geode-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From u..@apache.org
Subject incubator-geode git commit: GEODE-420: Updated java.gradle to have the sourceCompatibility, targetCompatibility and encoding to be applied to all projects from the beginning. HttpService now works with multi-key keystores
Date Thu, 28 Jul 2016 21:51:08 GMT
Repository: incubator-geode
Updated Branches:
  refs/heads/feature/GEODE-420 115e5f25d -> 403bb2e75


GEODE-420: Updated java.gradle to have the sourceCompatibility, targetCompatibility and encoding
to be applied to all projects from the beginning.
HttpService now works with multi-key keystores


Project: http://git-wip-us.apache.org/repos/asf/incubator-geode/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-geode/commit/403bb2e7
Tree: http://git-wip-us.apache.org/repos/asf/incubator-geode/tree/403bb2e7
Diff: http://git-wip-us.apache.org/repos/asf/incubator-geode/diff/403bb2e7

Branch: refs/heads/feature/GEODE-420
Commit: 403bb2e751b3915816403effa233a7f2ccf0483e
Parents: 115e5f2
Author: Udo Kohlmeyer <ukohlmeyer@pivotal.io>
Authored: Thu Jul 28 14:50:57 2016 -0700
Committer: Udo Kohlmeyer <ukohlmeyer@pivotal.io>
Committed: Thu Jul 28 14:50:57 2016 -0700

----------------------------------------------------------------------
 .../controllers/RestAPIsWithSSLDUnitTest.java   | 198 +++++++++++++------
 .../gemfire/internal/GemFireVersion.java        |   1 -
 .../internal/net/SSLConfigurationFactory.java   |   5 +
 .../gemfire/internal/net/SocketCreator.java     |  82 ++++----
 .../gemfire/management/internal/AgentUtil.java  |   1 +
 .../management/internal/JettyHelper.java        |   4 +
 .../CacheServerSSLConnectionDUnitTest.java      |  10 +-
 .../net/SocketCreatorFactoryJUnitTest.java      |  28 ++-
 .../HTTPServiceSSLSupportJUnitTest.java         |   5 +-
 gradle/java.gradle                              |  25 ++-
 10 files changed, 242 insertions(+), 117 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/403bb2e7/geode-assembly/src/test/java/com/gemstone/gemfire/rest/internal/web/controllers/RestAPIsWithSSLDUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-assembly/src/test/java/com/gemstone/gemfire/rest/internal/web/controllers/RestAPIsWithSSLDUnitTest.java
b/geode-assembly/src/test/java/com/gemstone/gemfire/rest/internal/web/controllers/RestAPIsWithSSLDUnitTest.java
index f641c09..9b1072f 100644
--- a/geode-assembly/src/test/java/com/gemstone/gemfire/rest/internal/web/controllers/RestAPIsWithSSLDUnitTest.java
+++ b/geode-assembly/src/test/java/com/gemstone/gemfire/rest/internal/web/controllers/RestAPIsWithSSLDUnitTest.java
@@ -26,6 +26,7 @@ import java.io.IOException;
 import java.io.InputStream;
 import java.io.InputStreamReader;
 import java.net.BindException;
+import java.net.Socket;
 import java.security.KeyStore;
 import java.util.Date;
 import java.util.HashMap;
@@ -36,6 +37,8 @@ import javax.net.ssl.SSLContext;
 import org.apache.http.HttpEntity;
 import org.apache.http.client.methods.CloseableHttpResponse;
 import org.apache.http.client.methods.HttpGet;
+import org.apache.http.conn.ssl.PrivateKeyDetails;
+import org.apache.http.conn.ssl.PrivateKeyStrategy;
 import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
 import org.apache.http.conn.ssl.SSLContexts;
 import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
@@ -44,6 +47,7 @@ import org.apache.http.impl.client.HttpClients;
 import org.json.JSONObject;
 import org.junit.Test;
 import org.junit.experimental.categories.Category;
+import org.springframework.util.StringUtils;
 
 import com.gemstone.gemfire.cache.AttributesFactory;
 import com.gemstone.gemfire.cache.Cache;
@@ -81,16 +85,14 @@ public class RestAPIsWithSSLDUnitTest extends LocatorTestBase {
   private static final long serialVersionUID = -254776154266339226L;
 
   private final String PEOPLE_REGION_NAME = "People";
-
-  private File jks;
+  private final String INVALID_CLIENT_ALIAS = "INVALID_CLIENT_ALIAS";
 
   public RestAPIsWithSSLDUnitTest() {
     super();
-    this.jks = findTrustedJKS();
   }
 
   @Override
-  public final void preSetUp() throws Exception {
+  public final void preSetUp() {
     disconnectAllFromDS();
   }
 
@@ -100,11 +102,27 @@ public class RestAPIsWithSSLDUnitTest extends LocatorTestBase {
     disconnectAllFromDS();
   }
 
-  private File findTrustedJKS() {
-    if (jks == null) {
-      jks = new File(TestUtil.getResourcePath(RestAPIsWithSSLDUnitTest.class, "/ssl/trusted.keystore"));
+  private File findTrustedJKSWithSingleEntry() {
+    return new File(TestUtil.getResourcePath(RestAPIsWithSSLDUnitTest.class, "/ssl/trusted.keystore"));
+  }
+
+  private File findTrustStoreJKSForPath(Properties props) {
+    String propertyValue = props.getProperty(CLUSTER_SSL_TRUSTSTORE);
+    if (StringUtils.isEmpty(propertyValue)) {
+      propertyValue = props.getProperty(HTTP_SERVICE_SSL_TRUSTSTORE);
+    }
+    if (StringUtils.isEmpty(propertyValue)) {
+      propertyValue = props.getProperty(HTTP_SERVICE_SSL_KEYSTORE);
+    }
+    return new File(propertyValue);
+  }
+
+  private File findKeyStoreJKS(Properties props) {
+    String propertyValue = props.getProperty(CLUSTER_SSL_KEYSTORE);
+    if (StringUtils.isEmpty(propertyValue)) {
+      propertyValue = props.getProperty(HTTP_SERVICE_SSL_KEYSTORE);
     }
-    return jks;
+    return new File(propertyValue);
   }
 
   @SuppressWarnings("deprecation")
@@ -208,7 +226,6 @@ public class RestAPIsWithSSLDUnitTest extends LocatorTestBase {
       final String hostName = server.getHost().getHostName();
       final int restServicePort = AvailablePortHelper.getRandomAvailableTCPPort();
       startBridgeServer(hostName, restServicePort, locators, new String[] { REGION_NAME },
sslProperties, clusterLevel);
-      //          String restEndpoint = "https://" + hostName + ":" + restServicePort + "/gemfire-api/v1";
       return "https://" + hostName + ":" + restServicePort + "/gemfire-api/v1";
     });
 
@@ -370,16 +387,33 @@ public class RestAPIsWithSSLDUnitTest extends LocatorTestBase {
     regionFactory.create(PEOPLE_REGION_NAME);
   }
 
-  private CloseableHttpClient getSSLBasedHTTPClient(String algo) throws Exception {
-    File jks = findTrustedJKS();
+  private CloseableHttpClient getSSLBasedHTTPClient(Properties properties) throws Exception
{
 
     KeyStore clientKeys = KeyStore.getInstance("JKS");
-    clientKeys.load(new FileInputStream(jks.getCanonicalPath()), "password".toCharArray());
+    File keystoreJKSForPath = findKeyStoreJKS(properties);
+    clientKeys.load(new FileInputStream(keystoreJKSForPath), "password".toCharArray());
+
+    KeyStore clientTrust = KeyStore.getInstance("JKS");
+    File trustStoreJKSForPath = findTrustStoreJKSForPath(properties);
+    clientTrust.load(new FileInputStream(trustStoreJKSForPath), "password".toCharArray());
 
     // this is needed
     SSLContext sslcontext = SSLContexts.custom()
-                                       .loadTrustMaterial(clientKeys, new TrustSelfSignedStrategy())
-                                       .loadKeyMaterial(clientKeys, "password".toCharArray())
+                                       .loadTrustMaterial(clientTrust, new TrustSelfSignedStrategy())
+                                       .loadKeyMaterial(clientKeys, "password".toCharArray(),
new PrivateKeyStrategy() {
+                                         @Override
+                                         public String chooseAlias(final Map<String, PrivateKeyDetails>
aliases, final Socket socket) {
+                                           if(aliases.size() == 1)
+                                           {
+                                             return aliases.keySet().stream().findFirst().get();
+                                           }
+                                           if (!StringUtils.isEmpty(properties.getProperty(INVALID_CLIENT_ALIAS)))
{
+                                             return properties.getProperty(INVALID_CLIENT_ALIAS);
+                                           } else {
+                                             return properties.getProperty(HTTP_SERVICE_SSL_ALIAS);
+                                           }
+                                         }
+                                       })
                                        .build();
 
     // Host checking is disabled here , as tests might run on multiple hosts and
@@ -391,7 +425,11 @@ public class RestAPIsWithSSLDUnitTest extends LocatorTestBase {
     return httpclient;
   }
 
-  private void validateConnection(String restEndpoint, String algo) {
+  //  private void validateConnection(String restEndpoint, String algo) {
+  //    validateConnection(restEndpoint, algo, new Properties());
+  //  }
+
+  private void validateConnection(String restEndpoint, String algo, Properties properties)
{
 
     try {
       // 1. Get on key="1" and validate result.
@@ -401,7 +439,7 @@ public class RestAPIsWithSSLDUnitTest extends LocatorTestBase {
         get.addHeader("Accept", "application/json");
 
 
-        CloseableHttpClient httpclient = getSSLBasedHTTPClient(algo);
+        CloseableHttpClient httpclient = getSSLBasedHTTPClient(properties);
         CloseableHttpResponse response = httpclient.execute(get);
 
         HttpEntity entity = response.getEntity();
@@ -434,94 +472,134 @@ public class RestAPIsWithSSLDUnitTest extends LocatorTestBase {
 
     Properties props = new Properties();
     props.setProperty(CLUSTER_SSL_ENABLED, "true");
-    props.setProperty(CLUSTER_SSL_KEYSTORE, jks.getCanonicalPath());
+    props.setProperty(CLUSTER_SSL_KEYSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
+    props.setProperty(CLUSTER_SSL_TRUSTSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
+    props.setProperty(CLUSTER_SSL_KEYSTORE_PASSWORD, "password");
+    props.setProperty(CLUSTER_SSL_KEYSTORE_TYPE, "JKS");
+    props.setProperty(SSL_ENABLED_COMPONENTS, SSLEnabledComponents.HTTP_SERVICE);
+    String restEndpoint = startInfraWithSSL(props, false);
+    validateConnection(restEndpoint, "SSL", props);
+  }
+
+  @Test
+  public void testSimpleSSLWithMultiKey_KeyStore() throws Exception {
+
+    Properties props = new Properties();
+    props.setProperty(CLUSTER_SSL_ENABLED, "true");
+    props.setProperty(CLUSTER_SSL_KEYSTORE, TestUtil.getResourcePath(getClass(), "/com/gemstone/gemfire/internal/net/multiKey.jks"));
+    props.setProperty(CLUSTER_SSL_TRUSTSTORE, TestUtil.getResourcePath(getClass(), "/com/gemstone/gemfire/internal/net/multiKeyTrust.jks"));
     props.setProperty(CLUSTER_SSL_KEYSTORE_PASSWORD, "password");
+    props.setProperty(CLUSTER_SSL_TRUSTSTORE_PASSWORD, "password");
+    props.setProperty(CLUSTER_SSL_KEYSTORE_TYPE, "JKS");
+    props.setProperty(SSL_ENABLED_COMPONENTS, SSLEnabledComponents.HTTP_SERVICE);
+    props.setProperty(HTTP_SERVICE_SSL_ALIAS, "httpservicekey");
+    String restEndpoint = startInfraWithSSL(props, false);
+    validateConnection(restEndpoint, "SSL", props);
+  }
+
+  @Test(expected = RuntimeException.class)
+  public void testSimpleSSLWithMultiKey_KeyStore_WithInvalidClientKey() throws Exception
{
+
+    Properties props = new Properties();
+    props.setProperty(CLUSTER_SSL_ENABLED, "true");
+    props.setProperty(CLUSTER_SSL_KEYSTORE, TestUtil.getResourcePath(getClass(), "/com/gemstone/gemfire/internal/net/multiKey.jks"));
+    props.setProperty(CLUSTER_SSL_TRUSTSTORE, TestUtil.getResourcePath(getClass(), "/com/gemstone/gemfire/internal/net/multiKeyTrust.jks"));
+    props.setProperty(CLUSTER_SSL_KEYSTORE_PASSWORD, "password");
+    props.setProperty(CLUSTER_SSL_TRUSTSTORE_PASSWORD, "password");
     props.setProperty(CLUSTER_SSL_KEYSTORE_TYPE, "JKS");
     props.setProperty(SSL_ENABLED_COMPONENTS, SSLEnabledComponents.HTTP_SERVICE);
+    props.setProperty(HTTP_SERVICE_SSL_ALIAS, "httpservicekey");
+    props.setProperty(INVALID_CLIENT_ALIAS, "someAlias");
     String restEndpoint = startInfraWithSSL(props, false);
-    validateConnection(restEndpoint, "SSL");
+    validateConnection(restEndpoint, "SSL", props);
   }
 
