如何为两个不同的域存储密钥库

huangapple go评论84阅读模式
英文:

How to store KeyStore for 2 different domains

问题

以下是代码部分的中文翻译:

我想要以编程方式为两个不同的域存储密钥库以下是用于加载域 A 密钥库的代码我想要为域 B 进行同样的操作这两个密钥库将在同一个应用程序中使用

public static SSLContext createSSLContext() throws Exception{
    KeyStore clientStore = createKeyStore();
    KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
    kmf.init(clientStore, "password".toCharArray());
    KeyManager[] kms = kmf.getKeyManagers();
    SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
    sslContext.init(kms, null, new SecureRandom());

    return sslContext;
}

public static KeyStore createKeyStore() throws Exception{
    KeyStore clientStore = KeyStore.getInstance("PKCS12");
    try {
        clientStore.load(new ByteArrayInputStream("PKCS12 信息"), "password".toCharArray());
    } catch(Exception e){
        e.printStackTrace();
    }
    return clientStore;
}
英文:

I would like to store keystore for 2 different domains programatically. Below is the code to load keystore for domain A. I would like to do it for domain B. Both Keystore would be used in the same application.

public static SSLContext createSSLContext() throws Exception{
    KeyStore clientStore = createKeyStore();
    KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
    kmf.init(clientStore, "password".toCharArray());
    KeyManager[] kms = kmf.getKeyManagers();
    SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
    sslContext.init(kms, null, new SecureRandom());

    return sslContext;
}
public static KeyStore createKeyStore() throws Exception{
    KeyStore clientStore = KeyStore.getInstance("PKCS12");
    try {
        clientStore.load(new ByteArrayInputStream("PKCS12 info"), "password".toCharArray());

    } catch(Exception e){
        e.printStackTrace();
    }
    return clientStore;
}

答案1

得分: 0

如dave-thompson-085所提到的,我缺少TrustStore密钥。以下帖子中的片段对我有帮助。
https://stackoverflow.com/questions/18889058/programmatically-import-ca-trust-cert-into-existing-keystore-file-without-using

英文:

As dave-thompson-085 mentioned, I was missing TrustStore keys. Snippet from following post was helpful.
https://stackoverflow.com/questions/18889058/programmatically-import-ca-trust-cert-into-existing-keystore-file-without-using

huangapple
  • 本文由 发表于 2020年10月22日 09:02:04
  • 转载请务必保留本文链接:https://go.coder-hub.com/64473774.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定