java - trustStore 的路径 - 设置属性不起作用?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/2138574/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
java - path to trustStore - set property doesn't work?
提问by oneAday
I've setup a self-signed certificate to test an ssl java connection - however, it is refusing to locate the java trustStore. I've saved copies of it in /Java/jre6/lib/security in addition to the folder where the classes are compiled to (im using netbeans) and also to /java/jre6/bin none of the above appears to work, because when i run the following - trustStore = null.
我已经设置了一个自签名证书来测试 ssl java 连接 - 但是,它拒绝定位 java trustStore。我已经将它的副本保存在 /Java/jre6/lib/security 除了类被编译到的文件夹(我使用 netbeans)以及 /java/jre6/bin 以上似乎都不起作用,因为当我运行以下命令时 - trustStore = null。
public class ShowTrustStore {
public static void main(String[] args) {
System.setProperty("javax.net.ssl.keyStore", "keystore.jks");
System.setProperty("javax.net.ssl.trustStrore", "cacerts.jks");
System.setProperty("javax.net.ssl.keyStorePassword", "changeit");
String trustStore = System.getProperty("javax.net.ssl.trustStore");
if (trustStore == null) {
System.out.println("javax.net.ssl.trustStore is not defined");
} else {
System.out.println("javax.net.ssl.trustStore = " + trustStore);
}
}
}
how to set the path correctly?
如何正确设置路径?
**********UPDATE************ Using the getFile() method and some more debug data:
**********UPDATE************ 使用 getFile() 方法和更多调试数据:
package ssltest;
public class Main {
public static void main(String[] args) {
// System.setProperty("javax.net.ssl.keyStore", "/keystore.jks");
// System.setProperty("javax.net.ssl.trustStrore", "/java.home/cacerts.jks");
// System.setProperty("javax.net.ssl.keyStorePassword", "changeit");
// System.setProperty("javax.net.ssl.trustStorePassword", "changeit");
try {
Main.class.getResource("trustStore.jks").getFile();
} catch (Exception e) {
e.printStackTrace();
}
String trustStore = System.getProperty("javax.net.ssl.trustStore");
if (trustStore == null) {
String storeLoc;
storeLoc = System.getProperty("java.class.path");
System.out.println("classpath: " + storeLoc);
}
trustStore = System.getProperty("javax.net.ssl.trustStore");
if (trustStore == null) {
System.out.println("javax.net.ssl.trustStore is not defined");
} else {
System.out.println("javax.net.ssl.trustStore = " + trustStore);
}
}
}
run: java.lang.NullPointerException classpath: C:\Users\Main\Documents\NetBeansProjects\sslTest\build\classes;C:\Users\Main\Documents\NetBeansProjects\sslTest\src at ssltest.Main.main(Main.java:15) javax.net.ssl.trustStore is not defined BUILD SUCCESSFUL (total time: 0 seconds)
运行:java.lang.NullPointerException 类路径:C:\Users\Main\Documents\NetBeansProjects\sslTest\build\classes;C:\Users\Main\Documents\NetBeansProjects\sslTest\src at ssltest.Main.main(Main.java :15) 未定义 javax.net.ssl.trustStore 构建成功(总时间:0 秒)
采纳答案by Bozho
You have a typo - it is trustStore.
你有一个错字 - 它是trustStore。
Apart from setting the variables with System.setProperty(..), you can also use
除了使用 设置变量外System.setProperty(..),您还可以使用
-Djavax.net.ssl.keyStore=path/to/keystore.jks
回答by Don Isenor
Looks like you have a typo -- "trustStrore" should be "trustStore", i.e.
看起来你有一个错字——“trustStrore”应该是“trustStore”,即
System.setProperty("javax.net.ssl.trustStrore", "cacerts.jks");
should be:
应该:
System.setProperty("javax.net.ssl.trustStore", "cacerts.jks");
回答by Aniket Thakur
Both
两个都
-Djavax.net.ssl.trustStore=path/to/trustStore.jks
and
和
System.setProperty("javax.net.ssl.trustStore", "cacerts.jks");
do the same thing and have no difference working wise. In your case you just have a typo. You have misspelled trustStorein javax.net.ssl.trustStore.
做同样的事情,明智地工作没有区别。在你的情况下,你只是有一个错字。你拼错trustStore了javax.net.ssl.trustStore.
回答by J Medeiros
Alternatively, if using javax.net.ssl.trustStore for specifying the location of your truststore does not work ( as it did in my case for two way authentication ), you can also use SSLContextBuilder as shown in the example below. This example also includes how to create a httpclient as well to show how the SSL builder would work.
或者,如果使用 javax.net.ssl.trustStore 来指定您的信任库的位置不起作用(就像我在双向身份验证的情况下所做的那样),您也可以使用 SSLContextBuilder,如下例所示。此示例还包括如何创建 httpclient 以及展示 SSL 构建器如何工作。
SSLContextBuilder sslcontextbuilder = SSLContexts.custom();
sslcontextbuilder.loadTrustMaterial(
new File("C:\path to\truststore.jks"), //path to jks file
"password".toCharArray(), //enters in the truststore password for use
new TrustSelfSignedStrategy() //will trust own CA and all self-signed certs
);
SSLContext sslcontext = sslcontextbuilder.build(); //load trust store
SSLConnectionSocketFactory sslsockfac = new SSLConnectionSocketFactory(sslcontext,new String[] { "TLSv1" },null,SSLConnectionSocketFactory.getDefaultHostnameVerifier());
CloseableHttpClient httpclient = HttpClients.custom().setSSLSocketFactory(sslsockfac).build(); //sets up a httpclient for use with ssl socket factory
try {
HttpGet httpget = new HttpGet("https://localhost:8443"); //I had a tomcat server running on localhost which required the client to have their trust cert
System.out.println("Executing request " + httpget.getRequestLine());
CloseableHttpResponse response = httpclient.execute(httpget);
try {
HttpEntity entity = response.getEntity();
System.out.println("----------------------------------------");
System.out.println(response.getStatusLine());
EntityUtils.consume(entity);
} finally {
response.close();
}
} finally {
httpclient.close();
}
