diff --git a/extensions/reactive-datasource/runtime/src/main/java/io/quarkus/reactive/datasource/runtime/DataSourceReactiveRuntimeConfig.java b/extensions/reactive-datasource/runtime/src/main/java/io/quarkus/reactive/datasource/runtime/DataSourceReactiveRuntimeConfig.java
index d32debf3cc083..900314498daa3 100644
--- a/extensions/reactive-datasource/runtime/src/main/java/io/quarkus/reactive/datasource/runtime/DataSourceReactiveRuntimeConfig.java
+++ b/extensions/reactive-datasource/runtime/src/main/java/io/quarkus/reactive/datasource/runtime/DataSourceReactiveRuntimeConfig.java
@@ -6,6 +6,10 @@
import io.quarkus.runtime.annotations.ConfigItem;
import io.quarkus.runtime.annotations.ConfigPhase;
import io.quarkus.runtime.annotations.ConfigRoot;
+import io.quarkus.vertx.core.runtime.config.JksConfiguration;
+import io.quarkus.vertx.core.runtime.config.PemKeyCertConfiguration;
+import io.quarkus.vertx.core.runtime.config.PemTrustCertConfiguration;
+import io.quarkus.vertx.core.runtime.config.PfxConfiguration;
/**
* For now, the reactive extensions only support a default datasource.
@@ -24,4 +28,58 @@ public class DataSourceReactiveRuntimeConfig {
*/
@ConfigItem
public OptionalInt maxSize;
+
+ /**
+ * Whether all server certificates should be trusted.
+ */
+ @ConfigItem(defaultValue = "false")
+ public boolean trustAll;
+
+ /**
+ * Trust configuration in the PEM format.
+ *
+ * When enabled, {@link #trustCertificateJks} and {@link #trustCertificatePfx} must be disabled.
+ */
+ @ConfigItem
+ public PemTrustCertConfiguration trustCertificatePem;
+
+ /**
+ * Trust configuration in the JKS format.
+ *
+ * When enabled, {@link #trustCertificatePem} and {@link #trustCertificatePfx} must be disabled.
+ */
+ @ConfigItem
+ public JksConfiguration trustCertificateJks;
+
+ /**
+ * Trust configuration in the PFX format.
+ *
+ * When enabled, {@link #trustCertificateJks} and {@link #trustCertificatePem} must be disabled.
+ */
+ @ConfigItem
+ public PfxConfiguration trustCertificatePfx;
+
+ /**
+ * Key/cert configuration in the PEM format.
+ *
+ * When enabled, {@link #keyCertificateJks} and {@link #keyCertificatePfx} must be disabled.
+ */
+ @ConfigItem
+ public PemKeyCertConfiguration keyCertificatePem;
+
+ /**
+ * Key/cert configuration in the JKS format.
+ *
+ * When enabled, {@link #keyCertificatePem} and {@link #keyCertificatePfx} must be disabled.
+ */
+ @ConfigItem
+ public JksConfiguration keyCertificateJks;
+
+ /**
+ * Key/cert configuration in the PFX format.
+ *
+ * When enabled, {@link #keyCertificateJks} and {@link #keyCertificatePem} must be disabled.
