如何配置Simple Framework以要求SSL客户端身份验证?(How can I configure Simple Framework to require SSL client authentication?)
我正在使用Simple Framework编写HTTP服务器,并希望客户端提供由我的证书颁发机构签名的有效证书以建立连接。
我写了以下的简单服务器。 如何修改此代码以要求对所有SSL连接进行客户端证书身份验证?
public static void main(String[] args) throws Exception { Container container = createContainer(); Server server = new ContainerServer(container); Connection connection = new SocketConnection(server); SocketAddress address = new InetSocketAddress(8443); KeyManagerFactory km = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); KeyStore serverKeystore = KeyStore.getInstance(KeyStore.getDefaultType()); try(InputStream keystoreFile = new FileInputStream(SERVER_KEYSTORE_PATH)) { serverKeystore.load(keystoreFile, "asdfgh".toCharArray()); } km.init(serverKeystore, SERVER_KS_PASSWORD.toCharArray()); TrustManagerFactory tm = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); KeyStore caKeystore = KeyStore.getInstance(KeyStore.getDefaultType()); try(InputStream caCertFile = new FileInputStream(CA_CERT_PATH)) { caKeystore.load(caCertFile, CA_KS_PASSWORD.toCharArray()); } tm.init(caKeystore); SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(km.getKeyManagers(), tm.getTrustManagers(), null); connection.connect(address, sslContext); }I am writing an HTTP server using the Simple Framework and would like to require clients to present a valid certificate signed by my certificate authority in order to establish a connection.
I have the following bare-bones server written. How can I modify this code to require client certificate authentication for all SSL connections?
public static void main(String[] args) throws Exception { Container container = createContainer(); Server server = new ContainerServer(container); Connection connection = new SocketConnection(server); SocketAddress address = new InetSocketAddress(8443); KeyManagerFactory km = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); KeyStore serverKeystore = KeyStore.getInstance(KeyStore.getDefaultType()); try(InputStream keystoreFile = new FileInputStream(SERVER_KEYSTORE_PATH)) { serverKeystore.load(keystoreFile, "asdfgh".toCharArray()); } km.init(serverKeystore, SERVER_KS_PASSWORD.toCharArray()); TrustManagerFactory tm = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); KeyStore caKeystore = KeyStore.getInstance(KeyStore.getDefaultType()); try(InputStream caCertFile = new FileInputStream(CA_CERT_PATH)) { caKeystore.load(caCertFile, CA_KS_PASSWORD.toCharArray()); } tm.init(caKeystore); SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(km.getKeyManagers(), tm.getTrustManagers(), null); connection.connect(address, sslContext); }最满意答案
尝试这个
public class MyServer implements org.simpleframework.transport.Server { private Server delegateServer; public MyServer(Server delegateServer){ this.delegateServer = delegateServer; } public void process(Socket socket){ socket.getEngine().setNeedClientAuth(true); delegateServer.process(socket); } }Try this
public class MyServer implements org.simpleframework.transport.Server { private Server delegateServer; public MyServer(Server delegateServer){ this.delegateServer = delegateServer; } public void process(Socket socket){ socket.getEngine().setNeedClientAuth(true); delegateServer.process(socket); } }更多推荐
发布评论