Use single SSL context for mqtt transport

Igor Kulikov
1 parent b3dc4414
Showing 1 changed file with 13 additions and 13 deletions
common/transport/mqtt/src/main/java/org/thingsboard/server/transport/mqtt/MqttSslHandlerProvider.java
--- a/common/transport/mqtt/src/main/java/org/thingsboard/server/transport/mqtt/MqttSslHandlerProvider.java
View file @a230e58
+++ b/common/transport/mqtt/src/main/java/org/thingsboard/server/transport/mqtt/MqttSslHandlerProvider.java
View file @a230e58
@@ -68,16 +68,23 @@ public class MqttSslHandlerProvider {
     @Autowired
     private TransportService transportService;
 
-    private SSLEngine sslEngine;
+    private SSLContext sslContext;
 
     public SslHandler getSslHandler() {
-        if (sslEngine == null) {
-            sslEngine = createSslEngine();
+        if (sslContext == null) {
+            sslContext = createSslContext();
         }
+        SSLEngine sslEngine = sslContext.createSSLEngine();
+        sslEngine.setUseClientMode(false);
+        sslEngine.setNeedClientAuth(false);
+        sslEngine.setWantClientAuth(true);
+        sslEngine.setEnabledProtocols(sslEngine.getSupportedProtocols());
+        sslEngine.setEnabledCipherSuites(sslEngine.getSupportedCipherSuites());
+        sslEngine.setEnableSessionCreation(true);
         return new SslHandler(sslEngine);
     }
 
-    private SSLEngine createSslEngine() {
+    private SSLContext createSslContext() {
         try {
             TrustManagerFactory tmFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
             KeyStore trustStore = KeyStore.getInstance(keyStoreType);
@@ -101,17 +108,10 @@ public class MqttSslHandlerProvider {
             }
             SSLContext sslContext = SSLContext.getInstance(sslProtocol);
             sslContext.init(km, tm, null);
-            SSLEngine sslEngine = sslContext.createSSLEngine();
-            sslEngine.setUseClientMode(false);
-            sslEngine.setNeedClientAuth(false);
-            sslEngine.setWantClientAuth(true);
-            sslEngine.setEnabledProtocols(sslEngine.getSupportedProtocols());
-            sslEngine.setEnabledCipherSuites(sslEngine.getSupportedCipherSuites());
-            sslEngine.setEnableSessionCreation(true);
-            return sslEngine;
+            return sslContext;
         } catch (Exception e) {
             log.error("Unable to set up SSL context. Reason: " + e.getMessage(), e);
-            throw new RuntimeException("Failed to get SSL engine", e);
+            throw new RuntimeException("Failed to get SSL context", e);
         }
     }