+ */
+ @ConfigItem
+ public PfxConfiguration keyCertificatePfx;
}
diff --git a/extensions/reactive-mysql-client/deployment/src/main/java/io/quarkus/reactive/mysql/client/deployment/ReactiveMySQLClientProcessor.java b/extensions/reactive-mysql-client/deployment/src/main/java/io/quarkus/reactive/mysql/client/deployment/ReactiveMySQLClientProcessor.java
index 4ca7cfc810df4..473fb56c18519 100644
--- a/extensions/reactive-mysql-client/deployment/src/main/java/io/quarkus/reactive/mysql/client/deployment/ReactiveMySQLClientProcessor.java
+++ b/extensions/reactive-mysql-client/deployment/src/main/java/io/quarkus/reactive/mysql/client/deployment/ReactiveMySQLClientProcessor.java
@@ -11,6 +11,7 @@
import io.quarkus.deployment.annotations.BuildStep;
import io.quarkus.deployment.annotations.ExecutionTime;
import io.quarkus.deployment.annotations.Record;
+import io.quarkus.deployment.builditem.ExtensionSslNativeSupportBuildItem;
import io.quarkus.deployment.builditem.FeatureBuildItem;
import io.quarkus.deployment.builditem.ServiceStartBuildItem;
import io.quarkus.deployment.builditem.ShutdownContextBuildItem;
@@ -42,6 +43,7 @@ ServiceStartBuildItem build(BuildProducer feature,
MySQLPoolRecorder recorder,
VertxBuildItem vertx,
BeanContainerBuildItem beanContainer, ShutdownContextBuildItem shutdown,
+ BuildProducer sslNativeSupport,
DataSourcesBuildTimeConfig dataSourcesBuildTimeConfig, DataSourcesRuntimeConfig dataSourcesRuntimeConfig,
DataSourceReactiveBuildTimeConfig dataSourceReactiveBuildTimeConfig,
DataSourceReactiveRuntimeConfig dataSourceReactiveRuntimeConfig,
@@ -72,6 +74,9 @@ ServiceStartBuildItem build(BuildProducer feature,
boolean isDefault = true; // assume always the default pool for now
vertxPool.produce(new VertxPoolBuildItem(mySqlPool, DatabaseKind.MYSQL, isDefault));
+ // Enable SSL support by default
+ sslNativeSupport.produce(new ExtensionSslNativeSupportBuildItem(Feature.REACTIVE_MYSQL_CLIENT));
+
return serviceStart;
}
diff --git a/extensions/reactive-mysql-client/runtime/src/main/java/io/quarkus/reactive/mysql/client/runtime/DataSourceReactiveMySQLConfig.java b/extensions/reactive-mysql-client/runtime/src/main/java/io/quarkus/reactive/mysql/client/runtime/DataSourceReactiveMySQLConfig.java
index e59d6dc629f38..6f3bd3688a311 100644
--- a/extensions/reactive-mysql-client/runtime/src/main/java/io/quarkus/reactive/mysql/client/runtime/DataSourceReactiveMySQLConfig.java
+++ b/extensions/reactive-mysql-client/runtime/src/main/java/io/quarkus/reactive/mysql/client/runtime/DataSourceReactiveMySQLConfig.java
@@ -5,6 +5,7 @@
import io.quarkus.runtime.annotations.ConfigItem;
import io.quarkus.runtime.annotations.ConfigPhase;
import io.quarkus.runtime.annotations.ConfigRoot;
+import io.vertx.mysqlclient.SslMode;
@ConfigRoot(name = "datasource.reactive.mysql", phase = ConfigPhase.RUN_TIME)
public class DataSourceReactiveMySQLConfig {
@@ -26,4 +27,13 @@ public class DataSourceReactiveMySQLConfig {
*/
@ConfigItem
public Optional collation;
+
+ /**
+ * Desired security state of the connection to the server.
+ *
+ * See MySQL Reference
+ * Manual.
