package org.zowe.apiml.product.web;

import java.lang.reflect.Field;
import java.util.Arrays;
import java.util.Set;
import org.apache.catalina.connector.Connector;
import org.apache.tomcat.util.net.SSLHostConfig;
import org.apache.tomcat.util.net.SSLHostConfigCertificate;
import org.springframework.boot.web.embedded.tomcat.TomcatConnectorCustomizer;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:BOOT-INF/lib/apiml-tomcat-common-3.0.21.jar:org/zowe/apiml/product/web/TomcatDefaultCertificate.class */
public class TomcatDefaultCertificate implements TomcatConnectorCustomizer {
    private void fixDefaultCertificate(SSLHostConfig sSLHostConfig) {
        Set<SSLHostConfigCertificate> certificates = sSLHostConfig.getCertificates();
        if (certificates.isEmpty()) {
            return;
        }
        try {
            Field declaredField = sSLHostConfig.getClass().getDeclaredField("defaultCertificate");
            declaredField.setAccessible(true);
            if (declaredField.get(sSLHostConfig) == null) {
                declaredField.set(sSLHostConfig, certificates.iterator().next());
            }
        } catch (IllegalAccessException | NoSuchFieldException e) {
            throw new IllegalStateException("Cannot update Tomcat SSL context", e);
        }
    }

    @Override // org.springframework.boot.web.embedded.tomcat.TomcatConnectorCustomizer
    public void customize(Connector connector) {
        Arrays.stream(connector.findSslHostConfigs()).forEach(this::fixDefaultCertificate);
    }
}
