堆栈内存溢出
  简体   繁体   English

设置Grizzly的密钥库以在罐子中使用jks

[英]Setting Grizzly's keystore to use a jks in a jar

 原文  2010-01-20 20:01:27       java/ ssl/ jar/ jks/ grizzly

问题描述

I'm trying to use com.sun.grizzly.SSLConfig.setKeyStoreFile() to set SSL for Grizzly. 我正在尝试使用com.sun.grizzly.SSLConfig.setKeyStoreFile()为Grizzly设置SSL。 It only takes a String as input (not InputStream or File). 它仅将String作为输入(而不是InputStream或File)。 I want to use a jks file that is within a JAR file. 我想使用JAR文件中的jks文件。 If I pass a string for a jar path (eg C:\\dir\\my.jar!\\resources\\my.jks), it fails. 如果我为jar路径传递字符串(例如C:\\ dir \\ my.jar!\\ resources \\ my.jks),它将失败。 Other than just unzipping the file from the JAR, how can I use that JKS for grizzly. 除了只是从JAR解压缩文件外,我如何才能使用该JKS进行灰熊操作。

2 个解决方案

解决方案1
 3 已采纳  2010-01-20 21:39:47

It doesn't appear you can pass in anything other than a filename. 除文件名外,您似乎无法传入任何其他内容。 If you view the source and look at the validateConfiguration() and createSSLContext() methods, you'll see that it is passing the keyStoreFile variable directly into the FileInputStream constructor. 如果查看源代码并查看validateConfiguration()createSSLContext()方法,您会看到它正在将keyStoreFile变量直接传递到FileInputStream构造函数中。

Short term, you're probably stuck with unzipping and using the direct file name. 短期来看,您可能会陷入解压缩和使用直接文件名的困境。 Or you could override the two methods listed above to properly validate and initialize the SSLContext. 或者,您可以重写上面列出的两个方法以正确地验证和初始化SSLContext。 Long term, I'd submit a patch. 长期来看,我会提交一个补丁。

解决方案2
 2  2010-01-22 15:54:40

@Kevin's idea worked! @Kevin的想法成功了! Using grizzly-servlet-webserver 1.9.8, here's my code: 使用grizzly-servlet-webserver 1.9.8,这是我的代码: 


SSLConfig ssl = new SSLConfig(){
 @Override
 public SSLContext createSSLContext() { 
  try{
   //Load the keystore.
   KeyStore keyStore=KeyStore.getInstance(KeyStore.getDefaultType());
   InputStream keyStream=ClassLoader.getSystemResourceAsStream("my.jks");
   //InputStream keyStream=new java.net.URL("jar:file:/C:/dir/my.jar!/my.jks").openStream();
   keyStore.load(keyStream,"mypassword");
   keyStream.close();

   //Create the factory from the keystore.
   String kmfAlgorithm=System.getProperty("ssl.KeyManagerFactory.algorithm",KeyManagerFactory.getDefaultAlgorithm());
   KeyManagerFactory keyManagerFactory=KeyManagerFactory.getInstance(kmfAlgorithm);
   keyManagerFactory.init(keyStore,"mypassword");

   //Create the SSLContext
   SSLContext sslContext=SSLContext.getInstance("TLS");
   sslContext.init(keyManagerFactory.getKeyManagers(), null, null);
   return sslContext;
  }

  //Wrap all Exceptions in a RuntimeException.
  catch(Exception e){
   throw new RuntimeException(e);
  }
 }
};

I took a few shortcuts (not logging Exceptions, using several string constants, etc), but you can get the idea. 我采取了一些捷径(不记录异常,不使用几个字符串常量,等等),但是您可以理解。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 密钥库未从jar中加载JKS文件 - Keystore not loading JKS file from within jar 使用JKS密钥库进行Ganymed SSH的公钥认证 - Use JKS keystore for public key authentication with Ganymed SSH 如何使用 keystore.jks 对 SOAP 消息进行签名和加密 - How to use keystore.jks to sign and encrypt a SOAP message KDB 到 JKS 密钥库的转换 - KDB to JKS keystore conversion .jks密钥库的目的是什么? - What is the purpose of a .jks keystore? JKS 到 BKS 密钥库 - JKS to BKS keystore 使用.jar中的grizzly的StaticHttpHandler提供静态内容 - Serving static content with grizzly's StaticHttpHandler from within a .jar Grizzly和Jersey独立罐子 - Grizzly and Jersey standalone jar Java KeyStore jks 作为证书颁发机构 - Java KeyStore jks as certificate authority 找不到类路径中的 JKS 密钥库文件 - JKS keystore file in the classpath not found
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM