java SSL证书请求（需要处理器链 chain.pem和私钥privateKey.key）

最新推荐文章于 2023-04-07 17:18:41 发布

月夜流心

最新推荐文章于 2023-04-07 17:18:41 发布

阅读量766

点赞数

分类专栏： java openSSL 文章标签： spring boot restTemplate SSL请求JKS

本文链接：https://blog.csdn.net/qq_33883147/article/details/128285613

版权

java 同时被 2 个专栏收录

11 篇文章 0 订阅

订阅专栏

openSSL

1 篇文章 0 订阅

订阅专栏

首先安装openSSL环境，linux或者windows都可以

转换为JKS文件

openssl pkcs12 -export -inkey testPrivateKey.key -in test.chain.pem -name test -out test.p12

keytool -importkeystore -srckeystore test.p12 -srcstoretype pkcs12 -destkeystore test.jks

以上过程中需要输入一个或者多个密码，都用同一个，密码随便定义，下面要用
放入项目路径下resource/keystore/test.jks
不存在keystore文件夹手动建一下

java restTemplate 类

package com.xxl.job.executor.insight.config;

import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.security.KeyManagementException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

import javax.net.ssl.SSLContext;

import org.apache.http.client.HttpClient;
import org.apache.http.conn.ssl.TrustStrategy;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.ssl.SSLContextBuilder;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.io.ClassPathResource;
import org.springframework.http.client.ClientHttpRequestFactory;
import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
import org.springframework.http.converter.StringHttpMessageConverter;
import org.springframework.web.client.RestTemplate;

/**
 *
 * @author Alfred Geng
 * @create 2022/11/28
 */
@Configuration
public class MySSLRestTemplate {
	
	private Logger log = LoggerFactory.getLogger(getClass());

//注入yml的密码，即上面生成文件时候输入的密码
	@Value("${ssl.password}")
	private String allPassword;
	
    @Bean()
    public RestTemplate restTemplate(ClientHttpRequestFactory httpComponentsClientHttpRequestFactory) {
        RestTemplate restTemplate = new RestTemplate(httpComponentsClientHttpRequestFactory);
        restTemplate.getMessageConverters().set(1, new StringHttpMessageConverter(StandardCharsets.UTF_8));
        log.info("loading restTemplate");
        return restTemplate;
    }

    @Bean("httpComponentsClientHttpRequestFactory")
    public ClientHttpRequestFactory httpComponentsClientHttpRequestFactory() throws IOException, UnrecoverableKeyException, CertificateException, NoSuchAlgorithmException, KeyStoreException, KeyManagementException {
        TrustStrategy acceptingTrustStrategy = (X509Certificate[] chain, String authType) -> true;
        SSLContext sslContext = SSLContextBuilder
                .create()
                .loadKeyMaterial(new ClassPathResource("keystore/test.jks").getURL(),//这里需要指定jks文件地址
                        allPassword.toCharArray(), allPassword.toCharArray())
//                .loadTrustMaterial(new ClassPathResource("clientTruststore.jks").getURL(), allPassword.toCharArray())
                .loadTrustMaterial(null, acceptingTrustStrategy)
                .build();
        HttpClient client = HttpClients.custom()
                .setSSLContext(sslContext)
                .build();
        HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory(client);
        return requestFactory;
    }
}