本文探讨如何在Java中建立SSL/TLS连接到使用自签名证书的服务器,强调证书在运行时加载,而非安装在系统的信任存储库中。作者提到已成功使用Node.js实现该功能,但寻找等效的Java代码遇到困难,倾向于不依赖外部库的内置Java解决方案。
Searching the internet has proved overly-complicated for this particular question. Perhaps you can point me in the right direction?
I have set up an SSL/TLS server (not HTTPS) with a self-signed certificate. I have successfully connected to it and tested using Node.JS
var sock = tls.connect({
host:'127.0.0.1',
port:443,
servername:'foobar',
ca: fs.readFileSync('foobar-cert.pem')
}, function () {
if(sock.authorized)
console.log('secure connection - yea!')
else
console.log('Not Secure because ' + sock.authorizationError)
})
But I can't seem to find equivalent sample code in Java.
How can I connect to a TLS server in Java, using a self-signed certificate file for server authentication? The self-signed certificate would be loaded at run-time, and not installed into the computer's shared CA file.
The best answer I have found so far requires an external library. This is my last resort, because I am sure that Java would have what I need built in and I wouldn't need an external library at all.
Edit: Thanks for your quick response on re-opening the question.
Edit: I see my question was closed as duplicate of telling java to accept self-signed ssl certificate. This is not correct as my question has extra requirements, which I stated above:
Suggestion: "the certificate...import it in your JVM truststore"
My requirement "self-signed certificate ... not installed into the computer's shared CA file"
Suggestion: "Disable Certificate Validation" (not recommended)
My requirement "self-signed certificate would be loaded at run-time" (and used for server validation)
Suggestion: "import that into your truststore using the keytool"
My requirement "self-signed certificate ... not installed into the computer's shared CA file"
扫一扫
1160
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
