package net.bluemind.node.server;

import io.vertx.core.http.ClientAuth;
import io.vertx.core.http.HttpServerOptions;
import io.vertx.core.net.JksOptions;
import io.vertx.core.net.OpenSSLEngineOptions;
import java.io.File;
import java.util.Arrays;
import java.util.HashSet;
import net.bluemind.lib.vertx.RouteMatcher;

/* loaded from: input_file:net/bluemind/node/server/BlueMindSSLNode.class */
public class BlueMindSSLNode extends BlueMindNode {
    public static final File serverJks = new File("/etc/bm/bm.jks");
    public static final File trustClientCert = new File("/etc/bm/nodeclient_truststore.jks");

    @Override // net.bluemind.node.server.BlueMindNode
    protected int getPort() {
        return 8022;
    }

    @Override // net.bluemind.node.server.BlueMindNode
    protected void options(HttpServerOptions httpServerOptions) {
        httpServerOptions.setKeyStoreOptions(new JksOptions().setPath("/etc/bm/bm.jks").setPassword("bluemind"));
        httpServerOptions.setSsl(true);
        httpServerOptions.setEnabledSecureTransportProtocols(new HashSet(Arrays.asList("TLSv1.2", "TLSv1.3")));
        httpServerOptions.setTrustStoreOptions(new JksOptions().setPath("/etc/bm/nodeclient_truststore.jks").setPassword("password"));
        httpServerOptions.setClientAuth(ClientAuth.REQUIRED);
        httpServerOptions.setOpenSslEngineOptions(new OpenSSLEngineOptions());
        logger.info("Configured in secure mode");
    }

    @Override // net.bluemind.node.server.BlueMindNode
    protected void router(RouteMatcher routeMatcher) {
        routeMatcher.options("/ping", httpServerRequest -> {
            httpServerRequest.response().end();
        });
    }

    public static boolean canSSL() {
        return serverJks.exists() && trustClientCert.exists();
    }
}
