import io.netty.channel.Channel;
import io.netty.channel.ChannelInitializer;
import io.netty.handler.ssl.SslContext;
import io.netty.handler.ssl.SslHandler;
import javax.net.ssl.SSLEngine;
public class SslChannelInitializer extends ChannelInitializer<Channel> {
private final SslContext context;
private final boolean startTls;
// context:传入要使用的SslContext
// startTls:如果设置为true,第一个写入的消息将不会被加密(客户端应该设置为true)
public SslChannelInitializer(SslContext context,boolean startTls) {
this.context = context;
this.startTls = startTls;
}
@Override
protected void initChannel(Channel ch) throws Exception {
//对于每个SslHandler 实例,都使用Channel 的ByteBufAllocator 从SslContext 获取一个新的SSLEngine
SSLEngine engine = context.newEngine(ch.alloc());
//将SslHandler作为第一个ChannelHandler添加到ChannelPipeline 中
ch.pipeline().addFirst("ssl",new SslHandler(engine, startTls));
}
}