On my application I need to access a bunch of REST webservices using Client Authentication. I'm using RestEasy's implementation of JAX-RS Client (which is actually using Apache HttpComponents under the hood).
First I try to load the KeyStore :
private static KeyStore keyStore;
static {
try {
String keyStoreProperty = System.getProperty("javax.net.ssl.keyStore");
String keyStorePasswordProperty = System.getProperty("javax.net.ssl.keyStorePassword");
if (keyStoreProperty != null && keyStorePasswordProperty != null) {
keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
try (InputStream keyStoreData = new FileInputStream(keyStoreProperty)) {
keyStore.load(keyStoreData, keyStorePasswordProperty.toCharArray());
}
}
} catch (IOException | NoSuchAlgorithmException | CertificateException | KeyStoreException e) {
//logging
}
}
Next I use the previously loaded KeyStore to build the javax.ws.rs.client.Client :
Client client;
if (keyStore != null) {
client = ClientBuilder.newBuilder()
.keyStore(keyStore, System.getProperty("javax.net.ssl.keyStorePassword")).build();
} else {
//logging
}
However, this code doesn't seems to be the right way to do things.
I would like to know if it's possible to configure the keyStore on JBoss/WildFly and let it apply it on outbound connections, ideally based on URL patterns.
WildFly does not have that.
Regarding your code when configuring 2-way SSL you need also trustStore configured. To make client trust to server you are connecting. Or alternatively use ssl context instead of keyStore trustStore pair [1].
[1] https://docs.oracle.com/javaee/7/api/javax/ws/rs/client/ClientBuilder.html
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.