   @Test
   public void testSSLWithoutKeyStoreType() throws Exception {
     Properties props = new Properties();
     props.setProperty(CLUSTER_SSL_ENABLED, "true");
-    props.setProperty(CLUSTER_SSL_KEYSTORE, jks.getCanonicalPath());
+    props.setProperty(CLUSTER_SSL_KEYSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
+    props.setProperty(CLUSTER_SSL_TRUSTSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
     props.setProperty(CLUSTER_SSL_KEYSTORE_PASSWORD, "password");
     props.setProperty(SSL_ENABLED_COMPONENTS, SSLEnabledComponents.HTTP_SERVICE);
 
     String restEndpoint = startInfraWithSSL(props, false);
-    validateConnection(restEndpoint, "SSL");
+    validateConnection(restEndpoint, "SSL", props);
   }
 
   @Test
   public void testSSLWithSSLProtocol() throws Exception {
     Properties props = new Properties();
     props.setProperty(CLUSTER_SSL_ENABLED, "true");
-    props.setProperty(CLUSTER_SSL_KEYSTORE, jks.getCanonicalPath());
+    props.setProperty(CLUSTER_SSL_KEYSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
+    props.setProperty(CLUSTER_SSL_TRUSTSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
     props.setProperty(CLUSTER_SSL_KEYSTORE_PASSWORD, "password");
     props.setProperty(CLUSTER_SSL_KEYSTORE_TYPE, "JKS");
     props.setProperty(CLUSTER_SSL_PROTOCOLS, "SSL");
     props.setProperty(SSL_ENABLED_COMPONENTS, SSLEnabledComponents.HTTP_SERVICE);
 
     String restEndpoint = startInfraWithSSL(props, false);
-    validateConnection(restEndpoint, "SSL");
+    validateConnection(restEndpoint, "SSL", props);
   }
 
   @Test
   public void testSSLWithTLSProtocol() throws Exception {
     Properties props = new Properties();
     props.setProperty(CLUSTER_SSL_ENABLED, "true");
-    props.setProperty(CLUSTER_SSL_KEYSTORE, jks.getCanonicalPath());
+    props.setProperty(CLUSTER_SSL_KEYSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
+    props.setProperty(CLUSTER_SSL_TRUSTSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
     props.setProperty(CLUSTER_SSL_KEYSTORE_PASSWORD, "password");
     props.setProperty(CLUSTER_SSL_KEYSTORE_TYPE, "JKS");
     props.setProperty(CLUSTER_SSL_PROTOCOLS, "TLS");
     props.setProperty(SSL_ENABLED_COMPONENTS, SSLEnabledComponents.HTTP_SERVICE);
 
     String restEndpoint = startInfraWithSSL(props, false);
-    validateConnection(restEndpoint, "TLS");
+    validateConnection(restEndpoint, "TLS", props);
   }
 
   @Test
   public void testSSLWithTLSv11Protocol() throws Exception {
     Properties props = new Properties();
     props.setProperty(CLUSTER_SSL_ENABLED, "true");
-    props.setProperty(CLUSTER_SSL_KEYSTORE, jks.getCanonicalPath());
+    props.setProperty(CLUSTER_SSL_KEYSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
+    props.setProperty(CLUSTER_SSL_TRUSTSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
     props.setProperty(CLUSTER_SSL_KEYSTORE_PASSWORD, "password");
     props.setProperty(CLUSTER_SSL_KEYSTORE_TYPE, "JKS");
     props.setProperty(CLUSTER_SSL_PROTOCOLS, "TLSv1.1");
     props.setProperty(SSL_ENABLED_COMPONENTS, SSLEnabledComponents.HTTP_SERVICE);
 
     String restEndpoint = startInfraWithSSL(props, false);
-    validateConnection(restEndpoint, "TLSv1.1");
+    validateConnection(restEndpoint, "TLSv1.1", props);
   }
 
   @Test
   public void testSSLWithTLSv12Protocol() throws Exception {
     Properties props = new Properties();
     props.setProperty(CLUSTER_SSL_ENABLED, "true");
-    props.setProperty(CLUSTER_SSL_KEYSTORE, jks.getCanonicalPath());
+    props.setProperty(CLUSTER_SSL_KEYSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
+    props.setProperty(CLUSTER_SSL_TRUSTSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
     props.setProperty(CLUSTER_SSL_KEYSTORE_PASSWORD, "password");
     props.setProperty(CLUSTER_SSL_KEYSTORE_TYPE, "JKS");
     props.setProperty(CLUSTER_SSL_PROTOCOLS, "TLSv1.2");
     props.setProperty(SSL_ENABLED_COMPONENTS, SSLEnabledComponents.HTTP_SERVICE);
 
     String restEndpoint = startInfraWithSSL(props, false);
-    validateConnection(restEndpoint, "TLSv1.2");
+    validateConnection(restEndpoint, "TLSv1.2", props);
   }
 
