diff --git a/java/server/src/org/openqa/selenium/grid/server/BaseServerFlags.java b/java/server/src/org/openqa/selenium/grid/server/BaseServerFlags.java index 8102c9e0f7b35..ca5c3cea041d6 100644 --- a/java/server/src/org/openqa/selenium/grid/server/BaseServerFlags.java +++ b/java/server/src/org/openqa/selenium/grid/server/BaseServerFlags.java @@ -61,6 +61,10 @@ public class BaseServerFlags { @ConfigValue(section = "server", name = "https-certificate") private String httpsCertificate; + @Parameter(description = "Use a self-signed certificate for HTTPS communication", names = "--self-signed-https", hidden = true) + @ConfigValue(section = "server", name = "https-self-signed") + private boolean isSelfSigned = false; + public BaseServerFlags(int defaultPort) { this.port = defaultPort; } diff --git a/java/server/src/org/openqa/selenium/grid/server/BaseServerOptions.java b/java/server/src/org/openqa/selenium/grid/server/BaseServerOptions.java index 460f507aa186c..4364f0038e544 100644 --- a/java/server/src/org/openqa/selenium/grid/server/BaseServerOptions.java +++ b/java/server/src/org/openqa/selenium/grid/server/BaseServerOptions.java @@ -117,4 +117,8 @@ public File getCertificate() { } throw new ConfigException("you must provide a certificate via --https-certificate when using --https"); } + + public boolean isSelfSigned() { + return config.getBool("server", "https-self-signed").orElse(false); + } } diff --git a/java/server/src/org/openqa/selenium/netty/server/NettyServer.java b/java/server/src/org/openqa/selenium/netty/server/NettyServer.java index 56db4dedc891c..bfa0a85448e83 100644 --- a/java/server/src/org/openqa/selenium/netty/server/NettyServer.java +++ b/java/server/src/org/openqa/selenium/netty/server/NettyServer.java @@ -27,6 +27,7 @@ import io.netty.handler.logging.LoggingHandler; import io.netty.handler.ssl.SslContext; import io.netty.handler.ssl.SslContextBuilder; +import io.netty.handler.ssl.util.SelfSignedCertificate; import org.openqa.selenium.grid.server.AddWebDriverSpecHeaders; import org.openqa.selenium.grid.server.BaseServerOptions; import org.openqa.selenium.grid.server.Server; @@ -38,6 +39,7 @@ import java.net.MalformedURLException; import javax.net.ssl.SSLException; import java.net.URL; +import java.security.cert.CertificateException; import java.util.Objects; public class NettyServer implements Server { @@ -63,7 +65,14 @@ public NettyServer(BaseServerOptions options, HttpHandler handler) { } catch (SSLException e) { throw new UncheckedIOException(new IOException("Certificate problem.", e)); } - + } else if (options.isSelfSigned()) { + try { + SelfSignedCertificate cert = new SelfSignedCertificate(); + sslCtx = SslContextBuilder.forServer(cert.certificate(), cert.privateKey()) + .build(); + } catch (CertificateException | SSLException e) { + throw new UncheckedIOException(new IOException("Self-signed certificate problem.", e)); + } } else { sslCtx = null; }