我正在尝试创建一个使用 TSLv1.2 协议(protocol)执行握手的 SSL 套接字工厂。
我到目前为止[更新 1/18]:
SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
ServerSocketFactory sf = SSLServerSocketFactory.getDefault();
KeyManager[] km = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()).getKeyManagers();
TrustManager[] tm = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()).getTrustManagers();
SecureRandom random = new SecureRandom();
sslContext.init(km, tm, random);
requestContext.put(BindingProviderProperties.SSL_SOCKET_FACTORY, sslContext.getSocketFactory());
我希望从 SSLServerSocketFactory.getDefault()
中获取 KeyManager、TrustManager 和 SecureRandom 对象,但没有相应的 getter。
我可以从另一个地方提取这个吗?或者更有效的方法?
我不想手动创建 key 和信任管理器以避免系统特定配置的需要。
完整方法供引用:
public MyOutBoundClientWSImpl(URL wsdlUrl){
super(wsdlUrl, serviceName);
this.wsUrl=wsdlUrl;
this.mService = this.getMySoapHttpPort();
Map<String, Object> requestContext = ((BindingProvider)mService).getRequestContext();
requestContext.put(BindingProviderProperties.REQUEST_TIMEOUT, REQUEST_TIMEOUT); // Timeout in millis
requestContext.put(BindingProviderProperties.CONNECT_TIMEOUT, CONNECT_TIMEOUT); // Timeout in millis
try {
SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
ServerSocketFactory sf = SSLServerSocketFactory.getDefault();
KeyManager[] km = ??;
TrustManager[] tm = ??;
SecureRandom random = ??;
sslContext.init(km, tm, random);
requestContext.put(BindingProviderProperties.SSL_SOCKET_FACTORY, sslContext.getSocketFactory());
} catch (NoSuchAlgorithmException e) {
throw new IllegalArgumentException(e.getMessage(), e);
}
}
最佳答案
查看官方文档:
https://docs.oracle.com/javase/7/docs/api/javax/net/ssl/SSLContext.html
public final void init(KeyManager[] km,
TrustManager[] tm,
SecureRandom random)
throws KeyManagementException
Initializes this context. Either of the first two parameters may be null in which case the installed security providers will be searched for the highest priority implementation of the appropriate factory. Likewise, the secure random parameter may be null in which case the default implementation will be used.
事实证明这很容易做到,您只需将所有空值传递给 init 方法即可。
public MyOutBoundClientWSImpl(URL wsdlUrl){
super(wsdlUrl, serviceName);
this.wsUrl=wsdlUrl;
this.mService = this.getMySoapHttpPort();
Map<String, Object> requestContext = ((BindingProvider)mService).getRequestContext();
requestContext.put(BindingProviderProperties.REQUEST_TIMEOUT, REQUEST_TIMEOUT); // Timeout in millis
requestContext.put(BindingProviderProperties.CONNECT_TIMEOUT, CONNECT_TIMEOUT); // Timeout in millis
try {
SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
KeyManager[] km = null;
TrustManager[] tm = null;
SecureRandom random = null;
sslContext.init(km, tm, random);
requestContext.put(BindingProviderProperties.SSL_SOCKET_FACTORY, sslContext.getSocketFactory());
} catch (NoSuchAlgorithmException e) {
throw new IllegalArgumentException(e.getMessage(), e);
}
}
关于java - 如何检索 SSL 客户端正在使用的 KeyManager、TrustManager 和 SecureRandom 对象?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/34680544/