java - 没有可用的客户端私钥
问题描述
我正在编写必须使用需要客户端证书进行身份验证的 Web 服务的客户端代码。
代码:
String KEYSTOREPATH = "C:\\jks\\client.p12";
String KEYPASS = "password";
SSLContext sslContext = SSLContexts.custom()
.loadKeyMaterial(
new File("C:\\jks\\client.p12"),
KEYPASS.toCharArray(), KEYPASS.toCharArray(),
(PrivateKeyStrategy) (aliases, socket) -> "client")
.loadTrustMaterial(new File(KEYSTOREPATH), KEYPASS.toCharArray(), (chain, authType) -> true).build();
// Allow TLSv1 protocol only
SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(
sslContext,
new String[] { "TLSv1.2" },
null,
SSLConnectionSocketFactory.getDefaultHostnameVerifier());
CloseableHttpClient httpclient = HttpClients.custom()
.setSSLSocketFactory(sslsf)
.build();
try {
HttpGet httpget = new HttpGet("https://localhost:8443/test");
System.out.println("Executing request " + httpget.getRequestLine());
CloseableHttpResponse response = httpclient.execute(httpget);
try {
HttpEntity entity = response.getEntity();
System.out.println("----------------------------------------");
System.out.println(response.getStatusLine());
EntityUtils.consume(entity);
} finally {
response.close();
}
} finally {
httpclient.close();
}
错误:
javax.net.ssl|DEBUG|01|main|2019-06-29 19:29:33.244 IST|SunX509KeyManagerImpl.java:401|matching alias: 1
javax.net.ssl|WARNING|01|main|2019-06-29 19:29:33.245 IST|CertificateRequest.java:699|No available client private key
javax.net.ssl|DEBUG|01|main|2019-06-29 19:29:33.246 IST|ServerHelloDone.java:142|Consuming ServerHelloDone handshake message (
<empty>
)
javax.net.ssl|DEBUG|01|main|2019-06-29 19:29:33.246 IST|CertificateMessage.java:291|No X.509 certificate for client authentication, use empty Certificate message instead
javax.net.ssl|DEBUG|01|main|2019-06-29 19:29:33.247 IST|CertificateMessage.java:322|Produced client Certificate handshake message (
"Certificates": <empty list>
)
生成p12文件的命令
openssl pkcs12 -export -out client.p12 -inkey client.key.pem -in client.cert.pem
为什么无法从 client.p12 文件中找到客户端证书?我在这里缺少什么?
解决方案
推荐阅读
- javascript - 如何在 php 端回显来自 javascript 的发布数据以进行开发?
- python - 用于文档的 Python 接口
- java - 如何退出 switch 语句并返回到 While 循环?
- node.js - 异步功能适用于 Postman,但在测试时不适用
- c++ - 为什么 COM 指针参数转换为 void 而不是 IUnknown?
- javascript - 使用dottie js访问数组中的元素(使用索引)
- scala - 如何在 Scala 测试中检查“任一”结果?
- excel - 如何在单击弹出菜单(右键单击)上的“删除”之前获取值?
- repast-simphony - 是否可以使用服务器启动器可视化显示?
- delphi - 可以访问对象属性的Delphi 7 TListSortCompare