[置顶] [5]AMQP(高级消息队列协议) ----如何创建自己的SSLContext对象

标签: AMQPQPIDSSLContextSSLJKS
1012人阅读 评论(0) 收藏 举报
分类:

[4]AMQP(高级消息队列协议) ----改造QPID JMS-0.9 API 对 SSLContext的 支持(http://blog.csdn.net/chancein007/article/category/6294435)的一文中,提到了如何让QPID JMS 0.9 Java对自定义的SSLContext的支持,那么该如何测试呢?其实测试的核心就是如何创建SSLContext对象。

假设我们的KeyStore和TrustStore的相关证书都保存在了相应的JKS文件里面

String truststore_File_Path="D:/QpidSSL/clientts.jks";  
String truststore_password="123456";  
String keystore_File_Path="D:/QpidSSL/clientks.jks";  
String keystore_Password="123456";  
System.setProperty("javax.net.ssl.keyStore",keystore_File_Path);   
System.setProperty("javax.net.ssl.keyStorePassword",keystore_Password);   
System.setProperty("javax.net.ssl.trustStore",truststore_File_Path);   
System.setProperty("javax.net.ssl.trustStorePassword",truststore_password);  

那么该如何创建SSLContext的对象呢?

#1 首先大家来看一下客户端API的调用

                String truststore_File_Path="D:/QpidSSL/clientts.jks";
		String truststore_password="123456";
		String keystore_File_Path="D:/QpidSSL/clientks.jks";
		String keystore_Password="123456";
		String  aliasPassword="123456";
		SSLFactory sslFactory=new SSLFactory(keystore_File_Path,keystore_Password,truststore_File_Path,truststore_password,aliasPassword);
		try {
			SSLContext sslContext=sslFactory.buildSSLContext();
			CustomTransportSupport.mapSSLContext.put("amqps://stevenGu:5674", sslContext);
		} catch (UnrecoverableKeyException e1) {
			// TODO Auto-generated catch block
			e1.printStackTrace();
		} catch (KeyManagementException e1) {
			// TODO Auto-generated catch block
			e1.printStackTrace();
		} catch (KeyStoreException e1) {
			// TODO Auto-generated catch block
			e1.printStackTrace();
		} catch (NoSuchAlgorithmException e1) {
			// TODO Auto-generated catch block
			e1.printStackTrace();
		} catch (CertificateException e1) {
			// TODO Auto-generated catch block
			e1.printStackTrace();
		} catch (FileNotFoundException e1) {
			// TODO Auto-generated catch block
			e1.printStackTrace();
		} catch (IOException e1) {
			// TODO Auto-generated catch block
			e1.printStackTrace();
		}

#2 SSLFactory的代码如下

package com.test.amqp.ssl.sslcontext;

import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.util.Arrays;

import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;

public class SSLFactory {
	private String keystorePath;
	private String keystorePassword;
	private String trustStorePath;
	private String trustStorePassword;
	private String aliasPassword;
	public SSLFactory(String keystorePath,String keystorePassword,String trustStorePath,String trustStorePassword,String aliasPassword){
		this.keystorePath=keystorePath;
		this.keystorePassword=keystorePassword;
		this.trustStorePath=trustStorePath;
		this.trustStorePassword=trustStorePassword;
		this.aliasPassword=aliasPassword;
	}
	private SSLContext getSSLContext() throws NoSuchAlgorithmException {
        SSLContext c = null;

        // pick the first protocol available, preferring TLSv1.2, then TLSv1,
        // falling back to SSLv3 if running on an ancient/crippled JDK
        for(String proto : Arrays.asList("TLSv1.2", "TLSv1", "SSLv3")) {
            try {
                c = SSLContext.getInstance(proto);
                return c;
            } catch (NoSuchAlgorithmException x) {
                // keep trying
            }
        }
        throw new NoSuchAlgorithmException();
    }
	public SSLContext buildSSLContext() throws KeyStoreException, NoSuchAlgorithmException, CertificateException, FileNotFoundException, 
	IOException, UnrecoverableKeyException, KeyManagementException{
		
		 KeyStore ks = KeyStore.getInstance("JKS");
         ks.load(new FileInputStream(keystorePath), keystorePassword.toCharArray());
         KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
         kmf.init(ks, aliasPassword.toCharArray());
		
		 KeyStore tks = KeyStore.getInstance("JKS");
         tks.load(new FileInputStream(trustStorePath), trustStorePassword.toCharArray());
         TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
         tmf.init(tks);
         
         SSLContext c = getSSLContext();
         c.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
         
         return c;
	}
}

是不是瞬间感觉高大上了,原来我们自己也能获得SSLContext的对象了。


0
0

查看评论
* 以上用户言论只代表其个人观点,不代表CSDN网站的观点或立场
    个人资料
    • 访问:385433次
    • 积分:6342
    • 等级:
    • 排名:第4069名
    • 原创:228篇
    • 转载:0篇
    • 译文:5篇
    • 评论:157条
    博客专栏