默认SSL上下文初始化失败：空

Question

创建SSL服务器时，我得到以下异常：Default SSL context init failed: null。它似乎来自它找不到密钥库和信任库的事实。我尝试从jar文件中设置它们。该文件存在于jar中，但似乎无法找到该资源。

String keystore = TestFramework.class.getResource("/security/keystore.jks").getFile(); 
System.setProperty("javax.net.ssl.keyStore", keystore); 
System.setProperty("javax.net.ssl.keyStorePassword", password); 
String truststore = TestFramework.class.getResource("/security/truststore").getFile(); 
System.setProperty("javax.net.ssl.trustStore", truststore); 
System.setProperty("javax.net.ssl.trustStorePassword", "ebxmlrr"); 

我运行了一个ls命令来检查文件是否存在。它存在。然后通过运行命令jar -tf myjar.jar | grep security来检查keystore.jks是否存在，它是否存在。

security/ 
security/keystore.jks 
security/truststore 

我的应用程序在Tomcat下运行。

Answer 1

不起作用的原因是这些系统属性期望在实际文件系统上存在文件，而不是在存档中。你会更好使用这些密钥库和trustore流创建自己的SSLContext：

KeyStore keyStore = KeyStore.getInstance("jks"); 
keyStore.load(TestFramework.class.getResourceAsStream("/security/keystore.jks"), password.toCharArray()); 
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509"); 
keyManagerFactory.init(keyStore, password.toCharArray()); 

KeyStore trustStore = KeyStore.getInstance("jks"); 
trustStore.load(TestFramework.class.getResourceAsStream("/security/truststore"), "ebxmlrr".toCharArray()); 
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("SunX509"); 
trustManagerFactory.init(trustStore); 

SSLContext context = SSLContext.getInstance("SSL"); 
context.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), new SecureRandom()); 

... 

HttpsURLConnection urlConnection = (HttpsURLConnection) url.openConnection(); 
urlConnection.setSSLSocketFactory(context.getSocketFactory());