使用keytool生成keystore和證書

生成,導入和刪除

記錄windows下生成和測試的過程:

1.生成config.keystore

>keytool -genkeypair -keyalg RSA -keysize 1024 -sigalg MD5withRSA -alias localhost -keystore D:/config.keystore -storepass 123456
您的名字與姓氏是什麼?
  [Unknown]:  localhost
您的組織單位名稱是什麼?
  [Unknown]:  localhost
您的組織名稱是什麼?
  [Unknown]:  localhost
您所在的城市或區域名稱是什麼?
  [Unknown]:  localhost
您所在的省/市/自治區名稱是什麼?
  [Unknown]:  localhost
該單位的雙字母國家/地區代碼是什麼?
  [Unknown]:  localhost
CN=localhost, OU=localhost, O=localhost, L=localhost, ST=localhost, C=localhost是否正確?
  [否]:  y

輸入 <localhost> 的密鑰口令
        (如果和密鑰庫口令相同, 按回車):

聲明那個名字與姓氏需要注意以下，我在本地測試時setHost填的是localhost如果名字不一樣，會報錯說不匹配什麼的。

該問題解決的博客：https://blog.csdn.net/diyagea/article/details/50639911

2.生成證書

>keytool -exportcert -alias localhost -keystore D:/config.keystore -file D:/config.cer -rfc
輸入密鑰庫口令:
存儲在文件 <D:/config.cer> 中的證書

 這裏的口令就是上面的：123456

3.接下來就要以管理員的身份運行cmd，否則會報拒絕訪問的錯誤。這步的目的是將證書導入jdk的信任庫中，以便發起請求的一方可以對https地址發起請求。

>keytool -import -noprompt -trustcacerts -keystore "C:/Program Files/Java/jdk1.6.0_45/jre/lib/security/cacerts" -file "D:/config.cer" -alias localhost
輸入密鑰庫口令:
證書已添加到密鑰庫中

這裏需要注意的是路徑中有空格存在的話用雙引號括起來。還有就是密鑰庫的口令不是123456，若輸入這個會報密碼錯誤之類的。這裏的口令應該填：changeit。

該方案的博客：https://blog.csdn.net/zhuzhiqiang_zhu/article/details/70212499

3.如果導入錯誤，可以根據別名進行刪除。

>keytool -delete -alias test -keystore "C:/Program Files/Java/jdk1.6.0_45/jre/lib/security/cacerts"
輸入密鑰庫口令:

別名就是test。

測試

jetty

package com.xck.Server;

import org.eclipse.jetty.server.Connector;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.handler.AbstractHandler;
import org.eclipse.jetty.server.nio.SelectChannelConnector;
import org.eclipse.jetty.server.ssl.SslSelectChannelConnector;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.*;

public class HttpOrHttpsServer extends AbstractHandler {

    private SelectChannelConnector httpConn = null;
    private SslSelectChannelConnector httpsConn = null;
    private Server server = null;

    public static void main(String[] args){
        HttpOrHttpsServer server = new HttpOrHttpsServer();
        server.doInit();
        server.doStart();
    }

    public void doInit(){
        try {
            httpConn = new SelectChannelConnector();
            httpConn.setHost("localhost");
            httpConn.setPort(8092);

            httpsConn = new SslSelectChannelConnector();
            httpsConn.setHost("localhost");
            httpsConn.setPort(8091);
            httpsConn.setPassword("123456");
            httpsConn.setKeyPassword("123456");
            httpsConn.setTrustPassword("123456");
            httpsConn.setKeystore("D:\\config.keystore"); //keystore地址
            server = new Server();
            server.setConnectors(new Connector[]{httpConn, httpsConn});
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    public void doStart(){
        try {
            server.setHandler(this);
            server.start();
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    public void handle(String s, Request request, HttpServletRequest httpServletRequest,
                       HttpServletResponse httpServletResponse) throws IOException, ServletException {
        InputStream is = request.getInputStream();
        BufferedReader br = new BufferedReader(new InputStreamReader(is));
        StringBuffer sb = new StringBuffer("");
        String str = null;
        while((str = br.readLine())!=null){
            sb.append(str);
        }
        System.out.println(sb.toString());

        httpServletResponse.setContentType("text/plain;charset=utf-8");
        httpServletResponse.setStatus(HttpServletResponse.SC_OK);
        httpServletResponse.getWriter().print("ok");
        //通知jetty，這個請求以及處理完畢，如果不設置這個，會報下面的錯誤
//        Exception in thread "main" java.io.FileNotFoundException: https://localhost:8091
//        at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1457)
//        at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:234)
//        at com.xck.HttpRequest.main(HttpRequest.java:37)
        request.setHandled(true);
    }
}

請求。因爲使用的是jdk1.6，所以這裏使用HttpURLConnection。這裏需要注意一點，發送數據只會在調用httpURLConnection.getInputStream()之後進行，否則不會發送數據。

package com.xck;

import java.io.BufferedReader;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.net.HttpURLConnection;
import java.net.URL;

public class HttpRequest {

    public static void main(String[] args) throws Exception{
        URL url = new URL("https://localhost:8091");
        HttpURLConnection httpURLConnection = (HttpURLConnection) url.openConnection();
        httpURLConnection.setRequestMethod("POST");
        httpURLConnection.setRequestProperty("Content-type", "text/plain");
        // 設置文件字符集:
        httpURLConnection.setRequestProperty("Charset", "UTF-8");

        httpURLConnection.setInstanceFollowRedirects(false);
        httpURLConnection.setConnectTimeout(10000);
        httpURLConnection.setReadTimeout(10000);
        httpURLConnection.setUseCaches(false);
        httpURLConnection.setDoOutput(true);
        httpURLConnection.setDoInput(true);
        httpURLConnection.connect();

        OutputStream os = httpURLConnection.getOutputStream();
        String str = "hello";
        os.write(str.getBytes());
        os.flush();
        os.close();

        InputStream is = httpURLConnection.getInputStream();
        BufferedReader br = new BufferedReader(new InputStreamReader(is, "utf-8"));
        String line = "";
        StringBuffer sb = new StringBuffer("");
        while((line = br.readLine()) != null){
            sb.append(line);
        }
        System.out.println(sb.toString());
    }
}

pom.xml需要引入

        <dependency>
            <groupId>org.eclipse.jetty</groupId>
            <artifactId>jetty-server</artifactId>
            <version>8.1.17.v20150415</version>
        </dependency>