   @Test
   public void testWithMultipleProtocol() throws Exception {
     Properties props = new Properties();
     props.setProperty(CLUSTER_SSL_ENABLED, "true");
-    props.setProperty(CLUSTER_SSL_KEYSTORE, jks.getCanonicalPath());
+    props.setProperty(CLUSTER_SSL_KEYSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
+    props.setProperty(CLUSTER_SSL_TRUSTSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
     props.setProperty(CLUSTER_SSL_KEYSTORE_PASSWORD, "password");
     props.setProperty(CLUSTER_SSL_KEYSTORE_TYPE, "JKS");
     props.setProperty(CLUSTER_SSL_PROTOCOLS, "SSL,TLSv1.2");
     props.setProperty(SSL_ENABLED_COMPONENTS, SSLEnabledComponents.HTTP_SERVICE);
 
     String restEndpoint = startInfraWithSSL(props, false);
-    validateConnection(restEndpoint, "TLSv1.2");
+    validateConnection(restEndpoint, "TLSv1.2", props);
   }
 
   @Test
@@ -529,7 +607,8 @@ public class RestAPIsWithSSLDUnitTest extends LocatorTestBase {
     System.setProperty("javax.net.debug", "ssl");
     Properties props = new Properties();
     props.setProperty(CLUSTER_SSL_ENABLED, "true");
-    props.setProperty(CLUSTER_SSL_KEYSTORE, jks.getCanonicalPath());
+    props.setProperty(CLUSTER_SSL_KEYSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
+    props.setProperty(CLUSTER_SSL_TRUSTSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
     props.setProperty(CLUSTER_SSL_KEYSTORE_PASSWORD, "password");
     props.setProperty(CLUSTER_SSL_KEYSTORE_TYPE, "JKS");
     props.setProperty(CLUSTER_SSL_PROTOCOLS, "TLSv1.2");
@@ -543,14 +622,15 @@ public class RestAPIsWithSSLDUnitTest extends LocatorTestBase {
     props.setProperty(CLUSTER_SSL_CIPHERS, cipherSuites[0]);
 
     String restEndpoint = startInfraWithSSL(props, false);
-    validateConnection(restEndpoint, "TLSv1.2");
+    validateConnection(restEndpoint, "TLSv1.2", props);
   }
 
   @Test
   public void testSSLWithMultipleCipherSuite() throws Exception {
     Properties props = new Properties();
     props.setProperty(CLUSTER_SSL_ENABLED, "true");
-    props.setProperty(CLUSTER_SSL_KEYSTORE, jks.getCanonicalPath());
+    props.setProperty(CLUSTER_SSL_KEYSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
+    props.setProperty(CLUSTER_SSL_TRUSTSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
     props.setProperty(CLUSTER_SSL_KEYSTORE_PASSWORD, "password");
     props.setProperty(CLUSTER_SSL_KEYSTORE_TYPE, "JKS");
     props.setProperty(CLUSTER_SSL_PROTOCOLS, "TLSv1.2");
@@ -564,21 +644,21 @@ public class RestAPIsWithSSLDUnitTest extends LocatorTestBase {
     props.setProperty(CLUSTER_SSL_CIPHERS, cipherSuites[0] + "," + cipherSuites[1]);
 
     String restEndpoint = startInfraWithSSL(props, false);
-    validateConnection(restEndpoint, "TLSv1.2");
+    validateConnection(restEndpoint, "TLSv1.2", props);
   }
 
   @Test
   public void testMutualAuthentication() throws Exception {
     Properties props = new Properties();
 
-    props.setProperty(HTTP_SERVICE_SSL_TRUSTSTORE, jks.getCanonicalPath());
+    props.setProperty(HTTP_SERVICE_SSL_TRUSTSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
 
     props.setProperty(HTTP_SERVICE_SSL_TRUSTSTORE_PASSWORD, "password");
 
     props.setProperty(CLUSTER_SSL_ENABLED, "true");
-    props.setProperty(CLUSTER_SSL_KEYSTORE, jks.getCanonicalPath());
+    props.setProperty(CLUSTER_SSL_KEYSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
     props.setProperty(CLUSTER_SSL_KEYSTORE_PASSWORD, "password");
-    props.setProperty(CLUSTER_SSL_TRUSTSTORE, jks.getCanonicalPath());
+    props.setProperty(CLUSTER_SSL_TRUSTSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
     props.setProperty(CLUSTER_SSL_TRUSTSTORE_PASSWORD, "password");
     props.setProperty(CLUSTER_SSL_KEYSTORE_TYPE, "JKS");
     props.setProperty(CLUSTER_SSL_PROTOCOLS, "SSL");
@@ -586,7 +666,7 @@ public class RestAPIsWithSSLDUnitTest extends LocatorTestBase {
     props.setProperty(SSL_ENABLED_COMPONENTS, SSLEnabledComponents.HTTP_SERVICE);
 
     String restEndpoint = startInfraWithSSL(props, false);
-    validateConnection(restEndpoint, "SSL");
+    validateConnection(restEndpoint, "SSL", props);
   }
 
   @Test
@@ -594,82 +674,82 @@ public class RestAPIsWithSSLDUnitTest extends LocatorTestBase {
 
     Properties props = new Properties();
     props.setProperty(HTTP_SERVICE_SSL_ENABLED, "true");
-    props.setProperty(HTTP_SERVICE_SSL_KEYSTORE, jks.getCanonicalPath());
+    props.setProperty(HTTP_SERVICE_SSL_KEYSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
     props.setProperty(HTTP_SERVICE_SSL_KEYSTORE_PASSWORD, "password");
     props.setProperty(HTTP_SERVICE_SSL_KEYSTORE_TYPE, "JKS");
     String restEndpoint = startInfraWithSSL(props, false);
-    validateConnection(restEndpoint, "SSL");
+    validateConnection(restEndpoint, "SSL", props);
   }
 
   @Test
   public void testSSLWithoutKeyStoreTypeLegacy() throws Exception {
     Properties props = new Properties();
     props.setProperty(HTTP_SERVICE_SSL_ENABLED, "true");
-    props.setProperty(HTTP_SERVICE_SSL_KEYSTORE, jks.getCanonicalPath());
+    props.setProperty(HTTP_SERVICE_SSL_KEYSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
     props.setProperty(HTTP_SERVICE_SSL_KEYSTORE_PASSWORD, "password");
 
