diff --git a/handler/pom.xml b/handler/pom.xml
index 978aa2f..1b8ef3a 100644
--- a/handler/pom.xml
+++ b/handler/pom.xml
@@ -51,11 +51,6 @@
true
- org.bouncycastle
- bcpkix-jdk15on
- true
-
-
org.eclipse.jetty.npn
npn-api
true
diff --git a/handler/src/main/java/io/netty/handler/ssl/util/BouncyCastleSelfSignedCertGenerator.java b/handler/src/main/java/io/netty/handler/ssl/util/BouncyCastleSelfSignedCertGenerator.java
deleted file mode 100644
index 88a7c9d..0000000
--- a/handler/src/main/java/io/netty/handler/ssl/util/BouncyCastleSelfSignedCertGenerator.java
+++ /dev/null
@@ -1,61 +0,0 @@
-/*
- * Copyright 2014 The Netty Project
- *
- * The Netty Project licenses this file to you under the Apache License,
- * version 2.0 (the "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at:
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
- * License for the specific language governing permissions and limitations
- * under the License.
- */
-
-package io.netty.handler.ssl.util;
-
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.cert.X509v3CertificateBuilder;
-import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
-import org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.operator.ContentSigner;
-import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
-
-import java.math.BigInteger;
-import java.security.KeyPair;
-import java.security.PrivateKey;
-import java.security.Provider;
-import java.security.SecureRandom;
-import java.security.cert.X509Certificate;
-
-import static io.netty.handler.ssl.util.SelfSignedCertificate.*;
-
-/**
- * Generates a self-signed certificate using Bouncy Castle.
- */
-final class BouncyCastleSelfSignedCertGenerator {
-
- private static final Provider PROVIDER = new BouncyCastleProvider();
-
- static String[] generate(String fqdn, KeyPair keypair, SecureRandom random) throws Exception {
- PrivateKey key = keypair.getPrivate();
-
- // Prepare the information required for generating an X.509 certificate.
- X500Name owner = new X500Name("CN=" + fqdn);
- X509v3CertificateBuilder builder = new JcaX509v3CertificateBuilder(
- owner, new BigInteger(64, random), NOT_BEFORE, NOT_AFTER, owner, keypair.getPublic());
-
- ContentSigner signer = new JcaContentSignerBuilder("SHA256WithRSAEncryption").build(key);
- X509CertificateHolder certHolder = builder.build(signer);
- X509Certificate cert = new JcaX509CertificateConverter().setProvider(PROVIDER).getCertificate(certHolder);
- cert.verify(keypair.getPublic());
-
- return newSelfSignedCertificate(fqdn, key, cert);
- }
-
- private BouncyCastleSelfSignedCertGenerator() { }
-}
diff --git a/handler/src/main/java/io/netty/handler/ssl/util/SelfSignedCertificate.java b/handler/src/main/java/io/netty/handler/ssl/util/SelfSignedCertificate.java
index 54257a7..074764f 100644
--- a/handler/src/main/java/io/netty/handler/ssl/util/SelfSignedCertificate.java
+++ b/handler/src/main/java/io/netty/handler/ssl/util/SelfSignedCertificate.java
@@ -48,8 +48,7 @@ import java.util.Date;
* {@link java.io.File#createTempFile(String, String)}, and they are deleted when the JVM exits using
* {@link java.io.File#deleteOnExit()}.
*
- * At first, this method tries to use OpenJDK's X.509 implementation (the {@code sun.security.x509} package).
- * If it fails, it tries to use Bouncy Castle as a fallback.
+ * This method tries to use OpenJDK's X.509 implementation (the {@code sun.security.x509} package).
*
*/
public final class SelfSignedCertificate {
@@ -107,15 +106,9 @@ public final class SelfSignedCertificate {
paths = OpenJdkSelfSignedCertGenerator.generate(fqdn, keypair, random);
} catch (Throwable t) {
logger.debug("Failed to generate a self-signed X.509 certificate using sun.security.x509:", t);
- try {
- // Try Bouncy Castle if the current JVM didn't have sun.security.x509.
- paths = BouncyCastleSelfSignedCertGenerator.generate(fqdn, keypair, random);
- } catch (Throwable t2) {
- logger.debug("Failed to generate a self-signed X.509 certificate using Bouncy Castle:", t2);
- throw new CertificateException(
- "No provider succeeded to generate a self-signed certificate. " +
- "See debug log for the root cause.");
- }
+ throw new CertificateException(
+ "No provider succeeded to generate a self-signed certificate. " +
+ "See debug log for the root cause.");
}
certificate = new File(paths[0]);
diff --git a/pom.xml b/pom.xml
index b68f446..4a5cbd4 100644
--- a/pom.xml
+++ b/pom.xml
@@ -677,19 +677,6 @@
true
-
-
- org.bouncycastle
- bcpkix-jdk15on
- 1.50
- compile
- true
-
-
com.jcraft
jzlib