Yup the SniKeyManager.java was a great example, the only "gotcha" is that if you extend X509ExtendedKeyManager and modify the keystore at run-time you actually need to request data from the keystore not the keymanager as suns default implementation caches on instantiation (and never updates it's cache).
Thanks again! On Thu, Jun 22, 2017 at 9:28 AM Kevin <[email protected]> wrote: > Wow this looks a great place to start, thanks! > > On Thursday, June 22, 2017 at 5:08:44 AM UTC-4, Arnout Engelen wrote: >> >> Hi Kevin, >> >> The technique used in the SSL handshake to select the right certificate >> to match the hostname the client was connecting to is called Server Name >> Indication (SNI). >> >> I've never done it myself, but it seems you could add custom logic to >> this by writing your own KeyManager. >> https://github.com/grahamedgecombe/netty-sni-example/blob/master/src/main/java/SniKeyManager.java >> could provide some inspiration. >> >> >> Kind regards, >> >> Arnout >> >> On Wed, Jun 21, 2017 at 10:17 PM, Kevin <[email protected]> wrote: >> >>> So I'm trying to make something that does the equivalent of Apaches >>> virtual hosting (eg you can select the ssl certificate based on the >>> incoming uri) but using some logic. >>> >>> Is there any way to do this in akka.http? >>> >>> Getting a single static ssl cert setup is easy per: >>> http://doc.akka.io/docs/akka-http/current/scala/http/server-side-https-support.html#using-https-scala. >>> Even just just having two different certs (eg one for foo.com and one >>> for bar.com, but still separate certs) would probably be a good place >>> for me to start. >>> >>> Thanks. >>> >>> -- >>> >>>>>>>>>> Read the docs: http://akka.io/docs/ >>> >>>>>>>>>> Check the FAQ: >>> http://doc.akka.io/docs/akka/current/additional/faq.html >>> >>>>>>>>>> Search the archives: >>> https://groups.google.com/group/akka-user >>> --- >>> You received this message because you are subscribed to the Google >>> Groups "Akka User List" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> To post to this group, send email to [email protected]. >>> Visit this group at https://groups.google.com/group/akka-user. >>> For more options, visit https://groups.google.com/d/optout. >>> >> >> >> >> -- >> Arnout Engelen >> *Senior Software Engineer* >> E: [email protected] >> T: https://twitter.com/raboofje >> >> >> -- > >>>>>>>>>> Read the docs: http://akka.io/docs/ > >>>>>>>>>> Check the FAQ: > http://doc.akka.io/docs/akka/current/additional/faq.html > >>>>>>>>>> Search the archives: https://groups.google.com/group/akka-user > --- > You received this message because you are subscribed to a topic in the > Google Groups "Akka User List" group. > To unsubscribe from this topic, visit > https://groups.google.com/d/topic/akka-user/o53sTmUeFpc/unsubscribe. > To unsubscribe from this group and all its topics, send an email to > [email protected]. > To post to this group, send email to [email protected]. > Visit this group at https://groups.google.com/group/akka-user. > For more options, visit https://groups.google.com/d/optout. > -- >>>>>>>>>> Read the docs: http://akka.io/docs/ >>>>>>>>>> Check the FAQ: >>>>>>>>>> http://doc.akka.io/docs/akka/current/additional/faq.html >>>>>>>>>> Search the archives: https://groups.google.com/group/akka-user --- You received this message because you are subscribed to the Google Groups "Akka User List" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/akka-user. For more options, visit https://groups.google.com/d/optout.
