时间戳

首页 > 解决方案 > Spring + maven + 自定义密钥库 = maven 构建错误

java - Spring + maven + 自定义密钥库 = maven 构建错误

问题描述

我在构建包含密钥库和信任库的 springboot 项目时遇到问题。我有一个单独的密钥库和信任库,用于与我的 mongo 副本 (x509) 进行通信。为此,我务实地生成了 ssl 上下文并将其传递给 MongoClient,这样就可以了。这是我启动 MongoClient 的地方(目前在 Application 主类中:

    @Value("${mongo.keyStore}")
    private String keyStore;
    @Value("${mongo.keyStorePassword}")
    private String keyStorePassword;
    @Value("${mongo.trustStore}")
    private String trustStore;
    @Value("${mongo.trustStorePassword}")
    private String trustStorePassword;
    @Value("${mongo.keyAlias}")
    private String keyAlias;
    @Value("${mongo.subject}")
    private String subject;

    @Bean
    public SSLContext mongoSSLContext() throws GeneralSecurityException, IOException {
        KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
        try (InputStream in = new FileInputStream(keyStore)) {
            keystore.load(in, keyStorePassword.toCharArray());
        }
        KeyManagerFactory keyManagerFactory =
                KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(keystore, keyStorePassword.toCharArray());

        KeyStore ts = KeyStore.getInstance(KeyStore.getDefaultType());
        try (InputStream in = new FileInputStream(trustStore)) {
            ts.load(in, trustStorePassword.toCharArray());
        }
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(ts);

        SSLContext sslContext = SSLContext.getInstance("TLS");
        sslContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), new SecureRandom());

        return sslContext;
    }

    @Bean
    public X509Certificate mongoClientCertificate() throws GeneralSecurityException, IOException {
        KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
        try (InputStream in = new FileInputStream(keyStore)) {
            keystore.load(in, keyStorePassword.toCharArray());
        }
        KeyManagerFactory keyManagerFactory =
                KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(keystore, keyStorePassword.toCharArray());
        X509KeyManager keyManager = (X509KeyManager) keyManagerFactory.getKeyManagers()[0];
        return keyManager.getCertificateChain(keyAlias)[0];
    }

    @Bean
    public MongoClientSettingsBuilderCustomizer mongoSslCustomizer(SSLContext mongoSSLContext) {
        return clientSettingsBuilder -> clientSettingsBuilder.applyToSslSettings(sslBuilder -> sslBuilder.context(mongoSSLContext));
    }

这是我的配置:

mongo:
    trustStore: ${PWD}/src/main/resources/keystore/ts.keystore
    trustStorePassword: <password>
    keyStore: ${PWD}/src/main/resources/keystore/ks.jks
    keyStorePassword: <password>
    keyAlias: <key-alias>
    subject: <subject>

密钥库和信任库位于 src/main/resources 中。目前应用程序正确启动。但是当我发出 时mvn clean package,我收到格式错误的输入错误,该错误来自密钥库和信任库文件。我试图从项目中删除它们并在安装时将它们放在其他地方,但它抱怨因为找不到文件。

我怀疑我没有正确执行此操作...有人可以帮忙吗?

谢谢!

标签: javamaven

解决方案

你能在你的 pom.xml 中试试这个吗?

<build>
    <resources>
        <resource>
            <directory>${project.basedir}/src/main/resources</directory>
            <filtering>true</filtering>
            <excludes>
                <exclude>**/*.keystore</exclude>
                <exclude>**/*.jks</exclude>
            </excludes>
        </resource>
        <resource>
            <directory>src/main/resources</directory>
            <filtering>false</filtering>
            <includes>
                <include>**/*.keystore</include>
                <include>**/*.jks</include>
            </includes>
        </resource>

    </resources>

推荐阅读