Zhong Yanghong created KYLIN-3867: ------------------------------------- Summary: Enable JDBC to use key store & trust store for https connection Key: KYLIN-3867 URL: https://issues.apache.org/jira/browse/KYLIN-3867 Project: Kylin Issue Type: Improvement Reporter: Zhong Yanghong Assignee: Zhong Yanghong
In some cases, JDBC clients need to pass its client cert & key to the downstream for authentication. Then the JDBC needs to create a connection with key store & trust store. {code} import java.io.BufferedReader; import java.io.InputStream; import java.io.InputStreamReader; import java.net.URL; import javax.net.ssl.HttpsURLConnection; import javax.net.ssl.SSLSocketFactory; public class SSLContextTest5 { public static void main( String[] args ) throws Exception { System.setProperty("javax.net.ssl.keyStoreType", "jks"); System.setProperty("javax.net.ssl.trustStoreType", "jks"); System.setProperty("javax.net.ssl.keyStore", "/export/home/miweng/test2/mystore.jks"); System.setProperty("javax.net.ssl.trustStore", "/export/home/miweng/test2/truststore.jks"); System.setProperty("javax.net.ssl.keyStorePassword", "changeit"); System.setProperty("javax.net.ssl.trustStorePassword", "changeit"); //System.setProperty("https.protocols", "TLSv1.2"); try { URL url = new URL( "https://manage-proxy.vip.xxx.com/ws/spf"); HttpsURLConnection con = (HttpsURLConnection) url.openConnection(); SSLSocketFactory sslsocketfactory = (SSLSocketFactory) SSLSocketFactory.getDefault(); con.setSSLSocketFactory(sslsocketfactory); InputStream inputstream = con.getInputStream(); InputStreamReader inputstreamreader = new InputStreamReader(inputstream); BufferedReader bufferedreader = new BufferedReader(inputstreamreader); String string = null; while ((string = bufferedreader.readLine()) != null) { System.out.println("Received " + string); } } catch (Exception e) { e.printStackTrace(); } } } {code} -- This message was sent by Atlassian JIRA (v7.6.3#76005)