问题描述
我有一个使用Java Soap客户端(我使用spring-ws)的服务(在JBoss内部以7方式部署了spring boot war),该服务需要使用双向身份验证来调用api网关公开的第三方Web服务器。我可以通过直接使用jks文件初始化ssl上下文来发出请求,如下所示:
SSLContext sslcontext = getSSLContext();
SSLConnectionSocketFactory factory = new SSLConnectionSocketFactory(sslcontext,new HostnameVerifier() {
@Override
public boolean verify(String hostname,SSLSession session) {
return true;
}
});
HttpClientBuilder httpClientBuilder = HttpClients.custom();
... }
private SSLContext getSSLContext() throws KeyStoreException,NoSuchAlgorithmException,IOException,KeyManagementException,java.security.cert.CertificateException,UnrecoverableKeyException {
KeyStore ks = KeyStore.getInstance("JKS");
ks.load(keyStore.getInputStream(),keyStorePassword.tochararray());
logger.debug("Loaded keystore: " + keyStore.getURI().toString());
try {
keyStore.getInputStream().close();
} catch (IOException e) {
}
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyManagerFactory.init(ks,keyStorePassword.tochararray());
KeyStore ts = KeyStore.getInstance("JKS");
ts.load(trustStore.getInputStream(),trustStorePassword.tochararray());
logger.debug("Loaded trustStore: " + trustStore.getURI().toString());
try {
trustStore.getInputStream().close();
} catch (IOException e) {
}
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(ts);
SSLContextBuilder sslContextBuilder = SSLContexts.custom();
try {
sslContextBuilder = SSLContexts.custom().loadKeyMaterial(ks,keyStorePassword.tochararray());
} catch (UnrecoverableKeyException e) {
e.printstacktrace();
}
sslContextBuilder.loadTrustMaterial(ts,new TrustAllStrategy());
return sslContextBuilder.build();
}
但是我想使用jboss配置中定义的ssl上下文
<tls>
<key-stores>
<key-store name="MyKeyStore">
<credential-reference clear-text="MyPass"/>
<implementation type="JKS"/>
<file path="/home/jboss/mycertstore.jks"/>
</key-store>
</key-stores>
<key-managers>
<key-manager name="myKM" algorithm="PKIX" key-store="myKeyStore">
<credential-reference store="credstore" alias="mycred_alias"/>
</key-manager>
</key-managers>
<trust-managers>
<trust-manager name="myTM" key-store="myKeyStore"/>
</trust-managers>
<client-ssl-contexts>
<client-ssl-context name="mySSLName" protocols="TLSv1.2" key-manager="myKM" trust-manager="myTM"/>
</client-ssl-contexts>
</tls>
是否可以在客户端内部将SSLContext“ mySSLName”用作javax.net.ssl.SSLContext?
希望我的问题很清楚。
谢谢!
解决方法
暂无找到可以解决该程序问题的有效方法,小编努力寻找整理中!
如果你已经找到好的解决方法,欢迎将解决方案带上本链接一起发送给小编。
小编邮箱:dio#foxmail.com (将#修改为@)