我已经编写了启用SSL的spring boot rest服务。我想在调用服务时从http请求中提取客户端证书的公钥。
我正在尝试httpServletRequest.getAttribute("javax.servlet.request.X509Certificate");
给出空值。
如果我尝试httpServletRequest.getAttribute("javax.servlet.request.ssl_session_mgr");
它在包含本地证书的JSSESupport objcet中提供了SSLSession,但它是私有的,我无法提取证书。
以下是我的SSL配置(application.properties):
server.port=8443
server.ssl.key-alias=selfsigned_localhost_sslserver
server.ssl.key-password=changeit
server.ssl.key-store=classpath:ssl-server.jks
server.ssl.key-store-provider=SUN
server.ssl.key-store-type=JKS
下面是我编写的向客户应用程序发送证书的客户端代码:
public void testSeervice(){
char[] passphrase = "changeit".toCharArray(); //password
KeyStore keystore = KeyStore.getInstance("JKS");
//KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keystore.load(new FileInputStream("D:\\Projects\\certvalidator\\src\\main\\resources\\ssl-server.jks"), passphrase); //path
//TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509"); //instance
TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(keystore);
SSLContext context = SSLContext.getInstance("TLS");
TrustManager[] trustManagers = tmf.getTrustManagers();
context.init(null, trustManagers, null);
SSLSocketFactory sf = context.getSocketFactory();
URL url = new URL("https://localhost:8443/validate");
HttpsURLConnection httpsCon = (HttpsURLConnection) url.openConnection();
httpsCon.setSSLSocketFactory(sf);
httpsCon.setRequestMethod("GET");
System.out.println("Response Message is " + httpsCon.getResponseMessage());
}