import io.netty.channel.Channel;
import io.netty.channel.ChannelInitializer;
import io.netty.handler.ssl.SslContext;
import io.netty.handler.ssl.SslHandler;
import javax.net.ssl.SSLEngine;
public class SslChannelInitializer extends ChannelInitializer<Channel> {
private final SslContext context;
private final boolean startTls;
// context:傳入要使用的SslContext
// startTls:如果設置為true,第一個寫入的消息將不會被加密(客戶端應該設置為true)
public SslChannelInitializer(SslContext context,boolean startTls) {
this.context = context;
this.startTls = startTls;
}
@Override
protected void initChannel(Channel ch) throws Exception {
//對於每個SslHandler 實例,都使用Channel 的ByteBufAllocator 從SslContext 獲取一個新的SSLEngine
SSLEngine engine = context.newEngine(ch.alloc());
//將SslHandler作為第一個ChannelHandler添加到ChannelPipeline 中
ch.pipeline().addFirst("ssl",new SslHandler(engine, startTls));
}
}
