我需要能够使用 scala 和 dispatch 发送一个证书文件(.pem,我认为)。
你是怎样做的?
最佳答案
基于@sbridges 示例中的 Java 代码,我使用 dispatch 提出了以下 Scala 代码。它创建一个自定义 SSL 上下文,其中包含您提供的证书(并且只有那些证书;验证远程主机时,此代码不使用受信任的根证书的默认存储)。
class SslAuthenticatingHttp(certData: SslCertificateData) extends Http {
override val client = new AsyncHttpClient(
(new AsyncHttpClientConfig.Builder).setSSLContext(buildSslContext(certData)).build
)
private def buildSslContext(certData: SslCertificateData): SSLContext = {
import certData._
val clientCertStore = loadKeyStore(clientCertificateData, clientCertificatePassword)
val rootCertStore = loadKeyStore(rootCertificateData, rootCertificatePassword)
val keyManagerFactory = KeyManagerFactory.getInstance("SunX509")
keyManagerFactory.init(clientCertStore, clientCertificatePassword.toCharArray)
val keyManagers = keyManagerFactory.getKeyManagers()
val trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm())
trustManagerFactory.init(rootCertStore)
val trustManagers = trustManagerFactory.getTrustManagers()
val context = SSLContext.getInstance("TLS")
context.init(keyManagers, trustManagers, null)
context
}
private def loadKeyStore(keyStoreData: Array[Byte], password: String): KeyStore = {
val store = KeyStore.getInstance(KeyStore.getDefaultType)
store.load(new ByteArrayInputStream(keyStoreData), password.toCharArray)
store
}
}
case class SslCertificateData (
clientCertificateData: Array[Byte],
clientCertificatePassword: String,
rootCertificateData: Array[Byte],
rootCertificatePassword: String)
这将用于:
val certificateData = SslCertificateData(/* bytes from .jks file for client cert here */, "secret!",
/* bytes from .jks file for root cert here */, "also secret!")
val http = new SslAuthenticatingHttp(certificateData)
val page = http(req OK as.String)
println(page())
请注意,这会将证书数据保存在内存中,这不是最安全的方法,并且会不必要地消耗内存。在许多情况下,在 SslCertificateData 案例类中存储 InputStream 或文件名可能更合适。
关于scala - 使用 Scala Dispatch 发送证书文件,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/12306623/