+ */
+ @ConfigItem(defaultValueDocumentation = "disabled")
+ public Optional sslMode;
}
diff --git a/extensions/reactive-mysql-client/runtime/src/main/java/io/quarkus/reactive/mysql/client/runtime/MySQLPoolRecorder.java b/extensions/reactive-mysql-client/runtime/src/main/java/io/quarkus/reactive/mysql/client/runtime/MySQLPoolRecorder.java
index 4cebcf047df15..d0926fda274e6 100644
--- a/extensions/reactive-mysql-client/runtime/src/main/java/io/quarkus/reactive/mysql/client/runtime/MySQLPoolRecorder.java
+++ b/extensions/reactive-mysql-client/runtime/src/main/java/io/quarkus/reactive/mysql/client/runtime/MySQLPoolRecorder.java
@@ -2,6 +2,12 @@
import static io.quarkus.credentials.CredentialsProvider.PASSWORD_PROPERTY_NAME;
import static io.quarkus.credentials.CredentialsProvider.USER_PROPERTY_NAME;
+import static io.quarkus.vertx.core.runtime.SSLConfigHelper.configureJksKeyCertOptions;
+import static io.quarkus.vertx.core.runtime.SSLConfigHelper.configureJksTrustOptions;
+import static io.quarkus.vertx.core.runtime.SSLConfigHelper.configurePemKeyCertOptions;
+import static io.quarkus.vertx.core.runtime.SSLConfigHelper.configurePemTrustOptions;
+import static io.quarkus.vertx.core.runtime.SSLConfigHelper.configurePfxKeyCertOptions;
+import static io.quarkus.vertx.core.runtime.SSLConfigHelper.configurePfxTrustOptions;
import java.util.Map;
@@ -122,6 +128,20 @@ private MySQLConnectOptions toMySQLConnectOptions(DataSourceRuntimeConfig dataSo
mysqlConnectOptions.setCollation(dataSourceReactiveMySQLConfig.collation.get());
}
+ if (dataSourceReactiveMySQLConfig.sslMode.isPresent()) {
+ mysqlConnectOptions.setSslMode(dataSourceReactiveMySQLConfig.sslMode.get());
+ }
+
+ mysqlConnectOptions.setTrustAll(dataSourceReactiveRuntimeConfig.trustAll);
+
+ configurePemTrustOptions(mysqlConnectOptions, dataSourceReactiveRuntimeConfig.trustCertificatePem);
+ configureJksTrustOptions(mysqlConnectOptions, dataSourceReactiveRuntimeConfig.trustCertificateJks);
+ configurePfxTrustOptions(mysqlConnectOptions, dataSourceReactiveRuntimeConfig.trustCertificatePfx);
+
+ configurePemKeyCertOptions(mysqlConnectOptions, dataSourceReactiveRuntimeConfig.keyCertificatePem);
+ configureJksKeyCertOptions(mysqlConnectOptions, dataSourceReactiveRuntimeConfig.keyCertificateJks);
+ configurePfxKeyCertOptions(mysqlConnectOptions, dataSourceReactiveRuntimeConfig.keyCertificatePfx);
+
return mysqlConnectOptions;
}
diff --git a/extensions/reactive-pg-client/runtime/src/main/java/io/quarkus/reactive/pg/client/runtime/DataSourceReactivePostgreSQLConfig.java b/extensions/reactive-pg-client/runtime/src/main/java/io/quarkus/reactive/pg/client/runtime/DataSourceReactivePostgreSQLConfig.java
index 05537f39dd971..a1748ff6ec047 100644
--- a/extensions/reactive-pg-client/runtime/src/main/java/io/quarkus/reactive/pg/client/runtime/DataSourceReactivePostgreSQLConfig.java
+++ b/extensions/reactive-pg-client/runtime/src/main/java/io/quarkus/reactive/pg/client/runtime/DataSourceReactivePostgreSQLConfig.java
@@ -6,10 +6,6 @@
import io.quarkus.runtime.annotations.ConfigItem;
import io.quarkus.runtime.annotations.ConfigPhase;
import io.quarkus.runtime.annotations.ConfigRoot;
-import io.quarkus.vertx.core.runtime.config.JksConfiguration;
-import io.quarkus.vertx.core.runtime.config.PemKeyCertConfiguration;
-import io.quarkus.vertx.core.runtime.config.PemTrustCertConfiguration;
-import io.quarkus.vertx.core.runtime.config.PfxConfiguration;
import io.vertx.pgclient.SslMode;
@ConfigRoot(name = "datasource.reactive.postgresql", phase = ConfigPhase.RUN_TIME)
@@ -35,52 +31,4 @@ public class DataSourceReactivePostgreSQLConfig {
*/
@ConfigItem(defaultValueDocumentation = "disable")
public Optional sslMode;
-
- /**
- * Trust configuration in the PEM format.
- *
- * When enabled, {@link #trustCertificateJks} and {@link #trustCertificatePfx} must be disabled.
