我有一个服务器端代码加载密钥库的应用程序 -
KeyStore ks = KeyStore.getInstance("JKS");
ks.load(new FileInputStream(keyStoreFile), "password".toCharArray());
KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
kmf.init(ks, "privatepassword".toCharArray());
SSLContext sslCtx = SSLContext.getInstance("TLS");
sslCtx.init(kmf.getKeyManagers(), null, null);
当我在密钥库中只有一个私钥时,这很好用.当我向密钥库添加另一个私钥(使用不同的密码)时,我收到了此错误
java.security.UnrecoverableKeyException: Cannot recover key
at sun.security.provider.KeyProtector.recover(KeyProtector.java:311)
at sun.security.provider.JavaKeyStore.engineGetKey(JavaKeyStore.java:121)
at sun.security.provider.JavaKeyStore$JKS.engineGetKey(JavaKeyStore.java:38)
at java.security.KeyStore.getKey(KeyStore.java:763)
at com.sun.net.ssl.internal.ssl.SunX509KeyManagerImpl.<init>(SunX509KeyManagerImpl.java:113)
at com.sun.net.ssl.internal.ssl.KeyManagerFactoryImpl$SunX509.engineInit(KeyManagerFactoryImpl.java:48)
然后我尝试创建一个自定义keymanager,如下面的链接中所指定
@Bruno我尝试了你给出的建议.然而,这不起作用.我的定制密钥管理器工厂看起来像这样 -
class CustomKeyManager implements X509KeyManager {
private final KeyStore ks;
private final String alias;
public CustomKeyManager(KeyStore ks, String alias) {
this.ks = ks;
this.alias = alias;
}
@Override
public String[] getClientAliases(String paramString,
Principal[] paramArrayOfPrincipal) {
return new String[]{alias};
} …