package org.apache.directory.server.ssl;

import java.io.FileInputStream;
import java.io.IOException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.Security;
import java.security.cert.CertificateException;
import javax.naming.NamingException;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import org.apache.directory.server.configuration.ServerStartupConfiguration;
import org.apache.directory.server.ssl.support.ServerX509TrustManager;
import org.apache.mina.common.DefaultIoFilterChainBuilder;
import org.apache.mina.common.IoFilterChainBuilder;
import org.apache.mina.filter.SSLFilter;

/* loaded from: input_file:org/apache/directory/server/ssl/LdapsInitializer.class */
public class LdapsInitializer {
    public static IoFilterChainBuilder init(ServerStartupConfiguration serverStartupConfiguration) throws NamingException {
        KeyStore loadKeyStore;
        char[] charArray = serverStartupConfiguration.getLdapsCertificatePassword().toCharArray();
        String path = serverStartupConfiguration.getLdapsCertificateFile().getPath();
        try {
            loadKeyStore = loadKeyStore(path, "PKCS12");
        } catch (Exception e) {
            try {
                loadKeyStore = loadKeyStore(path, "JKS");
            } catch (Exception e2) {
                throw new NamingException("Failed to load a certificate: " + path).initCause(e);
            }
        }
        try {
            String property = Security.getProperty("ssl.KeyManagerFactory.algorithm");
            if (property == null) {
                property = "SunX509";
            }
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(property);
            keyManagerFactory.init(loadKeyStore, charArray);
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(keyManagerFactory.getKeyManagers(), new TrustManager[]{new ServerX509TrustManager()}, new SecureRandom());
            DefaultIoFilterChainBuilder defaultIoFilterChainBuilder = new DefaultIoFilterChainBuilder();
            defaultIoFilterChainBuilder.addLast("SSL", new SSLFilter(sSLContext));
            return defaultIoFilterChainBuilder;
        } catch (Exception e3) {
            throw new NamingException("Failed to create a SSL context.").initCause(e3);
        }
    }

    private static KeyStore loadKeyStore(String str, String str2) throws KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException {
        FileInputStream fileInputStream = null;
        KeyStore keyStore = KeyStore.getInstance(str2);
        try {
            fileInputStream = new FileInputStream(str);
            keyStore.load(fileInputStream, null);
            if (fileInputStream != null) {
                try {
                    fileInputStream.close();
                } catch (IOException e) {
                }
            }
            return keyStore;
        } catch (Throwable th) {
            if (fileInputStream != null) {
                try {
                    fileInputStream.close();
                } catch (IOException e2) {
                }
            }
            throw th;
        }
    }
}
