Question:
Task: write a small web service, which will be accessed by a third-party client via https at a given frequency to receive data.
When choosing a tool, it was decided to use jetty (it seemed like an interesting library) and, accordingly, Java.
Generated a self-signed certificate via openssl, rsa: 2048.
Please tell me how to attach my certificate to the application. (Hook it from the code).
Answer:
Something like that, commented out text – adding a certificate to the store
package com.example;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.security.Key;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.io.IOException;
import java.io.InputStream;
import java.io.DataInputStream;
import java.io.ByteArrayInputStream;
import java.security.spec.*;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.util.Collection;
import org.eclipse.jetty.server.Connector;
import org.eclipse.jetty.server.HttpConfiguration;
import org.eclipse.jetty.server.HttpConnectionFactory;
import org.eclipse.jetty.server.SecureRequestCustomizer;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.ServerConnector;
import org.eclipse.jetty.server.SslConnectionFactory;
import org.eclipse.jetty.util.ssl.SslContextFactory;
import org.eclipse.jetty.webapp.WebAppContext;
public class Main {
/*
private static InputStream fullStream(String fname) throws IOException {
FileInputStream fis = new FileInputStream(fname);
DataInputStream dis = new DataInputStream(fis);
byte[] bytes = new byte[dis.available()];
dis.readFully(bytes);
ByteArrayInputStream bais = new ByteArrayInputStream(bytes);
return bais;
}
*/
public static void main(String... args) throws Exception {
/*
String certfile = "yourcert.cer";
FileInputStream is = new FileInputStream("yourKeyStore.keystore");
KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
keystore.load(is, "yourKeyStorePass".toCharArray());
String alias = "youralias";
char[] password = "yourKeyStorePass".toCharArray();
CertificateFactory cf = CertificateFactory.getInstance("X.509");
InputStream certstream = fullStream (certfile);
Certificate certs = cf.generateCertificate(certstream);
File keystoreFile = new File("yourKeyStorePass.keystore");
FileInputStream in = new FileInputStream(keystoreFile);
keystore.load(in, password);
in.close();
keystore.setCertificateEntry(alias, certs);
FileOutputStream out = new FileOutputStream(keystoreFile);
keystore.store(out, password);
out.close();
*/
Server server = new Server();
WebAppContext webapp = new WebAppContext();
webapp.setResourceBase("src/main/webapp");
server.setHandler(webapp);
HttpConfiguration http = new HttpConfiguration();
http.addCustomizer(new SecureRequestCustomizer());
http.setSecurePort(8443);
http.setSecureScheme("https");
ServerConnector connector = new ServerConnector(server);
connector.addConnectionFactory(new HttpConnectionFactory(http));
connector.setPort(8080);
HttpConfiguration https = new HttpConfiguration();
https.addCustomizer(new SecureRequestCustomizer());
SslContextFactory sslContextFactory = new SslContextFactory();
sslContextFactory.setKeyStorePath(
Main.class.getResource("keystore").toExternalForm()
);
sslContextFactory.setKeyStorePassword("javacodegeeks");
sslContextFactory.setKeyManagerPassword("javacodegeeks");
ServerConnector sslConnector = new ServerConnector(
server,
new SslConnectionFactory(sslContextFactory, "http/1.1"),
new HttpConnectionFactory(https)
);
sslConnector.setPort(8443);
server.setConnectors(new Connector[]{connector, sslConnector});
server.start();
server.join();
}
}