Enable only selected cipher suites

Wed, 20 Jun 2012 19:53:49 -0700 

Im using Restlet with embedded Jetty. I have a requirement of being able to 
enable only selected cipher suites.

I primarily use embedded Jetty anyway I have also tried Simple HTTP Server but 
both does not appear to work. I am unable to find any examples in this regard. 
Even Restlet In Action book did not have any info in this regard. Any help will 
be greatly Any help will be greatly appreciated..

Server Code for embedded Simple HTTP Server(Similar code for JETTY was tried)
----------------------------------------------------------------------------

                org.restlet.Server serverObj = new 
org.restlet.Server(Protocol.HTTPS);

                HttpServerHelper serverHelper = new HttpServerHelper(
                                serverObj);
                Engine.getInstance().getRegisteredServers().add(0, 
serverHelper);

                org.restlet.Component component = new Component();
                org.restlet.Server server = 
component.getServers().add(Protocol.HTTPS,8080);
                component.getDefaultHost().attach(vtnURLResource, new 
VTNApplication());

                org.restlet.ext.simple.HttpsServerHelper httpsServerHelper = 
new HttpsServerHelper(server);
                Context workingCtx = serverHelper.getContext();
                
                workingCtx.getParameters().add("disabledCipherSuites",
                                                                
"SSL_RSA_WITH_RC4_128_MD5 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 
TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_256_CBC_SHA ......");
                workingCtx.getParameters().add("enabledCipherSuites",
                                                "SSL_RSA_WITH_RC4_128_SHA");
                workingCtx.getParameters().add("sslContextFactory",
                                                
"org.restlet.engine.security.DefaultSslContextFactory");

                workingCtx.getParameters().add("keystorePath",
                                                
"C:\\openadrkeystore\\bouncykeys\\VTN_QLI.bks");
                workingCtx.getParameters().add("keystorePassword", "password");
                workingCtx.getParameters().add("keystoreType", "BKS");
                workingCtx.getParameters().add("keyPassword", "password");
                
                workingCtx.getParameters().add("truststorePath",
                                                "C:\\Program 
Files\\Java\\jre6\\lib\\security\\cacerts");
                workingCtx.getParameters().add("truststorePassword", 
"changeit");
                
                workingCtx.getParameters().add("needClientAuthentication", 
"true");
        
                component.start();
                
                
                
                Client Code
                -----------   
                        Client client = new Client(ctx,Protocol.HTTPS);
                        client.setConnectTimeout(50000);
                                
                        Context workingCtx = client.getContext();
                        
System.setProperty("javax.net.ssl.trustStore","C:\\Program 
Files\\Java\\jre6\\lib\\security\\cacerts");
                        System.setProperty("javax.net.ssl.trustStorePassword", 
"changeit");
                        workingCtx.getParameters().add("keystorePath", 
"C:\\openadrkeystore\\bouncykeys\\VEN_QLI.bks");
                        workingCtx.getParameters().add("keystorePassword", 
"password");
                        workingCtx.getParameters().add("keystoreType", "BKS");
                        workingCtx.getParameters().add("keyPassword", 
"password");
                        workingCtx.getParameters().add("disabledCipherSuites",
                                                "SSL_RSA_WITH_RC4_128_MD5 
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 TLS_RSA_WITH_AES_128_CBC_SHA .....");
                        workingCtx.getParameters().add("enabledCipherSuites", 
"SSL_RSA_WITH_RC4_128_SHA");
                        
workingCtx.getParameters().add("needClientAuthentication", "true");
                
                
                        ClientResource resource = new 
ClientResource(propFilePreader.get("serverURL"));
                                resource.setNext(client);
                                ..................
                                ..................
                resource.post(data);

------------------------------------------------------
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2972321

Reply via email to