对于服务器:
SSLContext ssl = SSLContext.getInstance("TLS");KeyManagerFactory keyFactory = KeyManagerFactory .getInstance(KeyManagerFactory.getDefaultAlgorithm());KeyStore store = KeyStore.getInstance("JKS");store.load(new FileInputStream(keystoreFile),keyPass.toCharArray());keyFactory.init(store, keyPass.toCharArray());TrustManagerFactory trustFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());trustFactory.init(store);ssl.init(keyFactory.getKeyManagers(),trustFactory.getTrustManagers(), new SecureRandom());HttpsConfigurator configurator = new HttpsConfigurator(ssl);HttpsServer httpsServer = HttpsServer.create(new InetSocketAddress(hostname, port), port);httpsServer.setHttpsConfigurator(configurator);HttpContext httpContext = httpsServer.createContext(uri);httpsServer.start();endpoint.publish(httpContext);对于客户,请确保您执行以下操作:
System.setProperty("javax.net.ssl.trustStore", "path");System.setProperty("javax.net.ssl.keyStore", "password");System.setProperty("javax.net.ssl.keyStorePassword", "password");System.setProperty("javax.net.ssl.keyStoreType", "JKS");//done to prevent CN verification in client keystoreHttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() { @Override public boolean verify(String hostname, SSLSession session) { return true; }});
