-
Notifications
You must be signed in to change notification settings - Fork 180
How to enable WSS
In order to create a secure channel, you have to provide the server with a certificate. Once this is done, you should be able to start the server as normal.
The following code is taken from a Java-Websocket example: https://github.com/TooTallNate/Java-WebSocket/blob/master/src/main/example/SSLServerExample.java
// load up the key store
String STORETYPE = "JKS";
String KEYSTORE = "keystore.jks";
String STOREPASSWORD = "storepassword";
String KEYPASSWORD = "keypassword";
KeyStore ks = KeyStore.getInstance( STORETYPE );
File kf = new File( KEYSTORE );
ks.load( new FileInputStream( kf ), STOREPASSWORD.toCharArray() );
KeyManagerFactory kmf = KeyManagerFactory.getInstance( "SunX509" );
kmf.init( ks, KEYPASSWORD.toCharArray() );
TrustManagerFactory tmf = TrustManagerFactory.getInstance( "SunX509" );
tmf.init( ks );
SSLContext sslContext = null;
sslContext = SSLContext.getInstance( "TLS" );
sslContext.init( kmf.getKeyManagers(), tmf.getTrustManagers(), null );`
Once you have the certificate as a SSLContext, you can enable WSS.
I have modified the default example code to demonstrate: https://github.com/ChargeTimeEU/Java-OCA-OCPP/blob/master/ocpp-v1_6-example/src/main/core_features/JSONServerSample.java#L123-L138
server = new JSONServer(core);
server.enableWSS(sslContext); // Provide certificate to enable WSS
server.open("localhost", 8887, new ServerEvents() {
@Override
public void newSession(UUID sessionIndex, SessionInformation information) {
// sessionIndex is used to send messages.
System.out.println("New session " + sessionIndex + ": " + information.getIdentifier());
}
@Override
public void lostSession(UUID sessionIndex) {
}
});
To enable wss for the client, you need to do somewhat the same setup as the server, please see the following taken from this example: https://github.com/TooTallNate/Java-WebSocket/blob/master/src/main/example/SSLClientExample.java#L87-L104
// load up the key store
String STORETYPE = "JKS";
String KEYSTORE = "keystore.jks";
String STOREPASSWORD = "storepassword";
String KEYPASSWORD = "keypassword";
KeyStore ks = KeyStore.getInstance( STORETYPE );
File kf = new File( KEYSTORE );
ks.load( new FileInputStream( kf ), STOREPASSWORD.toCharArray() );
KeyManagerFactory kmf = KeyManagerFactory.getInstance( "SunX509" );
kmf.init( ks, KEYPASSWORD.toCharArray() );
TrustManagerFactory tmf = TrustManagerFactory.getInstance( "SunX509" );
tmf.init( ks );
SSLContext sslContext = null;
sslContext = SSLContext.getInstance( "TLS" );
sslContext.init( kmf.getKeyManagers(), tmf.getTrustManagers(), null );
Now that you have a sslContext prepared, you can pass it on to the client. I have modified an example to do this: https://github.com/ChargeTimeEU/Java-OCA-OCPP/blob/master/ocpp-v1_6-example/src/main/core_features/JSONClientSample.java#L125-L126
client = new JSONClient(core, "chargeboxIdentity");
client.enableWSS(sslContext);
client.connect("ws://hostname:8887", null);