带有客户端证书的嵌入式Jetty [英] Embedded Jetty with client certificates

问题描述

我想创建嵌入式https服务器，要求客户端提供证书，我使用的是：
http://www.smartjava.org/content/embedded-jetty-client-certificates

I want to create embedded https server that required the clients to present a certificate and I am using this: http://www.smartjava.org/content/embedded-jetty-client-certificates

现在我的问题这是我如何为我的代码提供密钥库和信任库文件，因为我的码头是emedded。
我的意思是代码中的这些行：

Now my question is that how can I provide keystore and truststore file for my code given that my jetty is emedded. I mean these lines in the code:

// the keystore (with one key) we'll use to make the connection with the
    // broker
    private final static String KEYSTORE_LOCATION = "src/main/resources/client_keystore.jks";
    private final static String KEYSTORE_PASS = "secret";

    // the truststore we use for our server. This keystore should contain all the keys
    // that are allowed to make a connection to the server
    private final static String TRUSTSTORE_LOCATION = "src/main/resources/truststore.jks";
    private final static String TRUSTSTORE_PASS = "secret";

谢谢

推荐答案

有很多关于Jetty嵌入式使用的例子 github.com/eclipse/jetty.project

There are numerous examples of Jetty embedded use on github.com/eclipse/jetty.project

示例： LikeJettyXml.java - Jetty 8，没有使用XML，设置SSL连接器。

Example: LikeJettyXml.java - Jetty 8, with no XML used, setting up an SSL connector.

    SslSelectChannelConnector ssl_connector = new SslSelectChannelConnector();
    ssl_connector.setPort(8443);
    SslContextFactory cf = ssl_connector.getSslContextFactory();
    cf.setKeyStorePath(jetty_home + "/etc/keystore");
    cf.setKeyStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4");
    cf.setKeyManagerPassword("OBF:1u2u1wml1z7s1z7a1wnl1u2g");
    cf.setTrustStore(jetty_home + "/etc/keystore");
    cf.setTrustStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4");
    cf.setExcludeCipherSuites(
            new String[] {
                "SSL_RSA_WITH_DES_CBC_SHA",
                "SSL_DHE_RSA_WITH_DES_CBC_SHA",
                "SSL_DHE_DSS_WITH_DES_CBC_SHA",
                "SSL_RSA_EXPORT_WITH_RC4_40_MD5",
                "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA",
                "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA",
                "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA"
            });
    ssl_connector.setStatsOn(false);
    server.addConnector(ssl_connector);
    ssl_connector.open();

    SslSocketConnector ssl2_connector = new SslSocketConnector(cf);
    ssl2_connector.setPort(8444);
    ssl2_connector.setStatsOn(false);
    server.addConnector(ssl2_connector);
    ssl2_connector.open();

这篇关于带有客户端证书的嵌入式Jetty的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！