java - 在 SpringBoot 中覆盖默认的 X509TrustManager
问题描述
我正在尝试将我的 DummyX509TrustManager 与 Springboot 一起使用。
为此,我编写了以下类:
@Configuration
public class DummyComponent {
@PostConstruct
public void sslContextConfiguration() {
try {
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, new TrustManager[] { new DummyTrustManager() }, null);
SSLContext.setDefault(sslContext);
} catch (Exception e) {
e.printStackTrace();
}
}
似乎这对我的代码没有任何影响,因为它使用了默认的 X509TrustManagerImpl。也许我必须以另一种方式覆盖它?
解决方案:
@Configuration
public class MyConfig {
@Bean
public TomcatServletWebServerFactory containerFactory() {
TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory ();
tomcat.addAdditionalTomcatConnectors(createSslConnector());
return tomcat;
}
private Connector createSslConnector() {
Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
Http11NioProtocol protocol = (Http11NioProtocol) connector.getProtocolHandler();
try {
File keystore = new ClassPathResource(keystorepath).getFile();
File truststore = new ClassPathResource(truststorepath).getFile();
connector.setScheme("https");
connector.setSecure(true);
connector.setPort(port);
protocol.setKeystoreFile(keystore.getAbsolutePath());
protocol.setKeystorePass(keystorepassw);
protocol.setKeyAlias(keystorealias);
protocol.setSSLEnabled(true);
protocol.setTruststoreFile(truststore.getAbsolutePath());
protocol.setTruststorePass(truststorepassw);
protocol.setClientAuth(Boolean.TRUE.toString());
protocol.setTrustManagerClassName("pakage.DummyTrustManager");
return connector;
} catch (IOException ex) {
throw new IllegalStateException("can't access keystore: [" + "keystore"
+ "] or truststore: [" + "keystore" + "]", ex);
}
}
}
解决方案
推荐阅读
- python - 字典仅从第二个键和值开始打印?
- flutter - 当用户返回主屏幕时关闭侧抽屉(颤振)
- php - laravel irazasyed/telegram-bot-sdk
- c# - 多态反序列化到派生类列表 - System.Text.Json.JsonConverter
- laravel - Laravel Voyager:面包项目的访问控制
- c# - 处理作用域方法
- pdf - 如何在 mpdf 库的源 pdf 文件中写入文本?
- c# - 无法在 .Net 核心中运行 Grpc 解决方案
- java - 将参数传递给 makefile
- openedge - 如何使用 OpenEdge 调试器比较查询文本和缓冲区列表?