     String restEndpoint = startInfraWithSSL(props, false);
-    validateConnection(restEndpoint, "SSL");
+    validateConnection(restEndpoint, "SSL", props);
   }
 
   @Test
   public void testSSLWithSSLProtocolLegacy() throws Exception {
     Properties props = new Properties();
     props.setProperty(HTTP_SERVICE_SSL_ENABLED, "true");
-    props.setProperty(HTTP_SERVICE_SSL_KEYSTORE, jks.getCanonicalPath());
+    props.setProperty(HTTP_SERVICE_SSL_KEYSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
     props.setProperty(HTTP_SERVICE_SSL_KEYSTORE_PASSWORD, "password");
     props.setProperty(HTTP_SERVICE_SSL_PROTOCOLS, "SSL");
 
     String restEndpoint = startInfraWithSSL(props, false);
-    validateConnection(restEndpoint, "SSL");
+    validateConnection(restEndpoint, "SSL", props);
   }
 
   @Test
   public void testSSLWithTLSProtocolLegacy() throws Exception {
     Properties props = new Properties();
     props.setProperty(HTTP_SERVICE_SSL_ENABLED, "true");
-    props.setProperty(HTTP_SERVICE_SSL_KEYSTORE, jks.getCanonicalPath());
+    props.setProperty(HTTP_SERVICE_SSL_KEYSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
     props.setProperty(HTTP_SERVICE_SSL_KEYSTORE_PASSWORD, "password");
     props.setProperty(HTTP_SERVICE_SSL_PROTOCOLS, "TLS");
 
     String restEndpoint = startInfraWithSSL(props, false);
-    validateConnection(restEndpoint, "TLS");
+    validateConnection(restEndpoint, "TLS", props);
   }
 
   @Test
   public void testSSLWithTLSv11ProtocolLegacy() throws Exception {
     Properties props = new Properties();
     props.setProperty(HTTP_SERVICE_SSL_ENABLED, "true");
-    props.setProperty(HTTP_SERVICE_SSL_KEYSTORE, jks.getCanonicalPath());
+    props.setProperty(HTTP_SERVICE_SSL_KEYSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
     props.setProperty(HTTP_SERVICE_SSL_KEYSTORE_PASSWORD, "password");
     props.setProperty(HTTP_SERVICE_SSL_PROTOCOLS, "TLSv1.1");
 
     String restEndpoint = startInfraWithSSL(props, false);
-    validateConnection(restEndpoint, "TLSv1.1");
+    validateConnection(restEndpoint, "TLSv1.1", props);
   }
 
   @Test
   public void testSSLWithTLSv12ProtocolLegacy() throws Exception {
     Properties props = new Properties();
     props.setProperty(HTTP_SERVICE_SSL_ENABLED, "true");
-    props.setProperty(HTTP_SERVICE_SSL_KEYSTORE, jks.getCanonicalPath());
+    props.setProperty(HTTP_SERVICE_SSL_KEYSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
     props.setProperty(HTTP_SERVICE_SSL_KEYSTORE_PASSWORD, "password");
     props.setProperty(HTTP_SERVICE_SSL_PROTOCOLS, "TLSv1.2");
 
     String restEndpoint = startInfraWithSSL(props, false);
-    validateConnection(restEndpoint, "TLSv1.2");
+    validateConnection(restEndpoint, "TLSv1.2", props);
   }
 
   @Test
   public void testWithMultipleProtocolLegacy() throws Exception {
     Properties props = new Properties();
     props.setProperty(HTTP_SERVICE_SSL_ENABLED, "true");
-    props.setProperty(HTTP_SERVICE_SSL_KEYSTORE, jks.getCanonicalPath());
+    props.setProperty(HTTP_SERVICE_SSL_KEYSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
     props.setProperty(HTTP_SERVICE_SSL_KEYSTORE_PASSWORD, "password");
     props.setProperty(HTTP_SERVICE_SSL_PROTOCOLS, "SSL,TLSv1.2");
 
     String restEndpoint = startInfraWithSSL(props, false);
-    validateConnection(restEndpoint, "TLSv1.2");
+    validateConnection(restEndpoint, "TLSv1.2", props);
   }
 
   @Test
@@ -677,7 +757,7 @@ public class RestAPIsWithSSLDUnitTest extends LocatorTestBase {
     System.setProperty("javax.net.debug", "ssl");
     Properties props = new Properties();
     props.setProperty(HTTP_SERVICE_SSL_ENABLED, "true");
-    props.setProperty(HTTP_SERVICE_SSL_KEYSTORE, jks.getCanonicalPath());
+    props.setProperty(HTTP_SERVICE_SSL_KEYSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
     props.setProperty(HTTP_SERVICE_SSL_KEYSTORE_PASSWORD, "password");
     props.setProperty(HTTP_SERVICE_SSL_PROTOCOLS, "TLSv1.2");
 
@@ -689,14 +769,14 @@ public class RestAPIsWithSSLDUnitTest extends LocatorTestBase {
     props.setProperty(HTTP_SERVICE_SSL_CIPHERS, cipherSuites[0]);
 
     String restEndpoint = startInfraWithSSL(props, false);
-    validateConnection(restEndpoint, "TLSv1.2");
+    validateConnection(restEndpoint, "TLSv1.2", props);
   }
 
   @Test
   public void testSSLWithMultipleCipherSuiteLegacy() throws Exception {
     Properties props = new Properties();
     props.setProperty(HTTP_SERVICE_SSL_ENABLED, "true");
-    props.setProperty(HTTP_SERVICE_SSL_KEYSTORE, jks.getCanonicalPath());
+    props.setProperty(HTTP_SERVICE_SSL_KEYSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
     props.setProperty(HTTP_SERVICE_SSL_KEYSTORE_PASSWORD, "password");
     props.setProperty(HTTP_SERVICE_SSL_PROTOCOLS, "TLSv1.2");
 
@@ -708,24 +788,24 @@ public class RestAPIsWithSSLDUnitTest extends LocatorTestBase {
     props.setProperty(HTTP_SERVICE_SSL_CIPHERS, cipherSuites[0] + "," + cipherSuites[1]);
 
