RE: Enable only selected cipher suites

2012-07-06 Thread Enoch 
Andreas,
I am trying to run the code you provided, I am unable to find the class
org.restlet.ext.ssl.DefaultSslContextFactory in the jar file
org.restlet.ext.ssl.jar; I am only able to find
org.restlet.ext.ssl.PkixSslContextFactory and JsslutilsSslContextFactory

I am also having issues with enabling specific Cipher Suites using restlet
Client, any pointers on this will also help.

Thanks,
Enoch

--
View this message in context: 
http://restlet-discuss.1400322.n2.nabble.com/Enable-only-selected-cipher-suites-tp7578116p7578181.html
Sent from the Restlet Discuss mailing list archive at Nabble.com.

--
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=2977136

Enable only selected cipher suites

2012-06-20 Thread Enoch 
Im using Restlet with embedded Jetty. I have a requirement of being able to 
enable only selected cipher suites.

I primarily use embedded Jetty anyway I have also tried Simple HTTP Server but 
both does not appear to work. I am unable to find any examples in this regard. 
Even Restlet In Action book did not have any info in this regard. Any help will 
be greatly Any help will be greatly appreciated..

Server Code for embedded Simple HTTP Server(Similar code for JETTY was tried)


org.restlet.Server serverObj = new 
org.restlet.Server(Protocol.HTTPS);

HttpServerHelper serverHelper = new HttpServerHelper(
serverObj);
Engine.getInstance().getRegisteredServers().add(0, 
serverHelper);

org.restlet.Component component = new Component();
org.restlet.Server server = 
component.getServers().add(Protocol.HTTPS,8080);
component.getDefaultHost().attach(vtnURLResource, new 
VTNApplication());

org.restlet.ext.simple.HttpsServerHelper httpsServerHelper = 
new HttpsServerHelper(server);
Context workingCtx = serverHelper.getContext();

workingCtx.getParameters().add(disabledCipherSuites,

SSL_RSA_WITH_RC4_128_MD5 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 
TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_256_CBC_SHA ..);
workingCtx.getParameters().add(enabledCipherSuites,
SSL_RSA_WITH_RC4_128_SHA);
workingCtx.getParameters().add(sslContextFactory,

org.restlet.engine.security.DefaultSslContextFactory);

workingCtx.getParameters().add(keystorePath,

C:\\openadrkeystore\\bouncykeys\\VTN_QLI.bks);
workingCtx.getParameters().add(keystorePassword, password);
workingCtx.getParameters().add(keystoreType, BKS);
workingCtx.getParameters().add(keyPassword, password);

workingCtx.getParameters().add(truststorePath,
C:\\Program 
Files\\Java\\jre6\\lib\\security\\cacerts);
workingCtx.getParameters().add(truststorePassword, 
changeit);

workingCtx.getParameters().add(needClientAuthentication, 
true);

component.start();



Client Code
---   
Client client = new Client(ctx,Protocol.HTTPS);
client.setConnectTimeout(5);

Context workingCtx = client.getContext();

System.setProperty(javax.net.ssl.trustStore,C:\\Program 
Files\\Java\\jre6\\lib\\security\\cacerts);
System.setProperty(javax.net.ssl.trustStorePassword, 
changeit);
workingCtx.getParameters().add(keystorePath, 
C:\\openadrkeystore\\bouncykeys\\VEN_QLI.bks);
workingCtx.getParameters().add(keystorePassword, 
password);
workingCtx.getParameters().add(keystoreType, BKS);
workingCtx.getParameters().add(keyPassword, 
password);
workingCtx.getParameters().add(disabledCipherSuites,
SSL_RSA_WITH_RC4_128_MD5 
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 TLS_RSA_WITH_AES_128_CBC_SHA .);
workingCtx.getParameters().add(enabledCipherSuites, 
SSL_RSA_WITH_RC4_128_SHA);

workingCtx.getParameters().add(needClientAuthentication, true);


ClientResource resource = new 
ClientResource(propFilePreader.get(serverURL));
resource.setNext(client);
..
..
resource.post(data);

--
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=2972321