gpt4 book ai didi

java | Apache Tomcat 9 |从内存中读取 keystore

转载 作者:行者123 更新时间:2023-12-04 22:38:41 27 4
gpt4 key购买 nike

Apache Tomcat 9 (Java) 中是否有一种方法可以从变量中读取用于 SSL 加密的 keystore ,这意味着无需将 keystore 保存到文件然后将文件路径指定为属性?
目前,我将 keystore 传递给 Apache,如下所示:

Connector connector = new Connector();
connector.setScheme("https");
connector.setProperty("keyAlias", "alias-test");
connector.setProperty("keystorePass", "testpwd");
connector.setProperty("keystoreType", "PKCS12");
connector.setProperty("keystoreFile", "keystore.pfx");

最佳答案

使用已配置的 KeyStore您需要使用适当的 setter 方法,从 Tomcat 8.5 开始,这些方法是:

  • SSLHostConfig#setTrustStore 对于受信任的证书,
  • SSLHostConfigCertificate#setCertificateKeyStore 用于包含服务器证书的 keystore 。

  • 总结起来是这样的:
           final KeyStore trustStore = ...
    final KeyStore keyStore = ...
    // Certificate
    final SSLHostConfigCertificate certificate = new SSLHostConfigCertificate();
    certificate.setCertificateKeystore(keyStore);
    certificate.setCertificateKeyAlias("mykey");
    certificate.setCertificateKeyPassword("secret");
    // Host SSL configuration
    final SSLHostConfig sslHostConfig = new SSLHostConfig();
    sslHostConfig.setTrustStore(trustStore);
    sslHostConfig.addCertificate(certificate);
    // Connector
    final Connector connector = new Connector();
    connector.setScheme("https");
    connector.setSecure(true);
    connector.addSslHostConfig(sslHostConfig);
    connector.setProperty("SSLEnabled", "true");

    关于 java | Apache Tomcat 9 |从内存中读取 keystore ,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/67998822/

    27 4 0
    Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
    广告合作:1813099741@qq.com 6ren.com