How to provide custom SSLContext to Netty server on spring boot

Question

How can we configure a custom SSLContext to a spring boot application with Netty server?

From the source code, I see 'reactor.ipc.netty.http.server.HttpServerOptions' which are some server startup options, but I don't find a way to configure them.

Is there any handler through which we can inject our custom SSLContext?

I am looking something similar to this (Spring 5 WebClient using ssl) where WebClient is configured with a custom SSLContext through 'reactor.ipc.netty.http.client.HttpClientOptions'.

Answer 1

Netty can be customized like blow example in spring-boot 2.

  import org.springframework.boot.SpringApplication;
  import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
  import org.springframework.boot.web.embedded.netty.NettyReactiveWebServerFactory;
  import org.springframework.boot.web.server.ErrorPage;
  import org.springframework.boot.web.server.Ssl;
  import org.springframework.boot.web.server.WebServerFactoryCustomizer;
  import org.springframework.context.annotation.Bean;
  import org.springframework.context.annotation.Configuration;
  import org.springframework.context.annotation.ImportResource;

  /**
   * author : Mohammad Ghoreishi
   */
  @Configuration
  @ImportResource({"classpath:convert-iban-service.xml", "classpath:config-loader-context.xml", "classpath*:error-resolver.xml"})
  @EnableAutoConfiguration
  public class Application {

    public static void main(String[] args) throws Exception {
      SpringApplication.run(Application.class, args);
    }

    @Bean
    public WebServerFactoryCustomizer<NettyReactiveWebServerFactory> customizer(){
      return new WebServerFactoryCustomizer<NettyReactiveWebServerFactory>() {
        @Override
        public void customize(NettyReactiveWebServerFactory factory) {
          Ssl ssl = new Ssl();
          // Your SSL Cusomizations
          ssl.setEnabled(true);
          ssl.setKeyStore("/path/to/keystore/keystore.jks");
          ssl.setKeyAlias("alias");
          ssl.setKeyPassword("password");
          factory.setSsl(ssl);
          factory.addErrorPages(new ErrorPage("/errorPage"));
        }
      };
    }
  }