Setting Grizzly's keystore to use a jks in a jar
I'm trying to use com.sun.grizzly.SSLConfig.setKeyStoreFile() to set SSL for Grizzly. It only takes a String as input (not InputStream or File). I want to use a jks file that is within a JAR file. If I pass a string for a jar path (eg C:\dir\my.jar!\resources\my.jks), it fails. Other than just unzipping the file from the JAR, how ca开发者_如何学Cn I use that JKS for grizzly.
It doesn't appear you can pass in anything other than a filename. If you view the source and look at the validateConfiguration() and createSSLContext() methods, you'll see that it is passing the keyStoreFile variable directly into the FileInputStream constructor.
Short term, you're probably stuck with unzipping and using the direct file name. Or you could override the two methods listed above to properly validate and initialize the SSLContext. Long term, I'd submit a patch.
@Kevin's idea worked! Using grizzly-servlet-webserver 1.9.8, here's my code:
SSLConfig ssl = new SSLConfig(){
@Override
public SSLContext createSSLContext() {
try{
//Load the keystore.
KeyStore keyStore=KeyStore.getInstance(KeyStore.getDefaultType());
InputStream keyStream=ClassLoader.getSystemResourceAsStream("my.jks");
//InputStream keyStream=new java.net.URL("jar:file:/C:/dir/my.jar!/my.jks").openStream();
keyStore.load(keyStream,"mypassword");
keyStream.close();
//Create the factory from the keystore.
String kmfAlgorithm=System.getProperty("ssl.KeyManagerFactory.algorithm",KeyManagerFactory.getDefaultAlgorithm());
KeyManagerFactory keyManagerFactory=KeyManagerFactory.getInstance(kmfAlgorithm);
keyManagerFactory.init(keyStore,"mypassword");
//Create the SSLContext
SSLContext sslContext=SSLContext.getInstance("TLS");
sslContext.init(keyManagerFactory.getKeyManagers(), null, null);
return sslContext;
}
//Wrap all Exceptions in a RuntimeException.
catch(Exception e){
throw new RuntimeException(e);
}
}
};
I took a few shortcuts (not logging Exceptions, using several string constants, etc), but you can get the idea.
加载中,请稍侯......
精彩评论