# IGNITE-1121 Use SSL to connect between agent and server.
Project: http://git-wip-us.apache.org/repos/asf/incubator-ignite/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-ignite/commit/9ab35ffb Tree: http://git-wip-us.apache.org/repos/asf/incubator-ignite/tree/9ab35ffb Diff: http://git-wip-us.apache.org/repos/asf/incubator-ignite/diff/9ab35ffb Branch: refs/heads/ignite-1121 Commit: 9ab35ffb7c70d70e9aa924c26c291878fe81e88a Parents: 0920e8d Author: sevdokimov <sevdoki...@gridgain.com> Authored: Tue Jul 14 17:29:38 2015 +0300 Committer: sevdokimov <sevdoki...@gridgain.com> Committed: Tue Jul 14 17:29:38 2015 +0300 ---------------------------------------------------------------------- .../org/apache/ignite/agent/AgentLauncher.java | 16 +++++++++++----- .../web-control-center/nodejs/bridge/bridge.js | 12 +++++++++--- .../web-control-center/nodejs/config/default.json | 7 ++++++- modules/web-control-center/nodejs/keys/test.crt | 13 +++++++++++++ modules/web-control-center/nodejs/keys/test.key | 18 ++++++++++++++++++ 5 files changed, 57 insertions(+), 9 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-ignite/blob/9ab35ffb/modules/control-center-agent/src/main/java/org/apache/ignite/agent/AgentLauncher.java ---------------------------------------------------------------------- diff --git a/modules/control-center-agent/src/main/java/org/apache/ignite/agent/AgentLauncher.java b/modules/control-center-agent/src/main/java/org/apache/ignite/agent/AgentLauncher.java index 50e91d4..9f76b9d 100644 --- a/modules/control-center-agent/src/main/java/org/apache/ignite/agent/AgentLauncher.java +++ b/modules/control-center-agent/src/main/java/org/apache/ignite/agent/AgentLauncher.java @@ -18,6 +18,7 @@ package org.apache.ignite.agent; import org.apache.commons.cli.*; +import org.eclipse.jetty.util.ssl.*; import org.eclipse.jetty.websocket.client.*; import java.net.*; @@ -77,7 +78,7 @@ public class AgentLauncher { String uri = cmd.getOptionValue('u'); if (uri == null) - cfg.setUri("ws://localhost:3001"); + cfg.setUri("wss://localhost:3001"); // todo set something like wss://control-center.gridgain.com else cfg.setUri(uri); @@ -86,18 +87,23 @@ public class AgentLauncher { agent.start(); try { - WebSocketClient client = new WebSocketClient(); + SslContextFactory sslCtxFactory = new SslContextFactory(); - AgentSocket agentSocket = new AgentSocket(cfg, agent); + if (Boolean.TRUE.equals(Boolean.getBoolean("trust.all"))) + sslCtxFactory.setTrustAll(true); + + WebSocketClient client = new WebSocketClient(sslCtxFactory); + + AgentSocket agentSock = new AgentSocket(cfg, agent); client.start(); try { - client.connect(agentSocket, new URI(cfg.getUri())); + client.connect(agentSock, new URI(cfg.getUri())); System.out.printf("Connecting to : %s%n", cfg.getUri()); - agentSocket.waitForClose(); + agentSock.waitForClose(); } finally { client.stop(); http://git-wip-us.apache.org/repos/asf/incubator-ignite/blob/9ab35ffb/modules/web-control-center/nodejs/bridge/bridge.js ---------------------------------------------------------------------- diff --git a/modules/web-control-center/nodejs/bridge/bridge.js b/modules/web-control-center/nodejs/bridge/bridge.js index 99faff1..d850098 100644 --- a/modules/web-control-center/nodejs/bridge/bridge.js +++ b/modules/web-control-center/nodejs/bridge/bridge.js @@ -19,10 +19,12 @@ var WebSocketServer = require('ws').Server; var config = require('../helpers/configuration-loader.js'); -var http = require('http'); +var https = require('https'); var db = require('../db'); +var fs = require('fs'); + var srv; var clients = {}; @@ -84,9 +86,13 @@ function Client(ws) { } function Server() { - var server = http.createServer(); + var server = https.createServer({ + key: fs.readFileSync(config.get('monitor:server:key')), + cert: fs.readFileSync(config.get('monitor:server:cert')), + passphrase: config.get('monitor:server:keyPassphrase') + }); - server.listen(config.get('monitor:agentsServerPort')); + server.listen(config.get('monitor:server:port')); var wss = new WebSocketServer({ server: server }); http://git-wip-us.apache.org/repos/asf/incubator-ignite/blob/9ab35ffb/modules/web-control-center/nodejs/config/default.json ---------------------------------------------------------------------- diff --git a/modules/web-control-center/nodejs/config/default.json b/modules/web-control-center/nodejs/config/default.json index acdd6eb..28b2b64 100644 --- a/modules/web-control-center/nodejs/config/default.json +++ b/modules/web-control-center/nodejs/config/default.json @@ -6,6 +6,11 @@ "url": "mongodb://localhost/web-control-center" }, "monitor": { - "agentsServerPort": 3001 + "server": { + "port": 3001, + "key": "keys/test.key", + "cert": "keys/test.crt", + "keyPassphrase": "password" + } } } \ No newline at end of file http://git-wip-us.apache.org/repos/asf/incubator-ignite/blob/9ab35ffb/modules/web-control-center/nodejs/keys/test.crt ---------------------------------------------------------------------- diff --git a/modules/web-control-center/nodejs/keys/test.crt b/modules/web-control-center/nodejs/keys/test.crt new file mode 100644 index 0000000..50c6d5c --- /dev/null +++ b/modules/web-control-center/nodejs/keys/test.crt @@ -0,0 +1,13 @@ +-----BEGIN CERTIFICATE----- +MIIB6zCCAVQCCQDcAphbU6UcLjANBgkqhkiG9w0BAQsFADA6MRIwEAYDVQQDDAls +b2NhbGhvc3QxJDAiBgkqhkiG9w0BCQEWFXNldmRva2ltb3ZAYXBhY2hlLm9yZzAe +Fw0xNTA3MTQxMzAyNTNaFw0xODA2MjMxMzAyNTNaMDoxEjAQBgNVBAMMCWxvY2Fs +aG9zdDEkMCIGCSqGSIb3DQEJARYVc2V2ZG9raW1vdkBhcGFjaGUub3JnMIGfMA0G +CSqGSIb3DQEBAQUAA4GNADCBiQKBgQDP/zpJrdHqCj6lPpeFF6LQtzKef6UiyBBo +rbuOtCCgW8KMJJciluBWk2126qLt9smBN4jBpSNU3pq0r9gBMUTd/LSe7aY4D5ED +Pjp7XsypNVKeHaHbFi7KhfHy0LYxsWiNPmmHJv4dtYOp+pGK25rkXNfyJxxjgxN6 +wo34+MnZIQIDAQABMA0GCSqGSIb3DQEBCwUAA4GBAFk9XEjcdyihws+fVmdGGUFo +bVxI9YGH6agiNbU3WNF4B4VRzcPPW8z2mEo7eF9kgYmq/YzH4T8tgi/qkL/u8eZV +Wmi9bg6RThLN6/hj3wVoOFKykbDQ05FFdhIJXN5UOjPmxYM97EKqg6J0W2HAb8SG ++UekPnmAo/2HTKsLykH8 +-----END CERTIFICATE----- http://git-wip-us.apache.org/repos/asf/incubator-ignite/blob/9ab35ffb/modules/web-control-center/nodejs/keys/test.key ---------------------------------------------------------------------- diff --git a/modules/web-control-center/nodejs/keys/test.key b/modules/web-control-center/nodejs/keys/test.key new file mode 100644 index 0000000..1b395c0 --- /dev/null +++ b/modules/web-control-center/nodejs/keys/test.key @@ -0,0 +1,18 @@ +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: DES-EDE3-CBC,6798185330CE2EE2 + +sOwkmD8rvjx11l09V26dJhLhl+SyPIhyeZ3TqHXrYCATKoXlzidT+uPu1jVYtrwr +nBLA6TrIDYRrBNlEsqGZ0cSvWTIczzVW1xZKHEJo5q2vUT/W8u/Q1QQtS3P3GeKF +dEzx496rpZqwwVw59GNbuIwyYoVvQf3iEXzfhplGmLPELYIplDFOLgNuXQyXSGx6 +rwKsCxXMLsDyrA6DCz0Odf08p2HvWk/s5Ne3DFcQlqRNtIrBVGD2O0/Fp8ZZ2I4E +Yn2OIIWJff3HanOjLOWKdN8YAn5UleNmlEUdIHeS5qaQ68mabOxLkSef9qglV+sd +FHTtUq0cG6t6nhxZBziexha6v1yl/xABAHHhNPOfak+HthWxRD4N9f1yFYAeTmkn +4kwBWoSUe12XRf2pGNqhEUKN/KhDmWk85wI55i/Cu2XmNoiBFlS9BXrRYU8uVCJw +KlxjKTDWl1opCyvxTDxJnMkt44ZT445LRePKVueGIIKSUIXNQypOE+C1I0CL0N2W +Ts3m9nthquvLeMx92k7b8yW69BER5uac3SIlGCOJObQXsHgyk8wYiyd/zLKfjctG +PXieaW81UKjp+GqWpvWPz3VqnKwoyUWeVOOTviurli6kYOrHuySTMqMb6hxJctw9 +grAQTT0UPiAKWcM7InLzZnRjco+v9QLLEokjVngXPba16K/CItFY16xuGlaFLW7Y +XTc67AkL8b76HBZelMjmCsqjvSoULhuMFwTOvUMm/mSM8rMoi9asrJRLQHRMWCST +/6RENPLzPlOMnNLBujpBbn8V3/aYzEZsHMI+6S3d27WYlTJIqpabSA== +-----END RSA PRIVATE KEY-----
