하기 코드를 사용하면 모든 인증서( 테스트, 유효기간 지난거.. 등 )을 모두 신뢰해버린다. ( Real 적용하면 보안에 문에 있음. )
======================================================================
try {
SSLContext ctx = SSLContext.getInstance("TLS");
ctx.init(new KeyManager[0], new TrustManager[] { new X509TrustManager() {
@Override
public void checkClientTrusted(X509Certificate[] x509Certificates, String name) throws CertificateException {}
@Override
public void checkServerTrusted(X509Certificate[] x509Certificates, String name) throws CertificateException {}
@Override
public X509Certificate[] getAcceptedIssuers() {
return null;
}
} }, new SecureRandom());
SSLContext.setDefault(ctx);
} catch (Exception e) {
throw new RuntimeException(e);
}
======================================================================
원초 적인 해결 안은... jvm에 인증서 설치 하기..
Found that the following javax properties returned null value in the WebSphere.
javax.net.ssl.trustStore,
javax.net.ssl.trustStorePassword
javax.net.ssl.trustStoreType
For more details, please see this link,
java - path to trustStore - set property doesnt work?
Configured the properties as below in the WebSphere
Select Servers > Application Servers > server_name > Process Definition > Java Virtual Machine > Custom Properties > New.
a) javax.net.ssl.trustStore = jre_install_dirlibsecuritycacerts
Example: C:Program FilesWebSphereAppServerjavajrelibsecuritycacerts
b) javax.net.ssl.trustStorePassword = changeit (default)
c) javax.net.ssl.trustStoreType = jks
For more details, please see this link,
http://publib.boulder.ibm.com/infocenter/tivihelp/v2r1/index.jsp?topic=%2Fcom.ibm.isim.doc_6.0%2Finstalling%2Ftsk%2Ftsk_ic_ins_first_security_truststore.htm
After the configuration was able to see in the logs that certificates being added to the trust store.
Related