     String restEndpoint = startInfraWithSSL(props, false);
-    validateConnection(restEndpoint, "TLSv1.2");
+    validateConnection(restEndpoint, "TLSv1.2", props);
   }
 
   @Test
   public void testMutualAuthenticationLegacy() throws Exception {
     Properties props = new Properties();
     props.setProperty(HTTP_SERVICE_SSL_ENABLED, "true");
-    props.setProperty(HTTP_SERVICE_SSL_KEYSTORE, jks.getCanonicalPath());
+    props.setProperty(HTTP_SERVICE_SSL_KEYSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
     props.setProperty(HTTP_SERVICE_SSL_KEYSTORE_PASSWORD, "password");
     props.setProperty(HTTP_SERVICE_SSL_PROTOCOLS, "SSL");
     props.setProperty(HTTP_SERVICE_SSL_REQUIRE_AUTHENTICATION, "true");
 
-    props.setProperty(HTTP_SERVICE_SSL_TRUSTSTORE, jks.getCanonicalPath());
+    props.setProperty(HTTP_SERVICE_SSL_TRUSTSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
 
     props.setProperty(HTTP_SERVICE_SSL_TRUSTSTORE_PASSWORD, "password");
 
     String restEndpoint = startInfraWithSSL(props, false);
-    validateConnection(restEndpoint, "SSL");
+    validateConnection(restEndpoint, "SSL", props);
   }
 
 }

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/403bb2e7/geode-core/src/main/java/com/gemstone/gemfire/internal/GemFireVersion.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/internal/GemFireVersion.java b/geode-core/src/main/java/com/gemstone/gemfire/internal/GemFireVersion.java
index 95a8fdc..f3719f7 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/internal/GemFireVersion.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/internal/GemFireVersion.java
@@ -109,7 +109,6 @@ public class GemFireVersion {
     if (instance == null) {
       instance = new GemFireVersion();
     }
-
     return instance;
   }
 

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/403bb2e7/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SSLConfigurationFactory.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SSLConfigurationFactory.java
b/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SSLConfigurationFactory.java
index f31c543..e0c595e 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SSLConfigurationFactory.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SSLConfigurationFactory.java
@@ -52,10 +52,15 @@ public class SSLConfigurationFactory {
     SSLConfig sslConfig = getInstance().getRegisteredSSLConfigForComponent(sslEnabledComponent);
     if (sslConfig == null) {
       sslConfig = getInstance().createSSLConfigForComponent(sslEnabledComponent);
+      getInstance().registeredSSLConfigForComponent(sslEnabledComponent, sslConfig);
     }
     return sslConfig;
   }
 
+  private synchronized void registeredSSLConfigForComponent(final SSLEnabledComponent sslEnabledComponent,
final SSLConfig sslConfig) {
+    registeredSSLConfig.put(sslEnabledComponent, sslConfig);
+  }
+
   private SSLConfig createSSLConfigForComponent(final SSLEnabledComponent sslEnabledComponent)
{
     SSLConfig sslConfig = new SSLConfig();
     configureClusterSSL(sslConfig, sslEnabledComponent);

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/403bb2e7/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SocketCreator.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SocketCreator.java
b/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SocketCreator.java
index b28a9eb..44f3331 100755
--- a/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SocketCreator.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SocketCreator.java
@@ -62,6 +62,7 @@ import javax.net.SocketFactory;
 import javax.net.ssl.KeyManager;
 import javax.net.ssl.KeyManagerFactory;
 import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLEngine;
 import javax.net.ssl.SSLException;
 import javax.net.ssl.SSLPeerUnverifiedException;
 import javax.net.ssl.SSLServerSocket;
@@ -158,26 +159,6 @@ public class SocketCreator {
    */
   private boolean ready = false;
 
-  //  /**
-  //   * True if configured to use SSL
-  //   */
-  //  private boolean useSSL;
-  //
-  //  /**
-  //   * True if configured to require client authentication
-  //   */
-  //  private boolean needClientAuth;
-  //
-  //  /**
-  //   * Space-delimited list of SSL protocols to use, 'any' allows any
-  //   */
-  //  private String[] protocols;
-  //
-  //  /**
-  //   * Space-delimited list of SSL ciphers to use, 'any' allows any
-  //   */
-  //  private String[] ciphers;
-
   /**
    * Only print this SocketCreator's config once
    */
@@ -348,7 +329,7 @@ public class SocketCreator {
   private void initialize() {
     try {
       // set p2p values...
-      if(SSLEnabledComponent.CLUSTER.equals(sslConfig.getSslEnabledComponent())){
+      if (SSLEnabledComponent.CLUSTER.equals(sslConfig.getSslEnabledComponent())) {
         if (this.sslConfig.isEnabled()) {
           System.setProperty("p2p.useSSL", "true");
           System.setProperty("p2p.oldIO", "true");
@@ -623,41 +604,64 @@ public class SocketCreator {
 
 
     @Override
-    public String chooseClientAlias(String[] arg0, Principal[] arg1, Socket arg2) {
-      // TODO Auto-generated method stub
-      return this.delegate.chooseClientAlias(arg0, arg1, arg2);
+    public String[] getClientAliases(final String s, final Principal[] principals) {
+      return delegate.getClientAliases(s, principals);
+    }
+
+    @Override
+    public String chooseClientAlias(final String[] strings, final Principal[] principals,
final Socket socket) {
+      return delegate.chooseClientAlias(strings, principals, socket);
     }
 
     @Override
-    public String chooseServerAlias(String arg0, Principal[] arg1, Socket arg2) {
-      // TODO Auto-generated method stub
-      return this.delegate.chooseServerAlias(arg0, arg1, arg2);
+    public String[] getServerAliases(final String s, final Principal[] principals) {
+      return delegate.getServerAliases(s, principals);
     }
 
     @Override
-    public X509Certificate[] getCertificateChain(String arg0) {
-      // TODO Auto-generated method stub
-      return this.delegate.getCertificateChain(arg0);
+    public String chooseServerAlias(String keyType, Principal[] issuers, Socket socket) {
+      //      if (!StringUtils.isEmpty(this.keyAlias)) {
+      //        PrivateKey key = this.delegate.getPrivateKey(this.keyAlias);
+      //        return getKeyAlias(keyType, key);
+      //      }
+      return this.delegate.chooseServerAlias(keyType, issuers, socket);
+
     }
 
