package net.e6tech.elements.web.cxf.tomcat;

import java.net.URL;
import java.util.Objects;
import net.e6tech.elements.web.cxf.CXFServer;
import org.apache.catalina.connector.Connector;
import org.apache.tomcat.util.net.SSLHostConfig;
import org.apache.tomcat.util.net.SSLHostConfigCertificate;

/* loaded from: input_file:net/e6tech/elements/web/cxf/tomcat/TomcatSSL.class */
public class TomcatSSL {
    /* JADX INFO: Access modifiers changed from: protected */
    public Connector createConnector() {
        return new Connector("org.apache.coyote.http11.Http11Nio2Protocol");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Connector initialize(CXFServer cXFServer, URL url, Connector connector) {
        if ("https".equals(url.getProtocol())) {
            connector.setSecure(true);
            connector.setScheme("https");
            connector.setProperty("protocol", "HTTP/1.1");
            connector.setProperty("SSLEnabled", "true");
            connector.setProperty("defaultSSLHostConfigName", url.getHost());
            if (cXFServer.getKeyStoreFile() == null && cXFServer.getKeyStore() == null && cXFServer.getSelfSignedCert() == null) {
                throw new IllegalArgumentException("Missing keyStoreFile or keyStore");
            }
            SSLHostConfig sSLHostConfig = new SSLHostConfig();
            sSLHostConfig.setHostName(url.getHost());
            initializeHostConfig(cXFServer, connector, sSLHostConfig);
            if (cXFServer.getClientAuth() != null) {
                sSLHostConfig.setCertificateVerification(cXFServer.getClientAuth());
            }
            sSLHostConfig.setSslProtocol(cXFServer.getSslProtocol());
            customize(cXFServer, connector, sSLHostConfig);
            connector.addSslHostConfig(sSLHostConfig);
        }
        if (!cXFServer.isSendServerVersion()) {
            connector.setProperty("server", "Elements");
        }
        return connector;
    }

    protected void initializeHostConfig(CXFServer cXFServer, Connector connector, SSLHostConfig sSLHostConfig) {
        Objects.requireNonNull(connector);
        if (cXFServer.getKeyStoreFile() != null) {
            sSLHostConfig.setCertificateKeystoreFile(cXFServer.getKeyStoreFile());
            if (cXFServer.getKeyStorePassword() != null) {
                sSLHostConfig.setCertificateKeystorePassword(new String(cXFServer.getKeyStorePassword()));
            }
            if (cXFServer.getKeyManagerPassword() != null) {
                sSLHostConfig.setCertificateKeyPassword(new String(cXFServer.getKeyManagerPassword()));
            }
            sSLHostConfig.setCertificateKeystoreType(cXFServer.getKeyStoreFormat());
            return;
        }
        if (cXFServer.getKeyStore() == null) {
            SSLHostConfigCertificate sSLHostConfigCertificate = new SSLHostConfigCertificate(sSLHostConfig, SSLHostConfigCertificate.Type.UNDEFINED);
            sSLHostConfigCertificate.setCertificateKeystore(cXFServer.getSelfSignedCert().getKeyStore());
            sSLHostConfigCertificate.setCertificateKeystorePassword(new String(cXFServer.getSelfSignedCert().getPassword()));
            sSLHostConfigCertificate.setCertificateKeyPassword(new String(cXFServer.getSelfSignedCert().getPassword()));
            sSLHostConfig.addCertificate(sSLHostConfigCertificate);
            return;
        }
        SSLHostConfigCertificate sSLHostConfigCertificate2 = new SSLHostConfigCertificate(sSLHostConfig, SSLHostConfigCertificate.Type.UNDEFINED);
        sSLHostConfigCertificate2.setCertificateKeystore(cXFServer.getKeyStore());
        if (cXFServer.getKeyStorePassword() != null) {
            sSLHostConfigCertificate2.setCertificateKeystorePassword(new String(cXFServer.getKeyStorePassword()));
        }
        if (cXFServer.getKeyManagerPassword() != null) {
            sSLHostConfigCertificate2.setCertificateKeyPassword(new String(cXFServer.getKeyManagerPassword()));
        }
        sSLHostConfig.addCertificate(sSLHostConfigCertificate2);
    }

    protected void customize(CXFServer cXFServer, Connector connector, SSLHostConfig sSLHostConfig) {
    }
}
