Java 试图了解相互身份验证密钥对和证书在gRPC上下文中的工作方式
因此,在阅读了无数关于如何以及如何生成密钥对、证书和信任管理器的文章后,我感到难以置信的困惑 这是我的情况,我有一个客户:Java 试图了解相互身份验证密钥对和证书在gRPC上下文中的工作方式,java,ssl,grpc,tls1.2,grpc-java,Java,Ssl,Grpc,Tls1.2,Grpc Java,因此,在阅读了无数关于如何以及如何生成密钥对、证书和信任管理器的文章后,我感到难以置信的困惑 这是我的情况,我有一个客户: SslContextBuilder builder = GrpcSslContexts.forClient(); // builder.trustManager(new File(trustCertCollectionFilePath)); //i've read this should be ignored for the client builder.keyManage
SslContextBuilder builder = GrpcSslContexts.forClient();
// builder.trustManager(new File(trustCertCollectionFilePath)); //i've read this should be ignored for the client
builder.keyManager(new File(clientCertChainFilePath), new File(clientPrivateKeyFilePath));
SslContextBuilder sslClientContextBuilder = SslContextBuilder.forServer(new
File(certChainFilePath), new File(privateKeyFilePath));
sslClientContextBuilder.trustManager(new File(trustCertCollectionFilePath));
sslClientContextBuilder.clientAuth(ClientAuth.REQUIRE);
1. You have to generate a RSA key pair.
2. Generate a certificate.
3. Put the public key inside the certificate.
clientCertChainFilePath = certificate with public key inside
clientPrivateKeyFilePath = client private key
1. You have to generate a trusted authority certificate(CA) with a server private key
2. Get the certificate from the client
3. Register the client certificate inside the trusted authority somehow.
certChainFilePath = certificate from the client with public key inside
privateKeyFilePath = private server key for the trust authority certificate(CA)
trustCertCollectionFilePath = trusted authority certificate(CA)
请纠正我或告诉我所有这些是如何结合在一起工作的,如果您有任何关于如何正确生成所有内容的特定链接,我们将不胜感激。客户端和服务器都有自己的公钥和私钥。这是两对独立的公私密钥 在服务器端,
certChainFilePathprivateKeyFilePath通过双向TLS,客户机被要求将其证书(包含客户机公钥)发送到服务器。客户机和服务器都有自己的公钥和私钥。这是两对独立的公私密钥 在服务器端,
certChainFilePathprivateKeyFilePath