Restlet发送客户端证书
[英]Restlet sending client certificate
问题描述
I'm using restlet to create an HTTPS channel with both server and client certification. 
我正在使用restlet创建具有服务器和客户端认证的HTTPS通道。 I have no problem to certificate the server ( ie having the server exposing a certificate and trusting it from the client ) but I have no idea on how to send the client certificate. 我对服务器进行证书没有问题(即让服务器公开证书并从客户端信任它),但是我不知道如何发送客户端证书。 Here below the server important code: 下面是服务器的重要代码:
Server server = component.getServers().add(Protocol.HTTPS, config.getInt("server.port"));
Series<Parameter> parameters = server.getContext().getParameters();
parameters.add("keystorePath", config.getString("keystore.path"));
parameters.add("keystorePassword", config.getString("keystore.password"));
parameters.add("keyPassword", config.getString("key.password"));
parameters.add("keystoreType",config.getString("keystore.type"));
/* true */
parameters.add("needClientAuthentication", config.getString("need.client.authentication"));
and the client configuration is like this: 客户端配置如下:
if(config.getBoolean("truststore.use")){
Series<Parameter> parameters = client.getContext().getParameters();
parameters.add("truststorePath", config.getString("truststore.path"));
parameters.add("truststorePassword", config.getString("truststore.password"));
// parameters.add("trustPassword", "password");
parameters.add("truststoreType", config.getString("truststore.type"));
parameters.add("keystorePath", config.getString("keystore.path"));
parameters.add("keystorePassword", config.getString("keystore.password"));
parameters.add("keyPassword", config.getString("key.password"));
parameters.add("keystoreType",config.getString("keystore.type"));
}
until the needClientAuthentication is false all works ok. 直到needClientAuthentication为false为止,一切正常。 By setting needClientAuthentication to true it start to fail, and it is expected since I'm not sending the client certificate. 通过将needClientAuthentication设置为true,它将开始失败,并且由于我没有发送客户端证书,所以可以预期。 The exception rised has the followint message: 引发的异常具有followint消息:
Software caused connection abort: recv failed
but I have no idea and did not find any example on how to send a client certificate. 但我不知道,也没有找到有关如何发送客户端证书的示例。
I even added the keystore info on the client and relaxed the constraint on the server to wantClientAuthentication , but no certificates appear to come from the server. 我什至在客户端上添加了密钥库信息,并将服务器上的约束放宽到wantClientAuthentication ,但是似乎没有证书来自服务器。
1 个解决方案
解决方案1
0 已采纳 2014-09-08 09:50:15
I found the trouble. 我发现了麻烦。 Apparently server does not start to ask certificates to the client until a trust store is configured on the server too. 显然,直到服务器上也配置了信任存储后,服务器才开始向客户端请求证书。 By configuring the trust store the mutual certification happens correctly. 通过配置信任库,可以正确进行相互认证。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.