我想在
Java服务器应用程序中打开一个安全的侦听套接字.我知道建议的方法就是这样做:
SSLServerSocketFactory ssf = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault();
ServerSocket ss = ssf.createServerSocket(443);
但这需要在启动java时将服务器的证书传递给JVM.因为这会使部署中的某些事情对我来说更复杂,我宁愿在运行时加载证书.
所以我有一个密钥文件和密码,我想要一个服务器套接字.我如何到达那里?好吧,我阅读了文档,我能找到的唯一方法是:
// these are my parameters for SSL encryption
char[] keyPassword = "P@ssw0rd!".toCharArray();
FileInputStream keyFile = new FileInputStream("ssl.key");
// init keystore
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(keyFile, keyPassword);
// init KeyManagerFactory
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyManagerFactory.init(keyStore, keyPassword);
// init KeyManager
KeyManager keyManagers[] = keyManagerFactory.getKeyManagers();
// init the SSL context
SSLContext sslContext = SSLContext.getDefault();
sslContext.init(keyManagers, null, new SecureRandom());
// get the socket factory
SSLServerSocketFactory socketFactory = sslContext.getServerSocketFactory();
// and finally, get the socket
ServerSocket serverSocket = socketFactory.createServerSocket(443);
而且甚至没有任何错误处理.真的那么复杂吗?是不是有更容易的方法呢?