Added a default keystore for ssl encryption of the YaCy web interface.

This will enable https-access to YaCy, but this feature is disabled by
default using the new server.https=false attribute. This has two
purposes:
- make it easier for everyone to use https (just set server.https=true)
- provide the basis for secure yacy-to-yacy communication in the future

defaults/yacy.init

@@ -60,11 +60,16 @@ bindPort =
 #    If the property keyStore is not specified, then a new keystore file 
 #    DATA/SETTINGS/myPeerKeystore will be created.
 
-keyStore =
-keyStorePassword =
+keyStore=defaults/freeworldKeystore
+keyStorePassword=freeworld
 pkcs12ImportFile = 
 pkcs12ImportPwd = 
 
+# the keyStore is only used, if server.https is set to true
+# if server.https=true, then the YaCy web interface is available at
+# https://localhost:<port>/ and not at http://localhost:<port>/
+server.https=false
+
 # property that collects the names of all servlets that had been used so far
 # that is used to track if the user has already done some configuration steps
 # if the used missed configuration steps that should be done, then a help system

htroot/Status.java

@@ -194,7 +194,7 @@ public class Status
         prop.put("host", hostIP != null ? hostIP.getHostAddress() : "Unkown IP");
 
         // ssl support
-        prop.put("sslSupport", sb.getConfig("keyStore", "").isEmpty() ? "0" : "1");
+        prop.put("sslSupport", sb.getConfig("keyStore", "").isEmpty() || !sb.getConfigBool("server.https", false) ? 0 : 1);
 
         if ( sb.getConfigBool("remoteProxyUse", false) ) {
             prop.put("remoteProxy", "1");

source/net/yacy/server/serverCore.java

@@ -207,7 +207,7 @@ public final class serverCore extends AbstractBusyThread implements BusyThread {
     }
 
     public boolean withSSL() {
-        return this.sslSocketFactory != null;
+        return this.sslSocketFactory != null && this.switchboard.getConfigBool("server.https", false);
     }
 
     public synchronized void init() {
@@ -367,7 +367,7 @@ public final class serverCore extends AbstractBusyThread implements BusyThread {
                 controlSocket.setSoTimeout(this.timeout);
 
                 // wrap this socket
-                if (this.sslSocketFactory != null) {
+                if (withSSL()) {
                     controlSocket = new serverCoreSocket(controlSocket);
 
                     // if the current connection is SSL we need to do a handshake
@@ -994,10 +994,19 @@ public final class serverCore extends AbstractBusyThread implements BusyThread {
         String keyStoreFileName = this.switchboard.getConfig("keyStore", "").trim();
 
         // getting the keystore pwd
-        final String keyStorePwd = this.switchboard.getConfig("keyStorePassword", "").trim();
+        String keyStorePwd = this.switchboard.getConfig("keyStorePassword", "").trim();
 
         // take a look if we have something to import
         final String pkcs12ImportFile = this.switchboard.getConfig("pkcs12ImportFile", "").trim();
+        
+        // if no keyStore and no import is defined, then set the default key
+        if (keyStoreFileName.isEmpty() && keyStorePwd.isEmpty() && pkcs12ImportFile.isEmpty()) {
+            keyStoreFileName = "defaults/freeworldKeystore";
+            keyStorePwd = "freeworld";
+            this.switchboard.setConfig("keyStore", keyStoreFileName);
+            this.switchboard.setConfig("keyStorePassword", keyStorePwd);
+        }
+        
         if (pkcs12ImportFile.length() > 0) {
             this.log.logInfo("Import certificates from import file '" + pkcs12ImportFile + "'.");
 
@@ -1092,13 +1101,10 @@ public final class serverCore extends AbstractBusyThread implements BusyThread {
                        @Override
                     public void handshakeCompleted(
                           final HandshakeCompletedEvent event) {
-                          System.out.println("Handshake finished!");
-                          System.out.println(
-                          "\t CipherSuite:" + event.getCipherSuite());
-                          System.out.println(
-                          "\t SessionId " + event.getSession());
-                          System.out.println(
-                          "\t PeerHost " + event.getSession().getPeerHost());
+                          //System.out.println("Handshake finished!");
+                          //System.out.println("\t CipherSuite:" + event.getCipherSuite());
+                          //System.out.println("\t SessionId " + event.getSession());
+                          //System.out.println("\t PeerHost " + event.getSession().getPeerHost());
                        }
                     }
                  );