使用java代码将证书添加到密钥库
我正在尝试使用服务器的.cer证书文件建立https连接。 我可以使用浏览器手动获取证书文件,并使用keytool将其放入密钥库。 然后,我可以使用java代码访问密钥库,获取我添加到密钥库的证书并连接到服务器。
我现在想要实现获取证书文件并使用java代码将其添加到我的密钥库并且不使用keytool或浏览器来获取证书的过程。
有人可以告诉我如何处理这个以及我需要做什么?
编辑: 这似乎完全符合你的要求。
使用以下代码可以在运行时添加信任库。
import java.io.InputStream; import java.security.KeyStore; import javax.net.ssl.SSLContext; import javax.net.ssl.TrustManager; import javax.net.ssl.TrustManagerFactory; public class SSLClasspathTrustStoreLoader { public static void setTrustStore(String trustStore, String password) throws Exception { TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("X509"); KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType()); InputStream keystoreStream = SSLClasspathTrustStoreLoader.class.getResourceAsStream(trustStore); keystore.load(keystoreStream, password.toCharArray()); trustManagerFactory.init(keystore); TrustManager[] trustManagers = trustManagerFactory.getTrustManagers(); SSLContext sc = SSLContext.getInstance("SSL"); sc.init(null, trustManagers, null); SSLContext.setDefault(sc); } } 我使用此代码与活动目录服务器建立安全的LDAP连接。
这也可能是有用的,在底部有一个类,它可以在运行时导入证书。
我写了小库ssl-utils-android这样做。
您可以通过从assets目录中提供文件名来加载任何证书。
用法:
OkHttpClient client = new OkHttpClient(); SSLContext sslContext = SslUtils.getSslContextForCertificateFile(context, "BPClass2RootCA-sha2.cer"); client.setSslSocketFactory(sslContext.getSocketFactory());
刚跟了
https://docs.oracle.com/cd/E19509-01/820-3503/ggfgo/index.html https://www.sslshopper.com/article-most-common-java-keytool-keystore-commands.html
javac -cp .:/home/ec2-user/velu/*: QuickStart.java java -cp .:/home/ec2-user/velu/*: QuickStart [ec2-user@ip-10-30-0-66 velu]$ ls QuickStart.class commons-codec-1.2.jar input-payload.txt logback-core-1.1.3.jar QuickStart.java commons-httpclient-3.1.jar httpclient-4.5.jar jdk-8u101-linux-x64.rpm slf4j-api-1.7.12.jar certificates commons-logging-1.2.jar httpcore-4.4.1.jar logback-classic-1.1.3.jar import java.io.BufferedReader; import java.io.FileReader; import java.io.IOException; import org.apache.commons.httpclient.HttpClient; import org.apache.commons.httpclient.HttpMethod; import org.apache.commons.httpclient.MultiThreadedHttpConnectionManager; import org.apache.commons.httpclient.methods.PostMethod; import org.apache.commons.httpclient.methods.StringRequestEntity; import org.apache.commons.httpclient.params.HttpClientParams; import org.apache.http.impl.client.CloseableHttpClient; import org.apache.http.impl.client.HttpClients; public class QuickStart { public static void main(String[] args) throws Exception { System.setProperty("javax.net.ssl.keyStore", "/home/user/velu/certificates/myownOut.pkcs12"); System.setProperty("javax.net.ssl.keyStorePassword", "password"); System.setProperty("javax.net.ssl.trustStore", "/home/user/velu/certificates/myTrustStore"); System.setProperty("javax.net.ssl.trustStorePassword", "password"); System.setProperty("org.apache.commons.logging.Log", "org.apache.commons.logging.impl.SimpleLog"); System.setProperty("org.apache.commons.logging.simplelog.showdatetime", "true"); System.setProperty("org.apache.commons.logging.simplelog.log.httpclient.wire", "debug"); System.setProperty("org.apache.commons.logging.simplelog.log.org.apache.commons.httpclient", "debug"); CloseableHttpClient httpclient = HttpClients.createDefault(); HttpClientParams params = new HttpClientParams(); params.setConnectionManagerClass(MultiThreadedHttpConnectionManager.class); HttpClient client = new HttpClient(params); HttpMethod m = new PostMethod("https://velu.org:443/Services/com/Echo"); m.setRequestHeader("content-type", "application/xml"); //m.setRequestHeader("Accept", "application/xml"); // m.setRequestHeader("SOAPAction", "Echo"); try { ((PostMethod) m).setRequestEntity(new StringRequestEntity(getFileContent(), "application/xml", "UTF-8")); System.out.println("VELU EXCUTING"); client.executeMethod(m); if (m.getStatusCode() == 200) { System.out.println("VELU RECEIVED:" + m.getResponseBodyAsString()); } } catch (IOException e) { System.out.println(e.toString()); } finally { m.releaseConnection(); } } public static String getFileContent() { BufferedReader br = null; String fileContent = ""; try { br = new BufferedReader(new FileReader( "/home/user/velu/input-payload.txt")); // Note that this file format should be proper. String sCurrentLine = ""; while ((sCurrentLine = br.readLine()) != null) { fileContent += sCurrentLine; } System.out.println(fileContent); } catch (IOException e) { e.printStackTrace(); } finally { try { if (br != null) br.close(); } catch (IOException ex) { ex.printStackTrace(); } } return fileContent; }