下面列出了java.security.URIParameter#javax.net.ssl.TrustManagerFactory 实例代码,或者点击链接到github查看源代码,也可以在右侧发表评论。
/**
* Create an SSLContext with mutual TLS authentication enabled; returns null if the
* tlsConfigDirectory was not found.
*
* @return SSLContext
*/
public SSLContext createSSLContext() {
if (tlsConfigDirectory == null) {
return null;
}
try {
// Get the client's public/private key pair
KeyManagerFactory kmf = null;
if (this.isClientAuthEnabled) {
kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
kmf.init(createPrivateKeyStore(), readKeyStorePassword(tlsConfigDirectory));
}
// Get the client's trustStore for what server certificates the client will trust
TrustManagerFactory trustFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustFactory.init(createTrustStore());
// Create SSL context with the client's keyStore and trustStore
SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
sslContext.init((this.isClientAuthEnabled) ? kmf.getKeyManagers() : null, trustFactory.getTrustManagers(), null);
return sslContext;
} catch (Exception e) {
throw new RuntimeException(e);
}
}
/**
* Sets the default trust manager based on the SunX509 trustManagement algorithm
*
* We use a non-verification Trust Manager
**/
private void setDefaultTrustManager()
{
String defaultAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
try
{
TrustManagerFactory tmf = TrustManagerFactory.getInstance( defaultAlgorithm );
tmf.init( ( KeyStore ) null );
trustManagers = tmf.getTrustManagers();
}
catch ( KeyStoreException kse )
{
LOG.error( I18n.err( I18n.ERR_04172_KEYSTORE_INIT_FAILURE ) );
throw new RuntimeException( kse.getMessage(), kse );
}
catch ( NoSuchAlgorithmException nsae )
{
LOG.error( I18n.err( I18n.ERR_04173_ALGORITHM_NOT_FOUND, defaultAlgorithm ) );
throw new RuntimeException( nsae.getMessage(), nsae );
}
}
private static TrustManager[] setupTrustCerts(KeyStoreHolder ksh, boolean allowInsecureConnection,
Certificate[] trustCertficates) throws NoSuchAlgorithmException, KeyStoreException {
TrustManager[] trustManagers;
if (allowInsecureConnection) {
trustManagers = InsecureTrustManagerFactory.INSTANCE.getTrustManagers();
} else {
TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
if (trustCertficates == null || trustCertficates.length == 0) {
tmf.init((KeyStore) null);
} else {
for (int i = 0; i < trustCertficates.length; i++) {
ksh.setCertificate("trust" + i, trustCertficates[i]);
}
tmf.init(ksh.getKeyStore());
}
trustManagers = tmf.getTrustManagers();
}
return trustManagers;
}
@Override
public TrustManager[] getTrustManagers() throws Exception {
String truststoreType = endpoint.getTruststoreType();
if (truststoreType == null) {
truststoreType = System.getProperty("javax.net.ssl.trustStoreType");
}
if (truststoreType == null) {
truststoreType = endpoint.getKeystoreType();
}
if (truststoreType == null) {
truststoreType = defaultKeystoreType;
}
String algorithm = endpoint.getTruststoreAlgorithm();
if (algorithm == null) {
algorithm = TrustManagerFactory.getDefaultAlgorithm();
}
return getTrustManagers(truststoreType, endpoint.getKeystoreProvider(),
algorithm);
}
protected X509TrustManager getTrustManager() {
try {
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(
TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init((KeyStore) null);
TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
if (trustManagers.length != 1 || !(trustManagers[0] instanceof X509TrustManager)) {
throw new IllegalStateException("Unexpected default trust managers:"
+ Arrays.toString(trustManagers));
}
return (X509TrustManager) trustManagers[0];
} catch (Exception e) {
return null;
}
}
private SSLContext createSSLContext() throws Exception {
TLSClientParameters tlsParams = new TLSClientParameters();
try (InputStream keystore = ClassLoaderUtils.getResourceAsStream("keys/Truststore.jks", this.getClass())) {
KeyStore trustStore = loadStore(keystore, "password");
TrustManagerFactory tmf =
TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(trustStore);
tlsParams.setTrustManagers(tmf.getTrustManagers());
}
try (InputStream keystore = ClassLoaderUtils.getResourceAsStream("keys/Morpit.jks", this.getClass())) {
KeyStore keyStore = loadStore(keystore, "password");
KeyManagerFactory kmf =
KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
kmf.init(keyStore, "password".toCharArray());
tlsParams.setKeyManagers(kmf.getKeyManagers());
}
return SSLUtils.getSSLContext(tlsParams);
}
X509TrustManager getTrustManager(KeyStore ks) {
try {
TrustManagerFactory tmf = TrustManagerFactory.getInstance("X509");
tmf.init(ks);
for (TrustManager t : tmf.getTrustManagers()) {
if (t instanceof X509TrustManager) {
return (X509TrustManager)t;
}
}
} catch (Exception e) {
// Here, we are covering up errors. It might be more useful
// however to throw them out of the constructor so the
// embedding app knows something went wrong.
