[5]AMQP(高级消息队列协议) ----如何创建自己的SSLContext对象
2016-07-03 00:28
417 查看
在[4]AMQP(高级消息队列协议) ----改造QPID JMS-0.9 API 对 SSLContext的
支持(http://blog.csdn.net/chancein007/article/category/6294435)的一文中,提到了如何让QPID JMS 0.9 Java对自定义的SSLContext的支持,那么该如何测试呢?其实测试的核心就是如何创建SSLContext对象。
假设我们的KeyStore和TrustStore的相关证书都保存在了相应的JKS文件里面
String truststore_File_Path="D:/QpidSSL/clientts.jks";
String truststore_password="123456";
String keystore_File_Path="D:/QpidSSL/clientks.jks";
String keystore_Password="123456";
System.setProperty("javax.net.ssl.keyStore",keystore_File_Path);
System.setProperty("javax.net.ssl.keyStorePassword",keystore_Password);
System.setProperty("javax.net.ssl.trustStore",truststore_File_Path);
System.setProperty("javax.net.ssl.trustStorePassword",truststore_password);
那么该如何创建SSLContext的对象呢?
#1 首先大家来看一下客户端API的调用
String truststore_File_Path="D:/QpidSSL/clientts.jks";
String truststore_password="123456";
String keystore_File_Path="D:/QpidSSL/clientks.jks";
String keystore_Password="123456";
String aliasPassword="123456";
SSLFactory sslFactory=new SSLFactory(keystore_File_Path,keystore_Password,truststore_File_Path,truststore_password,aliasPassword);
try {
SSLContext sslContext=sslFactory.buildSSLContext();
CustomTransportSupport.mapSSLContext.put("amqps://stevenGu:5674", sslContext);
} catch (UnrecoverableKeyException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
} catch (KeyManagementException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
} catch (KeyStoreException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
} catch (NoSuchAlgorithmException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
} catch (CertificateException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
} catch (FileNotFoundException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
} catch (IOException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
}
#2 SSLFactory的代码如下
package com.test.amqp.ssl.sslcontext;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.util.Arrays;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
public class SSLFactory {
private String keystorePath;
private String keystorePassword;
private String trustStorePath;
private String trustStorePassword;
private String aliasPassword;
public SSLFactory(String keystorePath,String keystorePassword,String trustStorePath,String trustStorePassword,String aliasPassword){
this.keystorePath=keystorePath;
this.keystorePassword=keystorePassword;
this.trustStorePath=trustStorePath;
this.trustStorePassword=trustStorePassword;
this.aliasPassword=aliasPassword;
}
private SSLContext getSSLContext() throws NoSuchAlgorithmException {
SSLContext c = null;
// pick the first protocol available, preferring TLSv1.2, then TLSv1,
// falling back to SSLv3 if running on an ancient/crippled JDK
for(String proto : Arrays.asList("TLSv1.2", "TLSv1", "SSLv3")) {
try {
c = SSLContext.getInstance(proto);
return c;
} catch (NoSuchAlgorithmException x) {
// keep trying
}
}
throw new NoSuchAlgorithmException();
}
public SSLContext buildSSLContext() throws KeyStoreException, NoSuchAlgorithmException, CertificateException, FileNotFoundException,
IOException, UnrecoverableKeyException, KeyManagementException{
KeyStore ks = KeyStore.getInstance("JKS");
ks.load(new FileInputStream(keystorePath), keystorePassword.toCharArray());
KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
kmf.init(ks, aliasPassword.toCharArray());
KeyStore tks = KeyStore.getInstance("JKS");
tks.load(new FileInputStream(trustStorePath), trustStorePassword.toCharArray());
TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
tmf.init(tks);
SSLContext c = getSSLContext();
c.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
return c;
}
}
是不是瞬间感觉高大上了,原来我们自己也能获得SSLContext的对象了。
支持(http://blog.csdn.net/chancein007/article/category/6294435)的一文中,提到了如何让QPID JMS 0.9 Java对自定义的SSLContext的支持,那么该如何测试呢?其实测试的核心就是如何创建SSLContext对象。
假设我们的KeyStore和TrustStore的相关证书都保存在了相应的JKS文件里面
String truststore_File_Path="D:/QpidSSL/clientts.jks";
String truststore_password="123456";
String keystore_File_Path="D:/QpidSSL/clientks.jks";
String keystore_Password="123456";
System.setProperty("javax.net.ssl.keyStore",keystore_File_Path);
System.setProperty("javax.net.ssl.keyStorePassword",keystore_Password);
System.setProperty("javax.net.ssl.trustStore",truststore_File_Path);
System.setProperty("javax.net.ssl.trustStorePassword",truststore_password);
那么该如何创建SSLContext的对象呢?
