我正在尝试创建一个SSL套接字工厂,该工厂使用TSLv1.2协议执行握手。
到目前为止我所拥有的[更新1/18]:
SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
ServerSocketFactory sf = SSLServerSocketFactory.getDefault();
KeyManager[] km = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()).getKeyManagers();
TrustManager[] tm = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()).getTrustManagers();
SecureRandom random = new SecureRandom();
sslContext.init(km, tm, random);
requestContext.put(BindingProviderProperties.SSL_SOCKET_FACTORY, sslContext.getSocketFactory());
我希望从SSLServerSocketFactory.getDefault()中获取KeyManager、TrustManager和SecureDrandom对象,但没有getter
还有别的地方我可以把这个拿出来吗?还是更有效的方法?
我不想手动创建密钥和信任管理器,以避免系统特定配置的需要。
完整参考方法:
public MyOutBoundClientWSImpl(URL wsdlUrl){
super(wsdlUrl, serviceName);
this.wsUrl=wsdlUrl;
this.mService = this.getMySoapHttpPort();
Map<String, Object> requestContext = ((BindingProvider)mService).getRequestContext();
requestContext.put(BindingProviderProperties.REQUEST_TIMEOUT, REQUEST_TIMEOUT); // Timeout in millis
requestContext.put(BindingProviderProperties.CONNECT_TIMEOUT, CONNECT_TIMEOUT); // Timeout in millis
try {
SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
ServerSocketFactory sf = SSLServerSocketFactory.getDefault();
KeyManager[] km = ??;
TrustManager[] tm = ??;
SecureRandom random = ??;
sslContext.init(km, tm, random);
requestContext.put(BindingProviderProperties.SSL_SOCKET_FACTORY, sslContext.getSocketFactory());
} catch (NoSuchAlgorithmException e) {
throw new IllegalArgumentException(e.getMessage(), e);
}
}
查看官方文档:
https://docs.oracle.com/javase/7/docs/api/javax/net/ssl/SSLContext.html
public final void init(KeyManager[] km,
TrustManager[] tm,
SecureRandom random)
throws KeyManagementException
初始化此上下文。前两个参数中的任一个可以是null,在这种情况下将搜索已安装的安全提供程序以实现适当工厂的最高优先级。同样,安全随机参数可以为空,在这种情况下将使用默认实现。
事实证明,这很容易做到,只需将所有null传递给init方法即可。
public MyOutBoundClientWSImpl(URL wsdlUrl){
super(wsdlUrl, serviceName);
this.wsUrl=wsdlUrl;
this.mService = this.getMySoapHttpPort();
Map<String, Object> requestContext = ((BindingProvider)mService).getRequestContext();
requestContext.put(BindingProviderProperties.REQUEST_TIMEOUT, REQUEST_TIMEOUT); // Timeout in millis
requestContext.put(BindingProviderProperties.CONNECT_TIMEOUT, CONNECT_TIMEOUT); // Timeout in millis
try {
SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
KeyManager[] km = null;
TrustManager[] tm = null;
SecureRandom random = null;
sslContext.init(km, tm, random);
requestContext.put(BindingProviderProperties.SSL_SOCKET_FACTORY, sslContext.getSocketFactory());
} catch (NoSuchAlgorithmException e) {
throw new IllegalArgumentException(e.getMessage(), e);
}
}