LOGGER.log(Level.SEVERE, "getTrustManager(" + ks + ")", e);
}
return null;
}
private static TrustManager[] createTrustManagers(final KeyStore keystore, String algorithm)
throws KeyStoreException, NoSuchAlgorithmException
{
if (keystore == null) {
throw new IllegalArgumentException("Keystore may not be null");
}
log.debug("Initializing trust manager");
if (StringUtils.isEmpty(algorithm)) {
algorithm=TrustManagerFactory.getDefaultAlgorithm();
log.debug("using default TrustManager algorithm ["+algorithm+"]");
} else {
log.debug("using configured TrustManager algorithm ["+algorithm+"]");
}
TrustManagerFactory tmfactory = TrustManagerFactory.getInstance(algorithm);
tmfactory.init(keystore);
TrustManager[] trustmanagers = tmfactory.getTrustManagers();
return trustmanagers;
}
static TrustManagerFactory buildTrustManagerFactory(
X509Certificate[] certCollection, TrustManagerFactory trustManagerFactory)
throws NoSuchAlgorithmException, CertificateException, KeyStoreException, IOException {
final KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
ks.load(null, null);
int i = 1;
for (X509Certificate cert: certCollection) {
String alias = Integer.toString(i);
ks.setCertificateEntry(alias, cert);
i++;
}
// Set up trust manager factory to use our key store.
if (trustManagerFactory == null) {
trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
}
trustManagerFactory.init(ks);
return trustManagerFactory;
}
@NotNull
static SSLContext getInitialisedContext() throws NoSuchAlgorithmException, KeyStoreException, IOException, CertificateException, UnrecoverableKeyException, KeyManagementException {
final SSLContext context = SSLContext.getInstance("TLS");
KeyManagerFactory kmf =
KeyManagerFactory.getInstance("SunX509");
final KeyStore keyStore = KeyStore.getInstance("JKS");
final char[] password = "password".toCharArray();
keyStore.load(new FileInputStream(KEYSTORE_FILE), password);
kmf.init(keyStore, password);
final KeyStore trustStore = KeyStore.getInstance("JKS");
trustStore.load(new FileInputStream(KEYSTORE_FILE), password);
TrustManagerFactory tmf =
TrustManagerFactory.getInstance("SunX509");
tmf.init(trustStore);
context.init(kmf.getKeyManagers(), tmf.getTrustManagers(), new SecureRandom());
return context;
}
public BouncrSSLSocketFactory() {
try {
SSLContext ctx = SSLContext.getInstance("TLSv1.2");
TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
KeyStore trustStore = KeyStore.getInstance("JKS");
try (InputStream in = new FileInputStream(keyStoreInfo.get().getTruststorePath())) {
trustStore.load(in, keyStoreInfo.get().getTruststorePassword().toCharArray());
}
tmf.init(trustStore);
ctx.init(null, tmf.getTrustManagers(), SecureRandom.getInstance("SHA1PRNG"));
delegate = ctx.getSocketFactory();
} catch (Exception e) {
throw new IllegalArgumentException(e);
}
}
private SSLContext buildTestSslContext()
throws Exception
{
// Load self-signed certificate
char[] serverKeyStorePassword = "insecure-ssl-test".toCharArray();
KeyStore serverKeyStore = KeyStore.getInstance(KeyStore.getDefaultType());
try (InputStream in = getResource(getClass(), "/insecure-ssl-test.jks").openStream()) {
serverKeyStore.load(in, serverKeyStorePassword);
}
String kmfAlgorithm = KeyManagerFactory.getDefaultAlgorithm();
KeyManagerFactory kmf = KeyManagerFactory.getInstance(kmfAlgorithm);
kmf.init(serverKeyStore, serverKeyStorePassword);
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(kmfAlgorithm);
trustManagerFactory.init(serverKeyStore);
SSLContext sslContext = SSLContext.getInstance("SSL");
sslContext.init(kmf.getKeyManagers(), trustManagerFactory.getTrustManagers(), new SecureRandom());
return sslContext;
}
private void init() throws Exception {
transientKeyStore=KeyStore.getInstance(storeType);
transientKeyStore.load(null, null);
TrustManagerFactory tmf=TrustManagerFactory.getInstance("X509");
tmf.init(transientKeyStore);
transientTrustManager=findX509TrustManager(tmf);
keyStore=KeyStore.getInstance(storeType);
if (store.exists()) {
keyStore.load(new FileInputStream(store), storePassword);
}
else {
keyStore.load(null, storePassword);
}
tmf=TrustManagerFactory.getInstance("X509");
tmf.init(keyStore);
storeTrustManager=findX509TrustManager(tmf);
}
private static TrustManagerFactory createTrustManagerFactory(
final String caCertificateFileName)
throws CertificateException, NoSuchAlgorithmException, IOException, KeyStoreException
{
// Creates a trust manager factory
// Load CA certificate
final X509Certificate caCertificate = (X509Certificate) createX509CertificateFromFile(caCertificateFileName);
// CA certificate is used to authenticate server
final KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(null, null);
keyStore.setCertificateEntry("ca-certificate", caCertificate);
final TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(keyStore);
return trustManagerFactory;
}
@Override
public void addTrustStore(KeyStore keyStore){
try {
TrustManagerFactory factory =
TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
factory.init(keyStore);
TrustManager[] managers = factory.getTrustManagers();
for (TrustManager trustManager : managers) {
if (trustManager instanceof X509TrustManager) {
compositeTrustManager.addTrustManager((X509TrustManager) trustManager);
}
}
} catch (NoSuchAlgorithmException | KeyStoreException e) {
LoggerFactory.getLogger(getClass()).error("Could not add trust store", e);
}
}
private DittoTrustManagerFactory(final TrustManagerFactory delegate, final String hostname) {
super(new TrustManagerFactorySpi() {
@Override
protected void engineInit(KeyStore keyStore) throws KeyStoreException {
delegate.init(keyStore);
}
@Override
protected void engineInit(ManagerFactoryParameters managerFactoryParameters) throws
InvalidAlgorithmParameterException {
delegate.init(managerFactoryParameters);
}
@Override
protected TrustManager[] engineGetTrustManagers() {
return DittoTrustManager.wrapTrustManagers(delegate.getTrustManagers(), hostname);
}
}, delegate.getProvider(), delegate.getAlgorithm());
}
/**
* Creates an SSLSocketFactory which contains {@code certChainFile} as its only root certificate.
*/
public static SSLSocketFactory newSslSocketFactoryForCa(Provider provider,
File certChainFile) throws Exception {
KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
ks.load(null, null);
CertificateFactory cf = CertificateFactory.getInstance("X.509");
BufferedInputStream in = new BufferedInputStream(new FileInputStream(certChainFile));
try {
X509Certificate cert = (X509Certificate) cf.generateCertificate(in);
X500Principal principal = cert.getSubjectX500Principal();
ks.setCertificateEntry(principal.getName("RFC2253"), cert);
} finally {
in.close();
}
// Set up trust manager factory to use our key store.
TrustManagerFactory trustManagerFactory =
TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(ks);
SSLContext context = SSLContext.getInstance("TLS", provider);
context.init(null, trustManagerFactory.getTrustManagers(), null);
return context.getSocketFactory();
}
private static SSLServerSocketFactory makeSSLSocketFactory(KeyStore loadedKeyStore, KeyManager[] keyManagers) throws IOException {
final SSLServerSocketFactory factory;
try {
final TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(loadedKeyStore);
final SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(keyManagers, trustManagerFactory.getTrustManagers(), null);
factory = sslContext.getServerSocketFactory();
} catch (Exception e) {
// simplify exception handling
throw new IOException(e.getMessage());
}
return factory;
}
private static SslContext createSSLContext(boolean useClientCA, String sslKeyStoreType, String sslKeyFilePath, String sslManagerPwd, String sslStorePwd) {
try {
InputStream ksInputStream = new FileInputStream(sslKeyFilePath);
KeyStore ks = KeyStore.getInstance(sslKeyStoreType);
ks.load(ksInputStream, sslStorePwd.toCharArray());
final KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
kmf.init(ks, sslManagerPwd.toCharArray());
SslContextBuilder contextBuilder = SslContextBuilder.forServer(kmf);
// whether need client CA(two-way authentication)
if (useClientCA) {
contextBuilder.clientAuth(ClientAuth.REQUIRE);
TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(ks);
contextBuilder.trustManager(tmf);
}
return contextBuilder.sslProvider(SslProvider.valueOf("JDK")).build();
} catch (Exception ex) {
log.error("Create ssl context failure.cause={}", ex);
return null;
}
}
public static TrustManager[] createTrustManagers(
final String file,
final char[] trustStorePasswd,
final String trustStoreType,
final String trustManagerFactoryAlgorithm
)
throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException
{
KeyStore trustStore;
try
{
trustStore = loadStore(file, trustStoreType, trustStorePasswd);
}
catch (FileNotFoundException fileNotFoundExc)
{
trustStore = null; // no trustStore given. SslEngine can handle null here
}
TrustManagerFactory trustMgrFactory = TrustManagerFactory.getInstance(trustManagerFactoryAlgorithm);
trustMgrFactory.init(trustStore);
return trustMgrFactory.getTrustManagers();
}
public static SSLContext getNotificationTlsContext(Context c, Certificate serverCert){
try {
SSLContext tlsContext = SSLContext.getInstance(TLS_VERSIONS[0]);
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(null, null);
keyStore.setKeyEntry("key", RsaHelper.getPrivateKey(c), "".toCharArray(),
new Certificate[]{TlsHelper.getCertificate(c)});
keyStore.setCertificateEntry("serverCert", serverCert);
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyManagerFactory.init(keyStore, "".toCharArray());
TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(keyStore);
tlsContext.init(keyManagerFactory.getKeyManagers(), tmf.getTrustManagers(), null);
return tlsContext;
} catch (Exception e){
Log.e("TlsHelper", "getNotificationTlsContext");
Log.e("StackTrace", Log.getStackTraceString(e));
return null;
}
}
/**
* SSLServerSocketFactory を作成します.
*
* @param keyStore キーストア
* @param password パスワード
* @return SSLServerSocketFactoryのインスタンス
* @throws GeneralSecurityException SSLServerSocketFactoryの作成に失敗した場合に発生
*/
private SSLServerSocketFactory createSSLServerSocketFactory(final KeyStore keyStore, final String password) throws GeneralSecurityException {
SSLContext sslContext = SSLContext.getInstance("TLS");
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyManagerFactory.init(keyStore, password.toCharArray());
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(keyStore);
sslContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), new SecureRandom());
return sslContext.getServerSocketFactory();
}
public static TrustManager[] createTrustManagers(
final String file,
final char[] keyStorePasswd
)
throws KeyStoreException, FileNotFoundException, NoSuchAlgorithmException, IOException, CertificateException
{
return createTrustManagers(
file, keyStorePasswd,
SslTcpConstants.TRUST_STORE_DEFAULT_TYPE, TrustManagerFactory.getDefaultAlgorithm()
);
}
private static SSLContext createSslContext(
final String keystore, final char[] keystorePasswd, final String keystoreType,
final String truststore, final char[] truststorePasswd, final String truststoreType,
final String protocol)
throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException,
UnrecoverableKeyException, KeyManagementException {
// prepare the keystore
final KeyStore keyStore = KeyStore.getInstance(keystoreType);
try (final InputStream keyStoreStream = new FileInputStream(keystore)) {
keyStore.load(keyStoreStream, keystorePasswd);
}
final KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyManagerFactory.init(keyStore, keystorePasswd);
// prepare the truststore
final KeyStore trustStore = KeyStore.getInstance(truststoreType);
try (final InputStream trustStoreStream = new FileInputStream(truststore)) {
trustStore.load(trustStoreStream, truststorePasswd);
}
final TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(trustStore);
// initialize the ssl context
final SSLContext sslContext = SSLContext.getInstance(protocol);
sslContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), new SecureRandom());
return sslContext;
}
/**
* 决定是否信任对方的证书
*
* @param url
* @return
* @throws Exception
*/
protected static TrustManagerFactory getTrustManagerFactory(final URL url) throws Exception {
String caPath = url.getString(SSL_CA_PATH);
if (isEmpty(caPath)) {
return null;
}
TrustManagerFactory tf = TrustManagerFactory.getInstance(url.getString(SSL_CERTIFICATE));
KeyStore tks = getKeyStore(caPath, url.getString(SSL_PASSWORD), url.getString(SSL_KEYSTORE));
tf.init(tks);
return tf;
}
/**
* Create an SSL context based on a KeyStore
*
* @param ks A keystore with a private key and certificate chain.
