1. 首頁
  2. 問答
  3. 安全灰熊HttpServer(HTTPS)

安全灰熊HttpServer(HTTPS)

2017-01-28 49 views
1

目前我有一個問題讓我的灰熊服務器運行HTTPS。我將它與澤西島結合使用。安全灰熊HttpServer(HTTPS)

灰熊的版本是:2.3.23

新澤西版本:2.24.1

這裏是我啓動服務器:

public class Main { 
public static final String BASE_URI = "https://localhost:8443/api/"; 
private static final String KEYSTORE_LOC = "I:\\rest-api\\keystore"; 
//private static final String KEYSTORE_LOC = "./server.cert"; 
private static final String KEYSTORE_PASS= "somepw123"; 

public static HttpServer startServer() { 

    final ResourceConfig rc = new ResourceConfig() 
      .register(MultiPartFeature.class) 
      .packages("com.restapi"); 


    SSLContextConfigurator sslCon = new SSLContextConfigurator(); 

    sslCon.setKeyStoreFile(KEYSTORE_LOC); 
    sslCon.setKeyStorePass(KEYSTORE_PASS); 

    return GrizzlyHttpServerFactory.createHttpServer(URI.create(BASE_URI), rc, true,new SSLEngineConfigurator(sslCon).setClientMode(false).setNeedClientAuth(false)); 
}

密鑰存儲文件使用keytool生成

keytool -genkey -keystore ./keystore -alias serverKey -dname

當我嘗試打開URL我的瀏覽器告訴我

本地主機意外關閉了連接

謝謝您的幫助!

來源

2017-01-28 Ferdoran

回答

1

通過添加信任庫文件也解決了這個問題。

代碼看起來像現在這樣:這些命令創建

public class Main { 
public static final String BASE_URI = "https://localhost:8443/api/"; 
private static final String KEYSTORE_LOC = "./keystore_server"; 
private static final String KEYSTORE_PASS= "keystorePass"; 

private static final String TRUSTSTORE_LOC = "./truststore_server"; 
private static final String TRUSTSTORE_PASS = "truststorePass"; 

private static HttpServer startServer() { 

    final ResourceConfig rc = new ResourceConfig() 
      .register(MultiPartFeature.class) 
      .packages("com.restapi"); 


    SSLContextConfigurator sslCon = new SSLContextConfigurator(); 

    sslCon.setKeyStoreFile(KEYSTORE_LOC); 
    sslCon.setKeyStorePass(KEYSTORE_PASS); 

    sslCon.setTrustStoreFile(TRUSTSTORE_LOC); 
    sslCon.setTrustStorePass(TRUSTSTORE_PASS); 

    return GrizzlyHttpServerFactory.createHttpServer(URI.create(BASE_URI), rc, true,new SSLEngineConfigurator(sslCon).setClientMode(false).setNeedClientAuth(false)); 
}

密鑰 - 和信任庫文件:

keytool -genkey -keyalg RSA -keystore ./keystore_client -alias clientKey 
keytool -export -alias clientKey -rfc -keystore ./keystore_client > ./client.cert 
keytool -import -alias clientCert -file ./client.cert -keystore ./truststore_server 

keytool -genkey -keyalg RSA -keystore ./keystore_server -alias serverKey 
keytool -export -alias serverKey -rfc -keystore ./keystore_server > ./server.cert 
keytool -import -alias serverCert -file ./server.cert -keystore ./truststore_client

來源

2017-01-29 02:06:28 Ferdoran

+0

的作品就像一個魅力。謝謝 – besil

相關問題

 相關問題