使用java代码向密钥库添加证书

8ehkhllq  于 2021-07-12  发布在  Java
关注(0)|答案(3)|浏览(493)

我正在尝试使用服务器的.cer证书文件建立https连接。我可以使用浏览器手动获取证书文件,并使用keytool将其放入密钥库。然后,我可以使用java代码访问密钥库,获取添加到密钥库的证书并连接到服务器。
不过,我现在甚至想实现获取证书文件并使用java代码将其添加到密钥库的过程,而不需要使用keytool或browser来获取证书。
有人能告诉我怎么做吗?我需要做什么?

0mkxixxg

0mkxixxg1#

编辑:这似乎正是你想要的。
使用以下代码可以在运行时添加信任存储。

import java.io.InputStream;
import java.security.KeyStore;

import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;

public class SSLClasspathTrustStoreLoader {
    public static void setTrustStore(String trustStore, String password) throws Exception {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("X509");
        KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
        InputStream keystoreStream = SSLClasspathTrustStoreLoader.class.getResourceAsStream(trustStore);
        keystore.load(keystoreStream, password.toCharArray());
        trustManagerFactory.init(keystore);
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        SSLContext sc = SSLContext.getInstance("SSL");
        sc.init(null, trustManagers, null);
        SSLContext.setDefault(sc);
    }
}

我使用此代码与ActiveDirectory服务器建立了安全的ldap连接。
这也可能是有用的,在底部有一个类,它能够在运行时导入证书。

ymdaylpp

ymdaylpp2#

为此,我编写了小型库ssl utils android。
您只需从assets目录提供文件名即可加载任何证书。
用法:

OkHttpClient client = new OkHttpClient();
SSLContext sslContext = SslUtils.getSslContextForCertificateFile(context, "BPClass2RootCA-sha2.cer");
client.setSslSocketFactory(sslContext.getSocketFactory());
qnzebej0

qnzebej03#

就在后面
https://docs.oracle.com/cd/e19509-01/820-3503/ggfgo/index.htmlhttps://www.sslshopper.com/article-most-common-java-keytool-keystore-commands.html

javac -cp .:/home/ec2-user/velu/*: QuickStart.java
java -cp .:/home/ec2-user/velu/*:  QuickStart

[ec2-user@ip-10-30-0-66 velu]$ ls
QuickStart.class  commons-codec-1.2.jar       input-payload.txt          logback-core-1.1.3.jar
QuickStart.java   commons-httpclient-3.1.jar  httpclient-4.5.jar  jdk-8u101-linux-x64.rpm    slf4j-api-1.7.12.jar
certificates      commons-logging-1.2.jar     httpcore-4.4.1.jar  logback-classic-1.1.3.jar

import java.io.BufferedReader;
import java.io.FileReader;
import java.io.IOException;

import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.HttpMethod;
import org.apache.commons.httpclient.MultiThreadedHttpConnectionManager;
import org.apache.commons.httpclient.methods.PostMethod;
import org.apache.commons.httpclient.methods.StringRequestEntity;
import org.apache.commons.httpclient.params.HttpClientParams;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;

public class QuickStart {

        public static void main(String[] args) throws Exception {
                System.setProperty("javax.net.ssl.keyStore", "/home/user/velu/certificates/myownOut.pkcs12");
                System.setProperty("javax.net.ssl.keyStorePassword", "password");

                System.setProperty("javax.net.ssl.trustStore", "/home/user/velu/certificates/myTrustStore");
                System.setProperty("javax.net.ssl.trustStorePassword", "password");

System.setProperty("org.apache.commons.logging.Log", "org.apache.commons.logging.impl.SimpleLog");
System.setProperty("org.apache.commons.logging.simplelog.showdatetime", "true");
System.setProperty("org.apache.commons.logging.simplelog.log.httpclient.wire", "debug");
System.setProperty("org.apache.commons.logging.simplelog.log.org.apache.commons.httpclient", "debug");

                CloseableHttpClient httpclient = HttpClients.createDefault();

                HttpClientParams params = new HttpClientParams();
                params.setConnectionManagerClass(MultiThreadedHttpConnectionManager.class);
                HttpClient client = new HttpClient(params);

                HttpMethod m = new PostMethod("https://velu.org:443/Services/com/Echo");

                m.setRequestHeader("content-type", "application/xml");
                //m.setRequestHeader("Accept", "application/xml");
//              m.setRequestHeader("SOAPAction", "Echo");
                try {

                        ((PostMethod) m).setRequestEntity(new StringRequestEntity(getFileContent(), "application/xml", "UTF-8"));
                        System.out.println("VELU EXCUTING");
                        client.executeMethod(m);
                        if (m.getStatusCode() == 200) {
                                System.out.println("VELU RECEIVED:" + m.getResponseBodyAsString());
                        }
                } catch (IOException e) {
                        System.out.println(e.toString());
                } finally {
                        m.releaseConnection();
                }

        }

        public static String getFileContent() {

                BufferedReader br = null;
                String fileContent = "";
                try {

                        br = new BufferedReader(new FileReader(
                                        "/home/user/velu/input-payload.txt")); // Note that this file format should be proper.
                        String sCurrentLine = "";
                        while ((sCurrentLine = br.readLine()) != null) {
                                fileContent += sCurrentLine;
                        }
                        System.out.println(fileContent);

                } catch (IOException e) {
                        e.printStackTrace();
                } finally {
                        try {
                                if (br != null)
                                        br.close();
                        } catch (IOException ex) {
                                ex.printStackTrace();
                        }
                }
                return fileContent;
        }

相关问题