时间戳

首页 > 解决方案 > 在 SpringBoot 中覆盖默认的 X509TrustManager

java - 在 SpringBoot 中覆盖默认的 X509TrustManager

问题描述

我正在尝试将我的 DummyX509TrustManager 与 Springboot 一起使用。

为此,我编写了以下类:

@Configuration
public class DummyComponent {

@PostConstruct
public void sslContextConfiguration() {
    try {
        SSLContext sslContext = SSLContext.getInstance("TLS");
        sslContext.init(null, new TrustManager[] { new DummyTrustManager() }, null);
        SSLContext.setDefault(sslContext);
    } catch (Exception e) {
        e.printStackTrace();
    }
}

似乎这对我的代码没有任何影响,因为它使用了默认的 X509TrustManagerImpl。也许我必须以另一种方式覆盖它?

解决方案:

@Configuration
public class MyConfig {

    @Bean
    public TomcatServletWebServerFactory containerFactory() {
        TomcatServletWebServerFactory  tomcat = new TomcatServletWebServerFactory ();
        tomcat.addAdditionalTomcatConnectors(createSslConnector());
        return tomcat;
    }

    private Connector createSslConnector() {
        Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
        Http11NioProtocol protocol = (Http11NioProtocol) connector.getProtocolHandler();
        try {
            File keystore = new ClassPathResource(keystorepath).getFile();
            File truststore = new ClassPathResource(truststorepath).getFile();
            connector.setScheme("https");
            connector.setSecure(true);
            connector.setPort(port);

            protocol.setKeystoreFile(keystore.getAbsolutePath());
            protocol.setKeystorePass(keystorepassw);
            protocol.setKeyAlias(keystorealias);
            protocol.setSSLEnabled(true);

            protocol.setTruststoreFile(truststore.getAbsolutePath());
            protocol.setTruststorePass(truststorepassw);
            protocol.setClientAuth(Boolean.TRUE.toString());

            protocol.setTrustManagerClassName("pakage.DummyTrustManager");

            return connector;
        } catch (IOException ex) {
            throw new IllegalStateException("can't access keystore: [" + "keystore"
                + "] or truststore: [" + "keystore" + "]", ex);
        }
    }
}

标签: javaspring-bootx509trustmanager

解决方案

推荐阅读