我想在我的 Spring Boot 项目中使用 https 方法。我知道我需要使用 SSL。我想在 JAVA 中以编程方式配置 SSL 密钥库和信任库,而不是通过 application.properties。
之前我使用的是 spring 3.1.3,其中我使用 SslStoreProvider 来设置属性。但是,现在在 spring 3.2.3 中它已被弃用,并且从 spring 3.3.3 开始它被删除。在文档中,它显示您可以使用 sslbundle。
我想使用 sslbundle 以编程方式设置密钥库和信任库。不是通过使用 application.properties。
这是我旧的 SslStoreProvider 实现:
@Bean
public JettyServletWebServerFactory jettyConfigBean() {
JettyServletWebServerFactory jef = new JettyServletWebServerFactory();
System.out.println("JettyServletWebServerFactory");
System.out.println("Exec Prakrath code!");
jef.setSslStoreProvider(new SslStoreProvider() {
char[] password = "changeit".toCharArray();
@Override
public KeyStore getKeyStore() throws Exception {
System.out.println("downloadCerts and copyCerts initial load");
System.out.println("SslStoreProvider getKeyStore is called");
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(new FileInputStream("/Users/prakrath/personal/teluskojava/servletjetty/src/main/resources/keystore.jks"), password);
return keyStore;
}
@Override
public KeyStore getTrustStore() throws Exception {
System.out.println("SslStoreProvider getTrustStore is called");
KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
trustStore.load(new FileInputStream("/Users/prakrath/personal/teluskojava/servletjetty/src/main/resources/keystore.jks"), password);
return trustStore;
}
});
return jef;
}
这工作得很好,但我需要迁移到 sslbundle
这是我的 SSLBundles 实现
@Bean
public JettyServletWebServerFactory jettyConfigBean() {
JettyServletWebServerFactory jef = new JettyServletWebServerFactory();
System.out.println("JettyServletWebServerFactory");
System.out.println("Exec Prakrath code!");
jef.setSslStoreProvider(new SslStoreProvider() {
char[] password = "changeit".toCharArray();
@Override
public KeyStore getKeyStore() throws Exception {
System.out.println("downloadCerts and copyCerts initial load");
System.out.println("SslStoreProvider getKeyStore is called");
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(new FileInputStream("/Users/prakrath/personal/teluskojava/servletjetty/src/main/resources/keystore.jks"), password);
return keyStore;
}
@Override
public KeyStore getTrustStore() throws Exception {
System.out.println("SslStoreProvider getTrustStore is called");
KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
trustStore.load(new FileInputStream("/Users/prakrath/personal/teluskojava/servletjetty/src/main/resources/keystore.jks"), password);
return trustStore;
}
});
jef.setSslBundles(new SslBundles() {
@Override
public SslBundle getBundle(String name) throws NoSuchSslBundleException {
char[] password = "changeit".toCharArray();
System.out.println("Inside SSL BUNDLE prakrath code!");
return SslBundle.of(SslStoreBundle.of(
getKeyStore(password),
new String(password),
getTrustStore(password)
));
}
private KeyStore getKeyStore(char[] password) {
System.out.println("downloadCerts and copyCerts initial load");
System.out.println("SslStoreProvider getKeyStore is called");
try {
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(new FileInputStream("/Users/prakrath/personal/teluskojava/servletjetty/src/main/resources/keystore.jks"), password);
return keyStore;
} catch (Exception e) {
throw new RuntimeException(e);
}
}
private KeyStore getTrustStore(char[] password) {
System.out.println("SslStoreProvider getTrustStore is called");
try {
KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
trustStore.load(new FileInputStream("/Users/prakrath/personal/teluskojava/servletjetty/src/main/resources/keystore.jks"), password);
return trustStore;
} catch (Exception e) {
throw new RuntimeException(e);
}
}
@Override
public void addBundleUpdateHandler(String name, Consumer<SslBundle> updateHandler) throws NoSuchSslBundleException {
}
});
return jef;
}
但这不起作用,我无法发送 https 请求。互联网上没有可用的代码来使用 sslbundles 或任何其他方式在 JAVA 代码中设置密钥库和信任库。
您可以轻松地以编程方式配置 Spring Boot 服务器 ssl 配置,请参阅此处以获取类似的答案:以编程方式使用自定义 SSLContext 配置 Spring Boot(针对 mTLS)