scope serverSocketFactory_botCompanyPlusAgiBlue_keyManager.

import javax.net.*;
import javax.net.ssl.*;

static SNIKeyManager #keyManager;

static KeyManager #makeKeyManager(S domain) {
}

static char[] #getPassphrase() {
  ret trim(loadSecretTextFileMandatory(#1013896, "keystore-pass")).toCharArray();
}

static SNIKeyManager #makeSNIKeyManager() {
  L<File> dirs = listDirsContainingFileNamed(javaxSecretDir(), "keystore.p12");
  KeyManager keyManager_botCompany = keyManagerFromKeyStore(javaxSecretDir("keystore.p12"), passphrase);
  KeyManager keyManager_agiBlue = keyManagerFromKeyStore(javaxSecretDir("agi.blue/keystore.p12"), passphrase);
  KeyManager keyManager_abotsSpace = keyManagerFromKeyStore(javaxSecretDir("abots.space/keystore.p12"), passphrase);
  KeyManager keyManager_stefansOSSite = keyManagerFromKeyStore(javaxSecretDir("stefans-os.site/keystore.p12"), passphrase);

  SNIKeyManager wrappedKeyManager = new(litorderedmap(
    "botcompany.de", pair(keyManager_botCompany, "botcompany.de"),
    "agi.blue", pair(keyManager_agiBlue, "agi.blue"),
    "abots.space", pair(keyManager_abotsSpace, "abots.space"),
    "stefans-os.site", pair(keyManager_stefansOSSite, "stefans-os.site"),
    "zttnn.me", pair(keyManagerFromKeyStore(javaxSecretDir("zttnn.me/keystore.p12"), passphrase), "zttnn.me")));
}

static SSLServerSocketFactory serverSocketFactory_botCompanyPlusAgiBlue() ctex {
  KeyStore trustKeyStore = keyStoreFromFile(javaxSecretDir("botcompany.de/keystore.p12"), getPassphrase());
  SNIKeyManager wrappedKeyManager = makeSNIKeyManager();
  keyManager = wrappedKeyManager;

  //wrappedKeyManager.verbose = true;
    
  TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
  trustManagerFactory.init(trustKeyStore);

  SSLContext ctx = SSLContext.getInstance("TLS");
  ctx.init(new KeyManager[] {wrappedKeyManager}, trustManagerFactory.getTrustManagers(), null);
  
  ret ctx.getServerSocketFactory();
}

end scope