Java 为Rest使用不同的SSL上下文&；肥皂及；Spring Boot中的JDBC_Java_Spring Boot_Security_Hsm_Sslcontext

Java 为Rest使用不同的SSL上下文&；肥皂及；Spring Boot中的JDBC

java spring-boot security

Java 为Rest使用不同的SSL上下文&；肥皂及；Spring Boot中的JDBC,java,spring-boot,security,hsm,sslcontext,Java,Spring Boot,Security,Hsm,Sslcontext,现在使用SpringBoot，将hsm&MSSQLJDBC&rest&soap服务运行在一个微服务中 MainApplication.java @SpringBootApplication public class MainApplication { @Autowired public Environment env; public static void main(String[] args) { SpringApplication.run(Main

现在使用SpringBoot，将hsm&MSSQLJDBC&rest&soap服务运行在一个微服务中

MainApplication.java

@SpringBootApplication
public class MainApplication {

    @Autowired
    public Environment env;

    public static void main(String[] args) {
        SpringApplication.run(MainApplication.class, args);
    }

    /**
     * init keystores
     */
    @PostConstruct
    public void keystoresInit() {       
        logger.info("Starting keystores Init");

            // INIT Keystore - soap service
            KeyStore ks = KeyStore.getInstance(env.getProperty("keyserver.ssl.key-store-type"));
            ksFile = new FileInputStream(env.getProperty("keyserver.ssl.key-store"));
            ks.load(ksFile, pass);
            KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            kmf.init(ks, pass);

            // INIT Truststore
            KeyStore trustKeystore = KeyStore.getInstance(env.getProperty("cacert.ssl.key-store-type"));
            tsFile = new FileInputStream(env.getProperty("cacert.ssl.key-store"));
            trustKeystore.load(tsFile, env.getProperty("cacert.ssl.key-store-password").toCharArray());
            TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            tmf.init(trustKeystore);

            // INIT SSLContext
            SSLContext context = SSLContext.getInstance("TLS");
            context.init(kmf.getKeyManagers(), tmf.getTrustManagers(), new SecureRandom());
            SSLContext.setDefault(context);

            Map<String, String> samplekeys = new HashMap<String, String>();


            CustomSSLContext cssc = CustomSSLContext.getInstance(); //which is used for soap services
            cssc.initSSLContexts(env.getProperty("keyserver.ssl.key-store"),
                    env.getProperty("keyserver.ssl.key-store-type"), pass, samplekeys);

        } catch (Exception e) {
            --
        } finally {
            --
        }

    }

    /**
     * Configuring Hikari datasource and setting password from vault.
     * @return
     */
    @Bean
    @ConfigurationProperties(prefix = "spring.datasource.hikari")
    public DataSource dataSource() {
        HikariDataSource ds = null;
        try {
            password = getting from vault;
            ds = new HikariDataSource();
            ds.setPassword(new String(password));
        } catch (Exception e) {
            --
        } finally {
            --
        }
        return ds;
    }

}

java.security

security.provider.1=sun.security.provider.Sun
security.provider.2=sun.security.rsa.SunRsaSign
security.provider.3=com.safenetinc.luna.provider.LunaProvider
security.provider.4=sun.security.ec.SunEC
security.provider.5=com.sun.net.ssl.internal.ssl.Provider
security.provider.6=com.sun.crypto.provider.SunJCE
..etc

问题：

Postconstruct方法已初始化密钥库和信任库，所有连接使用我在中配置的LunaProvider java.security文件列为第3项（安全提供程序）。这个ssl SOAP调用使用的连接。这很有效

数据库bean也使用相同的lunaprovider，我不想在ssl中使用它。因为它会引起很多问题。我需要对数据库使用不同的ssl上下文，以便并行工作。怎样我是这样做的

我有从这项服务传入和传出的rest呼叫。想知道是否可以使用另一个ssl上下文？不接触 lunaprovider

提前谢谢

security.provider.1=sun.security.provider.Sun
security.provider.2=sun.security.rsa.SunRsaSign
security.provider.3=com.safenetinc.luna.provider.LunaProvider
security.provider.4=sun.security.ec.SunEC
security.provider.5=com.sun.net.ssl.internal.ssl.Provider
security.provider.6=com.sun.crypto.provider.SunJCE
..etc