|
15 | 15 | import com.retailsvc.http.internal.Router; |
16 | 16 | import com.retailsvc.http.internal.SecurityFilter; |
17 | 17 | import com.retailsvc.http.internal.TextTypeMapper; |
| 18 | +import com.retailsvc.http.internal.TlsHttpsConfigurator; |
18 | 19 | import com.retailsvc.http.internal.gson.GsonJsonMapper; |
19 | 20 | import com.retailsvc.http.spec.Operation; |
20 | 21 | import com.retailsvc.http.spec.Spec; |
|
23 | 24 | import com.retailsvc.http.validate.DefaultValidator; |
24 | 25 | import com.sun.net.httpserver.HttpContext; |
25 | 26 | import com.sun.net.httpserver.HttpServer; |
26 | | -import com.sun.net.httpserver.HttpsConfigurator; |
27 | | -import com.sun.net.httpserver.HttpsParameters; |
28 | 27 | import com.sun.net.httpserver.HttpsServer; |
29 | 28 | import java.io.IOException; |
30 | 29 | import java.net.InetAddress; |
|
41 | 40 | import java.util.TreeSet; |
42 | 41 | import java.util.stream.Collectors; |
43 | 42 | import javax.net.ssl.SSLContext; |
44 | | -import javax.net.ssl.SSLParameters; |
45 | 43 | import org.slf4j.Logger; |
46 | 44 | import org.slf4j.LoggerFactory; |
47 | 45 |
|
@@ -477,23 +475,4 @@ private static TypeMapper tryLoadGsonMapper() { |
477 | 475 | return new GsonJsonMapper(); |
478 | 476 | } |
479 | 477 | } |
480 | | - |
481 | | - /** |
482 | | - * Pins HTTPS to TLS 1.2 and 1.3 only, regardless of operator-level {@code java.security} |
483 | | - * overrides, and explicitly leaves client-cert auth off (no mTLS in v1). |
484 | | - */ |
485 | | - private static final class TlsHttpsConfigurator extends HttpsConfigurator { |
486 | | - TlsHttpsConfigurator(SSLContext context) { |
487 | | - super(context); |
488 | | - } |
489 | | - |
490 | | - @Override |
491 | | - public void configure(HttpsParameters params) { |
492 | | - SSLParameters sslParams = getSSLContext().getDefaultSSLParameters(); |
493 | | - sslParams.setProtocols(new String[] {"TLSv1.3", "TLSv1.2"}); |
494 | | - sslParams.setNeedClientAuth(false); |
495 | | - sslParams.setWantClientAuth(false); |
496 | | - params.setSSLParameters(sslParams); |
497 | | - } |
498 | | - } |
499 | 478 | } |
0 commit comments