[英]How application server is reading custom trust store without password
I have created custom truststore using keytool and provided password while creating it. 我已经使用keytool创建了自定义信任库,并在创建密码时提供了密码。 I configured Jboss EAP to use the trust store using the following options:
我使用以下选项将Jboss EAP配置为使用信任存储:
JAVA_OPTS="$JAVA_OPTS -Djavax.net.ssl.trustStore=/path/to/truststore.jks"
JAVA_OPTS =“ $ JAVA_OPTS -Djavax.net.ssl.trustStore = / path / to / truststore.jks”
I didn't provide any truststore password in jboss configuration. 我没有在jboss配置中提供任何信任库密码。
My question is how jboss is able to read the trust store without password ? 我的问题是jboss如何能够在没有密码的情况下读取信任库? I am seeing that the outbound ssl connections from servers are working fine after configuring the trust store.
我看到配置信任存储后,来自服务器的出站ssl连接工作正常。
The password is not really needed to read the truststore entries of a JKS. 读取JKS的信任库条目实际上并不需要密码。 The file is not encrypted and only the private keys are encrypted with their own password.
该文件未加密,只有私钥使用其自己的密码加密。 See JKS protection See also this example code to change JKS password without know the orginal
请参见JKS保护。另请参见此 示例代码,以在不知道原始密码的情况下更改JKS密码。
It seems that the cryptographic provider used by your Jboss deployment is omitting the password to read the entries 您的Jboss部署所使用的加密提供程序似乎省略了密码以读取条目
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.