeline, String password) throws Exception{
			KeyStore ks = KeyStore.getInstance("JKS");
			InputStream ksInputStream = new FileInputStream("/Users/liukun/ca/demo.liukun.com.keystore.jks");
			ks.load(ksInputStream, password.toCharArray());
			KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
			kmf.init(ks, password.toCharArray());
			SSLContext sslContext = SSLContext.getInstance("TLS");
			sslContext.init(kmf.getKeyManagers(), null, null);
			SSLEngine sslEngine = sslContext.createSSLEngine();
			sslEngine.setUseClientMode(false);
			sslEngine.setNeedClientAuth(false);
			// 需把SslHandler添加在第一位
			pipeline.addFirst("ssl", new SslHandler(sslEngine));
			}

			/**
			* 是否允许使用：wss可靠通道
			* @param enableSSL
			* @date 2024-01-31
			*/
			public void setEnableSSL(boolean enableSSL) {
			this.enableSSL = enableSSL;
			}

			private boolean enableSSL = false;
			}