密鑰庫加載

我想知道什麼是在下面的Java中的等價物：密鑰庫加載

-Djavax.net.ssl.trustStore=keystore.jks -Djavax.net.ssl.keyStore=keystore.jks 
-Djavax.net.debug=ssl -Djavax.net.ssl.keyStorePassword=test JavaFile

我想，否則加載密鑰庫比發送它作爲命令行參數。我一直在與：

private TcpLink createSSL() { 
     KeyStore keyStore = null; 
     TrustManagerFactory tmf = null; 
     SSLContext ctx = null; 
     SSLSocket socket = null; 
     TcpLink smscLink = null; 

     try { 
      keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); 
      LOGGER.info("Got keystore"); 
      keyStore.load(new FileInputStream("/root/keystore.jks"), "test".toCharArray()); 
      LOGGER.info("Loaded keystore"); 
      tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); 
      tmf.init(keyStore); 
      LOGGER.info("Inited keystore"); 
      ctx = SSLContext.getInstance("TLSv1"); 
      ctx.init(null, tmf.getTrustManagers(), null); 
      SSLSocketFactory factory = ctx.getSocketFactory(); 
      socket = (SSLSocket)factory.createSocket("100.100.201.189", 8807); 
      LOGGER.info("Got socket"); 
      smscLink = new TcpLink(socket); 

      return smscLink; 

     } catch (KeyStoreException e) { 
      LOGGER.error("Key store exception : " + e); 
     } catch (NoSuchAlgorithmException e) { 
      LOGGER.error("NoSuchAlgorithmException : " + e); 
     } catch (CertificateException e) { 
      LOGGER.error("CertificateException : " + e); 
     } catch (FileNotFoundException e) { 
      LOGGER.error("FileNotFoundException : " + e); 
     } catch (IOException e) { 
      LOGGER.error("FileNotFoundException : " + e); 
     } catch (KeyManagementException e) { 
      LOGGER.error("KeyManagementException : " + e); 
     } catch (Exception e) { 
      LOGGER.error("Exception : " + e); 
     } 
     return null; 
    }

，但我得到：

javax.net.ssl.SSLException: Connection has been shutdown: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure 
     at com.sun.net.ssl.internal.ssl.SSLSocketImpl.checkEOF(SSLSocketImpl.java:1293) 
     at com.sun.net.ssl.internal.ssl.AppInputStream.read(AppInputStream.java:65) 
     at java.io.BufferedInputStream.fill(BufferedInputStream.java:218)

任何想法，歡迎！

THX

來源

2013-01-25 Sergiu

您可以設置系統屬性是這樣的：

System.setProperty("javax.net.ssl.keyStore", '/path/to/keystore.jks'); 
System.setProperty("javax.net.ssl.keyStorePassword", 'your-password-here');

它們將被用於全系統的（在JVM的這種情況下），所以也許你想在初始化時間去做。

來源

2013-01-25 13:46:39 gaborsch

入門產生的原因：sun.security.validator.ValidatorException：PKIX路徑建設失敗：sun.security.provider.certpath.SunCertPathBuilderException：無法找到在sun.security.validator.PKIXValidator.doBuild（PKIXValidator.java:323）有效的認證路徑要求的目標在sun.security.validator.PKIXValidator.engineValidate（PKIXValidator.java:217）這些變化 – Sergiu

我真的使用Linux，btw – Sergiu

@Sergiu這是由*信任庫引起的問題。您的信任庫不信任服務器證書。 – EJP

它可以使用這段代碼：

KeyManagerFactory kmf = 
    KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); 
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); 
keyStore.load(this.getCertificateContent(), "test".toCharArray()); 
kmf.init(keyStore, "test".toCharArray()); 

TrustManagerFactory tmf = 
    TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); 
tmf.init(keyStore); 
SSLContext ctx = SSLContext.getInstance("TLSv1"); 
ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null); 
SSLSocketFactory factory = ctx.getSocketFactory(); 
socket = (SSLSocket)factory.createSocket("100.125.100.1", 8775);

來源

2013-02-04 07:30:10 Sergiu

在你的案例中使用密鑰庫沒有意義，只需使用'ctx.init（null，tmf.getTrustManagers（），null）'。 – Bruno

-2

如果你想，下面是創建的SSLSocket和SSLServerSocket easyly的API：

https://github.com/gpotter2/SSLKeystoreFactories

它不需要任何其他jar文件。 ...只是得到的文件，並使用它們：

SSLSocket s = SSLSocketKeystoreFactory.getSocketWithCert(ip, port, Main.class.getResourceAsStream("/mykey.jks"), "password")

或者：

SSLServerSocket s = SSLServerSocketKeystoreFactory.getSocketWithCert(port, Main.class.getResourceAsStream("/mykey.jks"), "password")

這是非常容易使用:)

來源

2015-07-23 13:14:48 mike345

回答

相關問題