- */
- @ConfigItem
- public PemTrustCertConfiguration trustCertificatePem;
-
- /**
- * Trust configuration in the JKS format.
- *
- * When enabled, {@link #trustCertificatePem} and {@link #trustCertificatePfx} must be disabled.
- */
- @ConfigItem
- public JksConfiguration trustCertificateJks;
-
- /**
- * Trust configuration in the PFX format.
- *
- * When enabled, {@link #trustCertificateJks} and {@link #trustCertificatePem} must be disabled.
- */
- @ConfigItem
- public PfxConfiguration trustCertificatePfx;
-
- /**
- * Key/cert configuration in the PEM format.
- *
- * When enabled, {@link #keyCertificateJks} and {@link #keyCertificatePfx} must be disabled.
- */
- @ConfigItem
- public PemKeyCertConfiguration keyCertificatePem;
-
- /**
- * Key/cert configuration in the JKS format.
- *
- * When enabled, {@link #keyCertificatePem} and {@link #keyCertificatePfx} must be disabled.
- */
- @ConfigItem
- public JksConfiguration keyCertificateJks;
-
- /**
- * Key/cert configuration in the PFX format.
- *
- * When enabled, {@link #keyCertificateJks} and {@link #keyCertificatePem} must be disabled.
- */
- @ConfigItem
- public PfxConfiguration keyCertificatePfx;
}
diff --git a/extensions/reactive-pg-client/runtime/src/main/java/io/quarkus/reactive/pg/client/runtime/PgPoolRecorder.java b/extensions/reactive-pg-client/runtime/src/main/java/io/quarkus/reactive/pg/client/runtime/PgPoolRecorder.java
index 2500c97dc06c6..b6adc5c95c24d 100644
--- a/extensions/reactive-pg-client/runtime/src/main/java/io/quarkus/reactive/pg/client/runtime/PgPoolRecorder.java
+++ b/extensions/reactive-pg-client/runtime/src/main/java/io/quarkus/reactive/pg/client/runtime/PgPoolRecorder.java
@@ -131,13 +131,15 @@ private PgConnectOptions toPgConnectOptions(DataSourceRuntimeConfig dataSourceRu
pgConnectOptions.setSslMode(dataSourceReactivePostgreSQLConfig.sslMode.get());
}
- configurePemTrustOptions(pgConnectOptions, dataSourceReactivePostgreSQLConfig.trustCertificatePem);
- configureJksTrustOptions(pgConnectOptions, dataSourceReactivePostgreSQLConfig.trustCertificateJks);
- configurePfxTrustOptions(pgConnectOptions, dataSourceReactivePostgreSQLConfig.trustCertificatePfx);
+ pgConnectOptions.setTrustAll(dataSourceReactiveRuntimeConfig.trustAll);
- configurePemKeyCertOptions(pgConnectOptions, dataSourceReactivePostgreSQLConfig.keyCertificatePem);
- configureJksKeyCertOptions(pgConnectOptions, dataSourceReactivePostgreSQLConfig.keyCertificateJks);
- configurePfxKeyCertOptions(pgConnectOptions, dataSourceReactivePostgreSQLConfig.keyCertificatePfx);
+ configurePemTrustOptions(pgConnectOptions, dataSourceReactiveRuntimeConfig.trustCertificatePem);
+ configureJksTrustOptions(pgConnectOptions, dataSourceReactiveRuntimeConfig.trustCertificateJks);
+ configurePfxTrustOptions(pgConnectOptions, dataSourceReactiveRuntimeConfig.trustCertificatePfx);
+
+ configurePemKeyCertOptions(pgConnectOptions, dataSourceReactiveRuntimeConfig.keyCertificatePem);
+ configureJksKeyCertOptions(pgConnectOptions, dataSourceReactiveRuntimeConfig.keyCertificateJks);
+ configurePfxKeyCertOptions(pgConnectOptions, dataSourceReactiveRuntimeConfig.keyCertificatePfx);
return pgConnectOptions;
}