Java 应用程序的密钥库/信任库的默认位置是哪个?
我正在编写一个使用 SSL 的应用程序。 因此,我有一个虚拟密钥库和一个虚拟信任库,我想提供给我的客户。 是否有任何默认文件夹可以将它们放入我的发行版中? 例如文档、lib、bin...等。密钥库通常放在服务器上的哪里,信任库通常放在客户端的哪里?
谢谢
I am writing an application that uses SSL.
Hence, I have a dummy keystore and a dummy truststore I want to supply to my customer.
Is there any default folder to put them inside my distribution?
e.g. docs, lib, bin...etc. Where is usually the keystore put on the server and where is usually truststore put on the client?
Thanks
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
在 Java 中,根据 JSSE 参考指南,
keystore
没有默认值,truststore
的默认值为“jssecacerts(如果存在)。否则为 cacerts” ”。一些应用程序使用 ~/.keystore 作为默认密钥库,但这并非没有问题(主要是因为您可能不希望用户运行的所有应用程序都使用该信任库)。
我建议使用与应用程序捆绑在一起的特定于应用程序的值,它通常更适用。
In Java, according to the JSSE Reference Guide, there is no default for the
keystore
, the default for thetruststore
is "jssecacerts, if it exists. Otherwise, cacerts".A few applications use
~/.keystore
as a default keystore, but this is not without problems (mainly because you might not want all the application run by the user to use that trust store).I'd suggest using application-specific values that you bundle with your application instead, it would tend to be more applicable in general.
就像布鲁诺说的,你最好自己配置。我是这样做的。
首先创建一个属性文件 (/etc/myapp/config.properties)。
然后从代码中将属性加载到您的环境中。这使得您的应用程序可配置。
Like bruno said, you're better configuring it yourself. Here's how I do it.
Start by creating a properties file (/etc/myapp/config.properties).
Then load the properties to your environment from your code. This makes your application configurable.