Skip to content

Async-http-client to a server that is 1) requires client to present client certificate 2) server is HTTP2 3) server is TLSv1.3 #1800

New issue
New issue
Open
Open
Async-http-client to a server that is 1) requires client to present client certificate 2) server is HTTP2 3) server is TLSv1.3#1800
@patpatpat123

Description

@patpatpat123
patpatpat123
opened on Sep 6, 2021

Hello Team,

First of all, a big thanks for this http client, great project there!
I am enjoying using this http client, used. it to send request to some servers, and it is easy to use, efficient.

Now, I need to send to another server, and this other server is a bit problematic.
1 - this server requires all the clients to present the client certificates. The server will do some kind of OU CN extraction and validation.

2 - this server is HTTP2 only, does not accept HTTP1 etc

3 - this server is TLSv1.3 only, cannot go with 1.2 etc.

Therefore, I am having. bit of a trouble, now with this "other server"

I managed to tackle 1) I believe, as this async http client supports a security contact:

 try {
            final Path     keystorePath = Paths.get(keyStorePath);
            final KeyStore keyStore     = KeyStore.getInstance(keyStoreType);
            try (InputStream keyStoreFile = Files.newInputStream(keystorePath)) {
                String keyStorePassPhrase;
                keyStore.load(keyStoreFile, keyStorePassPhrase.toCharArray());
            }
            final KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(keyStore, keyPassPhrase.toCharArray());

            final Path     truststorePath = Paths.get(trustStorePath);
            final KeyStore trustStore     = KeyStore.getInstance(keyStoreType);
            try (InputStream trustStoreFile = Files.newInputStream(truststorePath)) {
                trustStore.load(trustStoreFile, trustStorePassPhrase.toCharArray());
            }
            final TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(trustStore);

            return SslContextBuilder.forClient().keyManager(keyManagerFactory).trustManager(InsecureTrustManagerFactory.INSTANCE).build();
        } catch (KeyStoreException | IOException | UnrecoverableKeyException | NoSuchAlgorithmException | CertificateException e) {
            return null;
        }
        AsyncHttpClientConfig asyncHttpClientConfig = Dsl.config().setSslContext(getSslContext()).build();

Unfortunately, above code will get protocol version exception.
May I ask, how to set as HTTP2 please?
How to set as TLSv1.3 please?

I would have excepted this client will allow something like this.

 AsyncHttpClientConfig asyncHttpClientConfig = Dsl.config().setSslContext(getSslContext()).setHTTPprotocole("H2").setTLSversion("TLSv1.3").build();
or
 AsyncHttpClientConfig asyncHttpClientConfig = Dsl.config(someHttp2AndTLSv1.3Config()).setSslContext(getSslContext()).build();

But looked at the docs many times, and could not find anything similar.

What would be the proper way please?

Thank you

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions