Java 使用代码在dropwizard中配置SSL
我正在为RESTAPI使用Dropwizard0.7.0-rc2。我尝试过通过config.yaml配置SSL,它在本地机器上运行 下面是config.yaml中的内容Java 使用代码在dropwizard中配置SSL,java,rest,ssl,jetty,dropwizard,Java,Rest,Ssl,Jetty,Dropwizard,我正在为RESTAPI使用Dropwizard0.7.0-rc2。我尝试过通过config.yaml配置SSL,它在本地机器上运行 下面是config.yaml中的内容 server: # softNofileLimit: 1000 # hardNofileLimit: 1000 applicationConnectors: - type: http port: 8080 - type: https port: 13790 keySto
server:
# softNofileLimit: 1000
# hardNofileLimit: 1000
applicationConnectors:
- type: http
port: 8080
- type: https
port: 13790
keyStorePath: xxx.keystore
keyStorePassword: xxx
validateCerts: false
validatePeers: false
#this requires the alpn-boot library on the JVM's boot classpath
#- type: h2
# port: 8445
# keyStorePath: xxx.keystore
# keyStorePassword: xxx
# validateCerts: false
# validatePeers: false
adminConnectors:
- type: http
port: 8081
- type: https
port: 13790
keyStorePath: xxxx.keystore
keyStorePassword: xxxxx
validateCerts: false
validatePeers: false
140573632874312:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:598:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 0 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : SSLv3
Cipher : 0000
Session-ID:
Session-ID-ctx:
Master-Key:
Key-Arg : None
Krb5 Principal: None
PSK identity: None
PSK identity hint: None
Start Time: 1457936036
Timeout : 7200 (sec)
Verify return code: 0 (ok)
---
public void run(MyConfiguration configuration, Environment environment)
throws Exception {
((DefaultServerFactory) configuration.getServerFactory()).getApplicationConnectors().add(new HttpsConnectorFactory());
((DefaultServerFactory) configuration.getServerFactory()).getAdminConnectors().add(new HttpsConnectorFactory());
((HttpConnectorFactory) ((DefaultServerFactory) configuration.getServerFactory()).getApplicationConnectors().get(0)).setPort(13789);
((HttpConnectorFactory) ((DefaultServerFactory) configuration.getServerFactory()).getAdminConnectors().get(0)).setPort(13777);
((HttpsConnectorFactory) ((DefaultServerFactory) configuration.getServerFactory()).getApplicationConnectors().get(1)).setPort(13790);
((HttpsConnectorFactory) ((DefaultServerFactory) configuration.getServerFactory()).getAdminConnectors().get(1)).setPort(13791);
HttpsConnectorFactory cf1 = (HttpsConnectorFactory) ((HttpConnectorFactory) ((DefaultServerFactory) configuration.getServerFactory()).getApplicationConnectors().get(1));
cf1.setKeyStoreType("JKS");
cf1.setKeyStorePath("/var/***.jks");
cf1.setKeyStorePassword("*****");
cf1.setValidateCerts(true);
cf1.setValidatePeers(true);
}
server:
# softNofileLimit: 1000
# hardNofileLimit: 1000
applicationConnectors:
- type: http
port: 8080
- type: https
port: 13790
keyStorePath: xxx.keystore
keyStorePassword: xxx
validateCerts: false
validatePeers: false
#this requires the alpn-boot library on the JVM's boot classpath
#- type: h2
# port: 8445
# keyStorePath: xxx.keystore
# keyStorePassword: xxx
# validateCerts: false
# validatePeers: false
adminConnectors:
- type: http
port: 8081
- type: https
port: 13790
keyStorePath: xxxx.keystore
keyStorePassword: xxxxx
validateCerts: false
validatePeers: false
140573632874312:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:598:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 0 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : SSLv3
Cipher : 0000
Session-ID:
Session-ID-ctx:
Master-Key:
Key-Arg : None
Krb5 Principal: None
PSK identity: None
PSK identity hint: None
Start Time: 1457936036
Timeout : 7200 (sec)
Verify return code: 0 (ok)
---