1、使用JDK自带的keytool生成一个keystore,这个keystore是服务端使用的
keytool -genkey -alias netty -keypass 123456 -keyalg RSA -keysize 1024 -validity 365 -keystore D:/test/netty.keystore -storepass 123456
2、新建一个安全工具类,用于返回一个SSLEngine
package com.hgsoft.gw.server.ssl; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import javax.net.ssl.KeyManagerFactory; import javax.net.ssl.SSLContext; import javax.net.ssl.SSLEngine; import java.security.KeyStore; import java.security.Security; /** * @description: SSL服务器端认证 * @author: PanNaiZhao * @DATE: 2018-05-02 上午 9:36 * @projectName: gateway */ public class HttpSslContextFactory { private static final Logger LOGGER = LoggerFactory.getLogger(HttpSslContextFactory.class); // private static final String PROTOCOL = "SSLv2"; private static final String PROTOCOL = "SSLv3";//客户端可以指明为SSLv3或者TLSv1.2 /**针对于服务器端配置*/ private static SSLContext sslContext = null;