Update HttpContactPointBootstrap.scala

pjfanning · pjfanning · commit 199650ba6c37 · 2025-11-18T01:00:55.000+01:00
diff --git a/management-cluster-bootstrap/src/main/scala/org/apache/pekko/management/cluster/bootstrap/internal/HttpContactPointBootstrap.scala b/management-cluster-bootstrap/src/main/scala/org/apache/pekko/management/cluster/bootstrap/internal/HttpContactPointBootstrap.scala
@@ -62,6 +62,26 @@ private[bootstrap] object HttpContactPointBootstrap {
 
   private case object ProbeTick extends DeadLetterSuppression
   private val ProbingTimerKey = "probing-key"
+
+  def generateSSLContext(settings: ClusterBootstrapSettings): SSLContext = {
+    val factory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm)
+    val keyStore = KeyStore.getInstance("PKCS12")
+    keyStore.load(null)
+    factory.init(keyStore, Array.empty)
+    val km: Array[KeyManager] = factory.getKeyManagers
+    val caPath = settings.contactPoint.httpClient.caPath.trim
+    val tm: Array[TrustManager] = if (caPath.isEmpty) {
+      Array.empty
+    } else {
+      val certificates = PemManagersProvider.loadCertificates(caPath)
+      PemManagersProvider.buildTrustManagers(certificates)
+    }
+    val tlsVersion = settings.contactPoint.httpClient.tlsVersion.trim
+    val random: SecureRandom = new SecureRandom
+    val sslContext = SSLContext.getInstance(tlsVersion)
+    sslContext.init(km, tm, random)
+    sslContext
+  }
 }
 
 /**
@@ -95,28 +115,8 @@ private[bootstrap] class HttpContactPointBootstrap(
 
   private implicit val sys: ActorSystem = context.system
 
-  private lazy val sslContext = {
-    val factory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm)
-    val keyStore = KeyStore.getInstance("PKCS12")
-    keyStore.load(null)
-    factory.init(keyStore, Array.empty)
-    val km: Array[KeyManager] = factory.getKeyManagers
-    val caPath = settings.contactPoint.httpClient.caPath.trim
-    val tm: Array[TrustManager] = if (caPath.isEmpty) {
-      Array.empty
-    } else {
-      val certificates = PemManagersProvider.loadCertificates(caPath)
-      PemManagersProvider.buildTrustManagers(certificates)
-    }
-    val tlsVersion = settings.contactPoint.httpClient.tlsVersion.trim
-    val random: SecureRandom = new SecureRandom
-    val sslContext = SSLContext.getInstance(tlsVersion)
-    sslContext.init(km, tm, random)
-    sslContext
-  }
-
   private lazy val clientSslContext: HttpsConnectionContext =
-    ConnectionContext.httpsClient(sslContext)
+    ConnectionContext.httpsClient(HttpContactPointBootstrap.generateSSLContext(settings))
 
   private val http = Http()
 