* @param password the password for the keystore.
*/
public static SSLContext createSSLContext(KeyStore ks, char[] password) throws NoSuchAlgorithmException, KeyStoreException, KeyManagementException, CertificateException, UnrecoverableKeyException {
final SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
kmf.init(ks, password);
TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
tmf.init(ks);
sslContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), SecureRandom.getInstance("SHA1PRNG"));
return sslContext;
}
/**
* Constructor for DefaultX509TrustManager.
*
*/
public DefaultX509TrustManager(KeyStore keystore) throws NoSuchAlgorithmException, KeyStoreException {
super();
TrustManagerFactory factory = TrustManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
factory.init(keystore);
TrustManager[] trustmanagers = factory.getTrustManagers();
if (trustmanagers.length == 0) {
throw new NoSuchAlgorithmException("SunX509 trust manager not supported");
}
this.standardTrustManager = (X509TrustManager) trustmanagers[0];
}
/**
* Constructor for EasyX509TrustManager.
*/
public EasyX509TrustManager(KeyStore keystore) throws NoSuchAlgorithmException, KeyStoreException {
super();
TrustManagerFactory factory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
factory.init(keystore);
TrustManager[] trustmanagers = factory.getTrustManagers();
if (trustmanagers.length == 0) {
throw new NoSuchAlgorithmException("no trust manager found");
}
this.standardTrustManager = (X509TrustManager)trustmanagers[0];
}
private X509TrustManager trustManagerForCertificates(InputStream in) throws GeneralSecurityException {
final CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
final Collection<? extends Certificate> certificates = certificateFactory.generateCertificates(in);
if (certificates.isEmpty()) {
throw new IllegalArgumentException("expected non-empty set of trusted certificates");
}
// Put the certificates a key store.
final char[] password = "umwxnikwxx".toCharArray(); // Any password will work.
final KeyStore keyStore = newEmptyKeyStore(password);
int index = 0;
for (Certificate certificate : certificates) {
final String certificateAlias = Integer.toString(index++);
keyStore.setCertificateEntry(certificateAlias, certificate);
}
// Use it to build an X509 trust manager.
final KeyManagerFactory keyManagerFactory
= KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyManagerFactory.init(keyStore, password);
final TrustManagerFactory trustManagerFactory
= TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(keyStore);
final TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
if (trustManagers.length != 1 || !(trustManagers[0] instanceof X509TrustManager)) {
throw new IllegalStateException("Unexpected default trust managers:"
+ Arrays.toString(trustManagers));
}
return (X509TrustManager) trustManagers[0];
}
public static SslContext createSSLClientContext(String sslFilePath,
String sslPassword, String sslType, String algorithmName) {
try {
KeyStore ts = KeyStore.getInstance(sslType);
TrustManagerFactory tf = TrustManagerFactory
.getInstance(algorithmName);
InputStream tsInputStream = new FileInputStream(
getFileInputStream(sslFilePath));
try {
ts.load(tsInputStream, sslPassword.toCharArray());
tf.init(ts);
} finally {
tsInputStream.close();
}
//both-server
KeyStore keyStore = KeyStore.getInstance(sslType);
KeyManagerFactory kmf = KeyManagerFactory
.getInstance(algorithmName);
InputStream ksInputStream = new FileInputStream(
getFileInputStream(sslFilePath));
try {
keyStore.load(ksInputStream, sslPassword.toCharArray());
kmf.init(keyStore, sslPassword.toCharArray());
} finally {
ksInputStream.close();
}
return SslContextBuilder.forClient().trustManager(tf).keyManager(kmf).build();
} catch (Exception ex) {
ex.printStackTrace();
return null;
}
}