如何在jar中使用javax.net.ssl.keystore中的文件?
我正在尝试做类似的事情
URL clientks = com.messaging.SubscriptionManager.class.getResource( "client.ks" ); String path = clientks.toURI().getPath(); System.setProperty( "javax.net.ssl.keyStore", path); 其中client.ks是存储在我正在运行的jar文件中的com / messaging中的文件。
读取javax.net.ssl.keyStore的东西需要一个到jar中的client.ks文件的路径。 如果可能的话,我宁愿不提取文件并放入客户端的机器上。 那么可以在jar中引用文件吗?
这不起作用,因为getPath()返回null。 还有另一种方法吗?
仍然致力于实现,但我相信可以通过InputStream从jar加载keystore并以编程方式显式设置TrustStore(vs设置System属性)。 请参阅文章: 在同一JVM上设置多个信任库
搞定了!
InputStream keystoreInput = Thread.currentThread().getContextClassLoader() .getResourceAsStream(/client.ks"); InputStream truststoreInput = Thread.currentThread().getContextClassLoader() .getResourceAsStream( /client.ts"); setSSLFactories(keystoreInput, "password", truststoreInput); keystoreInput.close(); truststoreInput.close(); private static void setSSLFactories(InputStream keyStream, String keyStorePassword, InputStream trustStream) throws Exception { // Get keyStore KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); // if your store is password protected then declare it (it can be null however) char[] keyPassword = keyStorePassword.toCharArray(); // load the stream to your store keyStore.load(keyStream, keyPassword); // initialize a key manager factory with the key store KeyManagerFactory keyFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); keyFactory.init(keyStore, keyPassword); // get the key managers from the factory KeyManager[] keyManagers = keyFactory.getKeyManagers(); // Now get trustStore KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType()); // if your store is password protected then declare it (it can be null however) //char[] trustPassword = password.toCharArray(); // load the stream to your store trustStore.load(trustStream, null); // initialize a trust manager factory with the trusted store TrustManagerFactory trustFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); trustFactory.init(trustStore); // get the trust managers from the factory TrustManager[] trustManagers = trustFactory.getTrustManagers(); // initialize an ssl context to use these managers and set as default SSLContext sslContext = SSLContext.getInstance("SSL"); sslContext.init(keyManagers, trustManagers, null); SSLContext.setDefault(sslContext); }
您可以将一个InputStream获取到jar文件中的资源,但不能获取File 。 如果最终读取密钥库的“事物”需要File或File路径,那么您唯一的选择就是将其提取到文件系统。
这是一个清理版本的user2529737的答案 ,以防万一。 它已删除不需要的信任存储设置并添加了所需的导入,密钥库类型的参数和密钥密码。
import javax.net.ssl.HttpsURLConnection; import javax.net.ssl.KeyManager; import javax.net.ssl.KeyManagerFactory; import javax.net.ssl.SSLContext; import java.io.BufferedReader; import java.io.InputStream; import java.io.InputStreamReader; import java.net.URL; import java.security.KeyStore; public class PlainJavaHTTPS2Test { public void setUp() throws Exception { final String KEYSTOREPATH = "clientkeystore.p12"; // or .jks // store password can be null if there is no password final char[] KEYSTOREPASS = "keystorepass".toCharArray(); // key password can be null if there is no password final char[] KEYPASS = "keypass".toCharArray(); try (InputStream storeStream = this.getClass().getResourceAsStream(KEYSTOREPATH)) { setSSLFactories(storeStream, "PKCS12", KEYSTOREPASS, KEYPASS); } } private static void setSSLFactories(InputStream keyStream, String keystoreType, char[] keyStorePassword, char[] keyPassword) throws Exception { KeyStore keyStore = KeyStore.getInstance(keystoreType); keyStore.load(keyStream, keyStorePassword); KeyManagerFactory keyFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); keyFactory.init(keyStore, keyPassword); KeyManager[] keyManagers = keyFactory.getKeyManagers(); SSLContext sslContext = SSLContext.getInstance("SSL"); sslContext.init(keyManagers, null, null); SSLContext.setDefault(sslContext); } }