#1 首先大家来看一下客户端API的调用
String truststore_File_Path="D:/QpidSSL/clientts.jks";
String truststore_password="123456";
String keystore_File_Path="D:/QpidSSL/clientks.jks";
String keystore_Password="123456";
String aliasPassword="123456";
SSLFactory sslFactory=new SSLFactory(keystore_File_Path,keystore_Password,truststore_File_Path,truststore_password,aliasPassword);
try {
SSLContext sslContext=sslFactory.buildSSLContext();
CustomTransportSupport.mapSSLContext.put("amqps://stevenGu:5674", sslContext);
} catch (UnrecoverableKeyException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
} catch (KeyManagementException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
} catch (KeyStoreException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
} catch (NoSuchAlgorithmException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
} catch (CertificateException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
} catch (FileNotFoundException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
} catch (IOException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
}
#2 SSLFactory的代码如下
package com.test.amqp.ssl.sslcontext;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.util.Arrays;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
public class SSLFactory {
private String keystorePath;
private String keystorePassword;
private String trustStorePath;
private String trustStorePassword;
private String aliasPassword;
public SSLFactory(String keystorePath,String keystorePassword,String trustStorePath,String trustStorePassword,String aliasPassword){
this.keystorePath=keystorePath;
this.keystorePassword=keystorePassword;
this.trustStorePath=trustStorePath;
this.trustStorePassword=trustStorePassword;
this.aliasPassword=aliasPassword;
}
private SSLContext getSSLContext() throws NoSuchAlgorithmException {
SSLContext c = null;
// pick the first protocol available, preferring TLSv1.2, then TLSv1,
// falling back to SSLv3 if running on an ancient/crippled JDK
for(String proto : Arrays.asList("TLSv1.2", "TLSv1", "SSLv3")) {
try {
c = SSLContext.getInstance(proto);
return c;
} catch (NoSuchAlgorithmException x) {
// keep trying
}
}
throw new NoSuchAlgorithmException();
}
public SSLContext buildSSLContext() throws KeyStoreException, NoSuchAlgorithmException, CertificateException, FileNotFoundException,
IOException, UnrecoverableKeyException, KeyManagementException{
KeyStore ks = KeyStore.getInstance("JKS");
ks.load(new FileInputStream(keystorePath), keystorePassword.toCharArray());
KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
kmf.init(ks, aliasPassword.toCharArray());
KeyStore tks = KeyStore.getInstance("JKS");
tks.load(new FileInputStream(trustStorePath), trustStorePassword.toCharArray());
TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
tmf.init(tks);
SSLContext c = getSSLContext();
c.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
return c;
}
}
是不是瞬间感觉高大上了,原来我们自己也能获得SSLContext的对象了。
相关文章推荐
- 访问Nginx发生SSL connection error的一种情况
- MySQL复制解决方案(Replication Solutions)
- Apache SSL服务器配置SSL详解
- 配置apache默认使用ssl的方法
- World Wide Web Publishing 服务尝试删除 IIS 所有的 SSL 配置数据失败的几种方法
- Apache、SSL、MySQL和PHP平滑无缝地安装
- mysql通过ssl的方式生成秘钥具体生成步骤
- windows服务器中检测PHP SSL是否开启以及开启SSL的方法
- python简单实现基于SSL的IRC bot实例
- Tomcat ssl报错Connector attribute SSLCertificateFile must be defined when using SSL with APR解决方法
- PHP实现支持SSL连接的SMTP邮件发送类
- 在Apache服务器上安装SSL支持的教程
- MySQL基于SSL协议进行主从复制的详细操作教程
- 提高NodeJS中SSL服务的性能
- PHP下SSL加密解密、验证、签名方法(很简单)
- LNMP系列教程之 SSL安装WordPress博客(程序下载与安装)
- IIS7下配置SSL的方法分析