When using a custom X509KeyManager Java is not able to determine a matching cipher suite for the SSL handshake
I\'m working with Java7 and JAX-WS 2.2.
For a SOAP web service I need to create a custom X509KeyManager in order to find the correct certificate for eac
-
It appears that you don't read keyfile anywhere in the code snippet. This is the reason of SSL_NULL_WITH_NULL_NULL. I suggest you implement
X509KeyManagerand read the file in constructor, so it can be used letter to select appropriate key. Something down this line (not all required methods depicted for the sake of short answer):public class CustomX509KeyManager implements X509KeyManager { private final KeyStore keyStore; private final String alias; private final char[] password; public CustomX509KeyManager(final String keyStoreFile, final char[] password, final String alias) throws IOException, GeneralSecurityException { this.alias = alias; this.password = password; synchronized(keyStoreFile) { InputStream stream = new FileInputStream(keyStoreFile); keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); keyStore.load(stream, password); stream.close(); } } @Override public PrivateKey getPrivateKey(String alias) { try { return (PrivateKey) keyStore.getKey(alias, password); } catch (Exception e) { e.printStackTrace(); return null; } } @Override public X509Certificate[] getCertificateChain(String alias) { try { java.security.cert.Certificate[] certs = keyStore.getCertificateChain(alias); if (certs == null || certs.length == 0) return null; X509Certificate[] x509 = new X509Certificate[certs.length]; for (int i = 0; i < certs.length; i++) x509[i] = (X509Certificate)certs[i]; return x509; } catch (Exception e) { e.printStackTrace(); return null; } } }and then use it like
sslContext.init(new X509KeyManager[] { new CustomX509KeyManager(keyStoreFile, keyStorePass.toCharArray(), alias) }, null, null);
加载中...
- 热议问题