     @Override
-    public String[] getClientAliases(String arg0, Principal[] arg1) {
-      // TODO Auto-generated method stub
-      return delegate.getClientAliases(arg0, arg1);
+    public X509Certificate[] getCertificateChain(final String s) {
+      //      if (!StringUtils.isEmpty(this.keyAlias)) {
+      //        return delegate.getCertificateChain(keyAlias);
+      //      }
+      return delegate.getCertificateChain(s);
     }
 
     @Override
-    public PrivateKey getPrivateKey(String arg0) {
-      // TODO Auto-generated method stub
-      return delegate.getPrivateKey(arg0);
+    public PrivateKey getPrivateKey(final String alias) {
+      return delegate.getPrivateKey(alias);
     }
 
     @Override
-    public String[] getServerAliases(String arg0, Principal[] arg1) {
-      // TODO Auto-generated method stub
-      return delegate.getServerAliases(arg0, arg1);
+    public String chooseEngineServerAlias(final String keyType, final Principal[] principals,
final SSLEngine sslEngine) {
+      //      if (!StringUtils.isEmpty(this.keyAlias)) {
+      //        PrivateKey key = this.delegate.getPrivateKey(this.keyAlias);
+      //        return getKeyAlias(keyType, key);
+      //      }
+      return this.delegate.chooseEngineServerAlias(keyType, principals, sslEngine);
+
     }
 
+    private String getKeyAlias(final String keyType, final PrivateKey key) {
+      if (key != null) {
+        if (key.getAlgorithm().equals(keyType)) {
+          return this.keyAlias;
+        } else {
+          return null;
+        }
+      } else {
+        return null;
+      }
+    }
   }
 
   // -------------------------------------------------------------------------

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/403bb2e7/geode-core/src/main/java/com/gemstone/gemfire/management/internal/AgentUtil.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/AgentUtil.java
b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/AgentUtil.java
index 59c398e..64116e5 100755
--- a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/AgentUtil.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/AgentUtil.java
@@ -41,6 +41,7 @@ public class AgentUtil {
 
   public AgentUtil(String gemfireVersion) {
     this.gemfireVersion = gemfireVersion;
+    this.gemfireVersion = "1.0.0-incubating-SNAPSHOT";
   }
 
   /**

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/403bb2e7/geode-core/src/main/java/com/gemstone/gemfire/management/internal/JettyHelper.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/JettyHelper.java
b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/JettyHelper.java
index 32d2045..8724d73 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/JettyHelper.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/JettyHelper.java
@@ -74,6 +74,10 @@ public class JettyHelper {
     if (sslConfig.isEnabled()) {
       SslContextFactory sslContextFactory = new SslContextFactory();
 
+      if (!StringUtils.isBlank(sslConfig.getAlias())) {
+        sslContextFactory.setCertAlias(sslConfig.getAlias());
+      }
+
       sslContextFactory.setNeedClientAuth(sslConfig.isRequireAuth());
 
       if (!StringUtils.isBlank(sslConfig.getCiphers()) && !"any".equalsIgnoreCase(sslConfig.getCiphers()))
{

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/403bb2e7/geode-core/src/test/java/com/gemstone/gemfire/cache/client/internal/CacheServerSSLConnectionDUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/cache/client/internal/CacheServerSSLConnectionDUnitTest.java
b/geode-core/src/test/java/com/gemstone/gemfire/cache/client/internal/CacheServerSSLConnectionDUnitTest.java
index c9c04fd..b914484 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/cache/client/internal/CacheServerSSLConnectionDUnitTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/cache/client/internal/CacheServerSSLConnectionDUnitTest.java
@@ -245,14 +245,18 @@ public class CacheServerSSLConnectionDUnitTest extends JUnit4DistributedTestCase
     boolean cacheClientSslenabled = true;
     boolean cacheClientSslRequireAuth = true;
 
-    serverVM.invoke(() -> setUpServerVMTask(cacheServerSslenabled));
-    int port = serverVM.invoke(() -> createServerTask());
+//    serverVM.invoke(() -> setUpServerVMTask(cacheServerSslenabled));
+//    int port = serverVM.invoke(() -> createServerTask());
+
+        setUpServerVMTask(cacheServerSslenabled);
+        int port = createServerTask();
 
     String hostName = host.getHostName();
 
     clientVM.invoke(() -> setUpClientVMTask(hostName, port, cacheClientSslenabled, cacheClientSslRequireAuth,
CLIENT_KEY_STORE, CLIENT_TRUST_STORE));
     clientVM.invoke(() -> doClientRegionTestTask());
-    serverVM.invoke(() -> doServerRegionTestTask());
+//    serverVM.invoke(() -> doServerRegionTestTask());
+    doServerRegionTestTask();
   }
 
   @Test

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/403bb2e7/geode-core/src/test/java/com/gemstone/gemfire/internal/net/SocketCreatorFactoryJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/internal/net/SocketCreatorFactoryJUnitTest.java
b/geode-core/src/test/java/com/gemstone/gemfire/internal/net/SocketCreatorFactoryJUnitTest.java
index 442467f..a6d28fc 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/internal/net/SocketCreatorFactoryJUnitTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/internal/net/SocketCreatorFactoryJUnitTest.java
@@ -30,6 +30,7 @@ import com.gemstone.gemfire.distributed.SSLEnabledComponents;
 import com.gemstone.gemfire.distributed.internal.DistributionConfigImpl;
 import com.gemstone.gemfire.test.dunit.Assert;
 import com.gemstone.gemfire.test.junit.categories.UnitTest;
+import com.gemstone.gemfire.util.test.TestUtil;
 
 @Category(UnitTest.class)
 public class SocketCreatorFactoryJUnitTest extends JSSESocketJUnitTest {
@@ -135,7 +136,7 @@ public class SocketCreatorFactoryJUnitTest extends JSSESocketJUnitTest
{
 
   @Test
   public void testNewSSLConfigSSLComponentCombinations1() {
-    Properties properties = configureSSLProperties(commaDelimetedString(SSLEnabledComponents.CLUSTER,
SSLEnabledComponents.SERVER));
+    Properties properties = configureSSLProperties(commaDelimitedString(SSLEnabledComponents.CLUSTER,
SSLEnabledComponents.SERVER));
 
     DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties);
     SocketCreatorFactory.setDistributionConfig(distributionConfig);
@@ -149,7 +150,8 @@ public class SocketCreatorFactoryJUnitTest extends JSSESocketJUnitTest
{
 
   @Test
   public void testNewSSLConfigSSLComponentCombinations2() {
-    Properties properties = configureSSLProperties(commaDelimetedString(SSLEnabledComponents.CLUSTER,
SSLEnabledComponents.SERVER, SSLEnabledComponents.HTTP_SERVICE, SSLEnabledComponents.JMX));
+    Properties properties = configureSSLProperties(commaDelimitedString(SSLEnabledComponents.CLUSTER,
SSLEnabledComponents.SERVER, SSLEnabledComponents
+      .HTTP_SERVICE, SSLEnabledComponents.JMX));
 
     DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties);
     SocketCreatorFactory.setDistributionConfig(distributionConfig);
@@ -161,6 +163,26 @@ public class SocketCreatorFactoryJUnitTest extends JSSESocketJUnitTest
{
     Assert.assertTrue(SocketCreatorFactory.getHTTPServiceSSLSocketCreator().useSSL());
   }
 
+  @Test
+  public void testNewSSLConfigSSLComponentSingleKeyStoreWithAlias() {
+    Properties properties = configureSSLProperties(SSLEnabledComponent.ALL.getConstant());
+
+    properties.setProperty(CLUSTER_SSL_KEYSTORE, TestUtil.getResourcePath(getClass(), "/com/gemstone/gemfire/internal/net/multiKey.jks"));
+    properties.setProperty(CLUSTER_SSL_TRUSTSTORE, TestUtil.getResourcePath(getClass(), "/com/gemstone/gemfire/internal/net/multiKeyTrust.jks"));
+
+    properties.setProperty(CLUSTER_SSL_ALIAS,"clusterKey");
+
+    DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties);
+    SocketCreatorFactory.setDistributionConfig(distributionConfig);
+
+    Assert.assertTrue(SocketCreatorFactory.getClusterSSLSocketCreator().useSSL());
+    Assert.assertTrue(SocketCreatorFactory.getClusterSSLSocketCreator().useSSL());
+    Assert.assertTrue(SocketCreatorFactory.getGatewaySSLSocketCreator().useSSL());
+    Assert.assertTrue(SocketCreatorFactory.getJMXManagerSSLSocketCreator().useSSL());
+    Assert.assertTrue(SocketCreatorFactory.getServerSSLSocketCreator().useSSL());
+    Assert.assertTrue(SocketCreatorFactory.getHTTPServiceSSLSocketCreator().useSSL());
+  }
+
   private Properties configureSSLProperties(String sslComponents) {
     Properties properties = new Properties();
     try {
@@ -184,7 +206,7 @@ public class SocketCreatorFactoryJUnitTest extends JSSESocketJUnitTest
{
   }
 
 
-  private String commaDelimetedString(final String... sslComponents) {
+  private String commaDelimitedString(final String... sslComponents) {
     StringBuilder stringBuilder = new StringBuilder();
     for (String sslComponent : sslComponents) {
       stringBuilder.append(sslComponent);

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/403bb2e7/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/commands/HTTPServiceSSLSupportJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/commands/HTTPServiceSSLSupportJUnitTest.java
b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/commands/HTTPServiceSSLSupportJUnitTest.java
index 1e7ff69..0bfdf52 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/commands/HTTPServiceSSLSupportJUnitTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/commands/HTTPServiceSSLSupportJUnitTest.java
@@ -24,12 +24,12 @@ import java.util.Properties;
 
 import org.junit.After;
 import org.junit.Before;
-import org.junit.Ignore;
 import org.junit.Test;
 import org.junit.experimental.categories.Category;
 
 import com.gemstone.gemfire.distributed.internal.DistributionConfig;
 import com.gemstone.gemfire.distributed.internal.DistributionConfigImpl;
+import com.gemstone.gemfire.internal.net.SSLEnabledComponent;
 import com.gemstone.gemfire.test.junit.categories.IntegrationTest;
 import com.gemstone.gemfire.util.test.TestUtil;
 
@@ -69,7 +69,7 @@ public class HTTPServiceSSLSupportJUnitTest {
     return sb.toString();
   }
 
-  @Ignore("disabled for unknown reason")
+  //  @Ignore("disabled for unknown reason")
   @Test
   public void testSSLWithClusterSSL() throws Exception {
 
@@ -94,7 +94,6 @@ public class HTTPServiceSSLSupportJUnitTest {
     assertEquals(config.getHttpServiceSSLRequireAuthentication(), true);
     assertEquals(config.getHttpServiceSSLTrustStore(), jks.getCanonicalPath());
     assertEquals(config.getHttpServiceSSLTrustStorePassword(), "password");
-
   }
 
   @Test

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/403bb2e7/gradle/java.gradle
----------------------------------------------------------------------
diff --git a/gradle/java.gradle b/gradle/java.gradle
index 4acb4da..cffbd6a 100644
--- a/gradle/java.gradle
+++ b/gradle/java.gradle
@@ -14,19 +14,26 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
+
+allprojects {
+  apply plugin: 'java'
+  sourceCompatibility = 1.8
+  targetCompatibility = 1.8
+  compileJava.options.encoding = 'UTF-8'
+}
 subprojects {
   apply plugin: 'java'
   
   // apply compiler options
-  gradle.taskGraph.whenReady( { graph ->
-    tasks.withType(JavaCompile).each { javac ->
-      javac.configure {
-        sourceCompatibility '1.8'
-        targetCompatibility '1.8'
-        options.encoding = 'UTF-8'
-      }
-    }
-  })
+//  gradle.taskGraph.whenReady( { graph ->
+//    tasks.withType(JavaCompile).each { javac ->
+//      javac.configure {
+//        sourceCompatibility '1.8'
+//        targetCompatibility '1.8'
+//        options.encoding = 'UTF-8'
+//      }
+//    }
+//  })
   
   // apply default manifest
   gradle.taskGraph.whenReady( { graph ->



Mime
View raw message