问题
It seems to me that there are hardly any good tools out there that help webapp deployers secure their environment. I feel like a lot of deployment grief comes in because the admin hasn't been properly tooled to ignore the intricacies and of TLS/SSL. I once had the good luck of seeing a really good UI management that was intuitive, for an admin of any level, in either websphere or weblogic (i forget) but nothing like that is available today out in the open source community. I would like to put together something for tomcat one day so I'm experimenting and trying to figure out how "not to re-invent" the wheel but it just seems like I can't get my hands on the source code for keytool ... and the class itself is final I think ... so extending it would be out of the question. Does anyone know why SUN made it so hard to do good and intutive security?
Real Question: Are there ways that you know of where someone can programmatically utilize keytool to its fullest?
回答1:
You can use java's KeyStore api to do what keytool does, programmatically. Over the years both the KeyStore api and keytool command line tool have evolved. You can refer to the KeyStore api docs here:
Java 7 KeyStore
Java 8 KeyStore
Java 9 KeyStore
If you are curious on how keytool does it, a quick google search yielded this link, which contains its code.
来源:https://stackoverflow.com/questions/5051195/how-to-utilize-keytool-programmatically