java - Spring + maven + 自定义密钥库 = maven 构建错误
问题描述
我在构建包含密钥库和信任库的 springboot 项目时遇到问题。我有一个单独的密钥库和信任库,用于与我的 mongo 副本 (x509) 进行通信。为此,我务实地生成了 ssl 上下文并将其传递给 MongoClient,这样就可以了。这是我启动 MongoClient 的地方(目前在 Application 主类中:
@Value("${mongo.keyStore}")
private String keyStore;
@Value("${mongo.keyStorePassword}")
private String keyStorePassword;
@Value("${mongo.trustStore}")
private String trustStore;
@Value("${mongo.trustStorePassword}")
private String trustStorePassword;
@Value("${mongo.keyAlias}")
private String keyAlias;
@Value("${mongo.subject}")
private String subject;
@Bean
public SSLContext mongoSSLContext() throws GeneralSecurityException, IOException {
KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
try (InputStream in = new FileInputStream(keyStore)) {
keystore.load(in, keyStorePassword.toCharArray());
}
KeyManagerFactory keyManagerFactory =
KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyManagerFactory.init(keystore, keyStorePassword.toCharArray());
KeyStore ts = KeyStore.getInstance(KeyStore.getDefaultType());
try (InputStream in = new FileInputStream(trustStore)) {
ts.load(in, trustStorePassword.toCharArray());
}
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(ts);
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), new SecureRandom());
return sslContext;
}
@Bean
public X509Certificate mongoClientCertificate() throws GeneralSecurityException, IOException {
KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
try (InputStream in = new FileInputStream(keyStore)) {
keystore.load(in, keyStorePassword.toCharArray());
}
KeyManagerFactory keyManagerFactory =
KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyManagerFactory.init(keystore, keyStorePassword.toCharArray());
X509KeyManager keyManager = (X509KeyManager) keyManagerFactory.getKeyManagers()[0];
return keyManager.getCertificateChain(keyAlias)[0];
}
@Bean
public MongoClientSettingsBuilderCustomizer mongoSslCustomizer(SSLContext mongoSSLContext) {
return clientSettingsBuilder -> clientSettingsBuilder.applyToSslSettings(sslBuilder -> sslBuilder.context(mongoSSLContext));
}
这是我的配置:
mongo:
trustStore: ${PWD}/src/main/resources/keystore/ts.keystore
trustStorePassword: <password>
keyStore: ${PWD}/src/main/resources/keystore/ks.jks
keyStorePassword: <password>
keyAlias: <key-alias>
subject: <subject>
密钥库和信任库位于 src/main/resources 中。目前应用程序正确启动。但是当我发出 时mvn clean package
,我收到格式错误的输入错误,该错误来自密钥库和信任库文件。我试图从项目中删除它们并在安装时将它们放在其他地方,但它抱怨因为找不到文件。
我怀疑我没有正确执行此操作...有人可以帮忙吗?
谢谢!
解决方案
你能在你的 pom.xml 中试试这个吗?
<build>
<resources>
<resource>
<directory>${project.basedir}/src/main/resources</directory>
<filtering>true</filtering>
<excludes>
<exclude>**/*.keystore</exclude>
<exclude>**/*.jks</exclude>
</excludes>
</resource>
<resource>
<directory>src/main/resources</directory>
<filtering>false</filtering>
<includes>
<include>**/*.keystore</include>
<include>**/*.jks</include>
</includes>
</resource>
</resources>
推荐阅读
- flutter - 如何解密通过 VideoPlayer.network() 加载的字节
- angular - Angular - 将评分值显示为星星
- sql - SQL:为组选择最大值
- python - 从另一个文件导入类在工作时会出错,而在不工作时不会出错
- c# - 使用 c# 将数据摄取到 kusto 数据库
- javascript - 如何让用户定义的方法在 for in 语句中不被识字
- php - 在数组内添加数组数组
- ts-jest - Playwright-test VS jest-playwright-preset 的优缺点是什么
- pyspark - 解决 Glue 数据框的选择不起作用
- performance - 在 Jelastic 上的 Wildfly 服务器上进行服务器负载测试时出现 503 错误