KeyStore.load()之后BufferedInputStream不起作用

时间:2014-07-24 07:31:58

标签: java security classloader bufferedinputstream

我的JavaWS应用程序将在实习网络中运行,因此它使用公司自己的证书进行签名,SSL证书也来自公司的根CA.因此,由于计算机数量巨大,因此不太可能手动导入每个comupter上的证书。所以我使用一个应该自动导入证书的类来扩展我的应用程序,这可以从控制台和IDE中运行,但如果应用程序是由java web start执行的话则不行:(

代码

        cf = CertificateFactory.getInstance("X.509");

        signCertIn = ClassLoader.class.getResourceAsStream((pack + signCertName + ".cer"));
        sslCertIn = ClassLoader.class.getResourceAsStream((pack + sslCertName) + ".crt");

        File file = new File(new File(System.getProperty("java.home") + SEP + "lib" + SEP + "security"), "cacerts");
        javaCertIn = new FileInputStream(file);

        KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
        keystore.load(javaCertIn, passphrase);

        javaCertIn.close();

        if (!keystore.containsAlias(signCertName)) {
            bis = new BufferedInputStream(signCertIn); // <<<<<<< Exception thrown here
            while (bis.available() > 0) {
                Certificate cert = cf.generateCertificate(bis);
                keystore.setCertificateEntry(signCertName, cert);
            }
            save = true;
            signCertIn.close();
        }

        if (!keystore.containsAlias(sslCertName)) {
            bis = new BufferedInputStream(sslCertIn);
            while (bis.available() > 0) {
                Certificate cert = cf.generateCertificate(bis);
                keystore.setCertificateEntry(sslCertName, cert);
            }
            save = true;
            sslCertIn.close();
        }

        if (save) {
            OutputStream out = new FileOutputStream(file);
            keystore.store(out, passphrase);
            out.close();
        }

JavaWS控制台输出

java.io.IOException: Stream closed
at java.io.BufferedInputStream.getInIfOpen(Unknown Source)
at java.io.BufferedInputStream.available(Unknown Source)
at at.sviss.util.cert.Certificates.install(Certificates.java:48)
at at.sviss.Main.main(Main.java:91)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at com.sun.javaws.Launcher.executeApplication(Unknown Source)
at com.sun.javaws.Launcher.executeMainClass(Unknown Source)
at com.sun.javaws.Launcher.doLaunchApp(Unknown Source)
at com.sun.javaws.Launcher.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)

2 个答案:

答案 0 :(得分:1)

而不是ClassLoader:

signCertIn = ClassLoader.class.getResourceAsStream((pack + signCertName + ".cer"));

使用课程itselfe:

signCertIn = Certificates.class.getResourceAsStream((pack + signCertName + ".cer"));

为我工作......

答案 1 :(得分:0)

Keystore.load()会将输入流读取到流的末尾。之后尝试从中读取任何其他内容是没有意义的。尝试重新打开流,无论您出于何种目的这样做。这不是有意义的。如果keystore.load()没有加载您的证书,我就不知道为什么您认为自己的代码会做得更好。

相关问题
最新问题