问题描述
我想以编程方式为2个不同的域存储密钥库。下面是为域A加载密钥库的代码。我想为域B加载密钥库。两个密钥库将在同一应用程序中使用。
public static SSLContext createSSLContext() throws Exception{
KeyStore clientStore = createKeyStore();
KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
kmf.init(clientStore,"password".tochararray());
KeyManager[] kms = kmf.getKeyManagers();
SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
sslContext.init(kms,null,new SecureRandom());
return sslContext;
}
public static KeyStore createKeyStore() throws Exception{
KeyStore clientStore = KeyStore.getInstance("PKCS12");
try {
clientStore.load(new ByteArrayInputStream("PKCS12 info"),"password".tochararray());
} catch(Exception e){
e.printstacktrace();
}
return clientStore;
}
解决方法
正如dave-thompson-085所述,我缺少TrustStore密钥。以下帖子的摘录很有帮助。 Programmatically Import CA trust cert into existing keystore file without using keytool