如何以編程方式創建私鑰並在SSL套接字中使用它?服務器存貨的關鍵代碼
我把一個註釋的異常下面,我試圖將密鑰添加到密鑰存儲區,但我沒有證書鏈。
KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");
keyGen.initialize(1024, new SecureRandom());
KeyPair keypair = keyGen.generateKeyPair();
System.setProperty("javax.net.ssl.keyStore", System.getProperty("user.home")
+ File.separator +
+ "/keystore.jks");
System.setProperty("javax.net.ssl.keyStorePassword", "xyz");
KeyManagerFactory keyManagerFactory = KeyManagerFactory
.getInstance("SunX509");
KeyStore keyStore = KeyStore.getInstance("JKS");
keyStore.load(null, "xyz".toCharArray());
//setKeyEntry parameter 3 can not be null:
//IllegalArgumentException: Private key must be accompanied by certificate chain
keyStore.setKeyEntry("alias", keypair.getPrivate(),
"xyz".toCharArray(), null);
keyManagerFactory.init(keyStore, "xyz".toCharArray());
// keyStore.load
SSLContext context = SSLContext.getInstance("TLS");// "SSLv3"
context.init(keyManagerFactory.getKeyManagers(), null,
new SecureRandom());
ServerSocketFactory socketFactory = context.getServerSocketFactory();
ServerSocket ssocket = socketFactory.createServerSocket(1443);
Socket socket = ssocket.accept();
問題是什麼? – 2012-07-25 20:15:48
我幾乎把它(keyStore.setKeyEntry( 「別名」,keypair.getPrivate(), \t \t \t \t 「XYZ」 .toCharArray(),NULL)),但是,最後一個參數是必需的證書鏈,但我不沒有證書鏈。 ...我不想額外的JAR,但我可能必須包含bouncycastle才能做到這一點:http://blog.thilinamb.com/2010/01/how-to-generate-self-signed.html – jcalfee314 2012-07-25 20:53:50
HI Alen,問題是:如何以編程方式創建私鑰並將其用於SSL套接字? – jcalfee314 2012-07-25 20:57:33