for - how to make jar file in java

Todavía estoy trabajando en la implementación, pero creo que es posible cargar el almacén de claves del contenedor a través de InputStream y configurar explícitamente el TrustStore programáticamente (frente a establecer las propiedades del sistema). Ver el artículo: Configurar múltiples truststore en la misma JVM

Lo tengo trabajando!

InputStream keystoreInput = Thread.currentThread().getContextClassLoader() .getResourceAsStream(<path in jar>/client.ks"); InputStream truststoreInput = Thread.currentThread().getContextClassLoader() .getResourceAsStream(<path in jar>/client.ts"); setSSLFactories(keystoreInput, "password", truststoreInput); keystoreInput.close(); truststoreInput.close(); private static void setSSLFactories(InputStream keyStream, String keyStorePassword, InputStream trustStream) throws Exception { // Get keyStore KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); // if your store is password protected then declare it (it can be null however) char[] keyPassword = keyStorePassword.toCharArray(); // load the stream to your store keyStore.load(keyStream, keyPassword); // initialize a trust manager factory with the trusted store KeyManagerFactory keyFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); keyFactory.init(keyStore, keyPassword); // get the trust managers from the factory KeyManager[] keyManagers = keyFactory.getKeyManagers(); // Now get trustStore KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType()); // if your store is password protected then declare it (it can be null however) //char[] trustPassword = password.toCharArray(); // load the stream to your store trustStore.load(trustStream, null); // initialize a trust manager factory with the trusted store TrustManagerFactory trustFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); trustFactory.init(trustStore); // get the trust managers from the factory TrustManager[] trustManagers = trustFactory.getTrustManagers(); // initialize an ssl context to use these managers and set as default SSLContext sslContext = SSLContext.getInstance("SSL"); sslContext.init(keyManagers, trustManagers, null); SSLContext.setDefault(sslContext); }

Aquí hay una versión limpia de la respuesta del usuario2529737 , en caso de que ayude. Ha eliminado la configuración innecesaria del almacén de confianza y añadido las importaciones necesarias, los parámetros para el tipo de almacén de claves y la contraseña de la clave.

import javax.net.ssl.HttpsURLConnection; import javax.net.ssl.KeyManager; import javax.net.ssl.KeyManagerFactory; import javax.net.ssl.SSLContext; import java.io.BufferedReader; import java.io.InputStream; import java.io.InputStreamReader; import java.net.URL; import java.security.KeyStore; public class PlainJavaHTTPS2Test { public void setUp() throws Exception { final String KEYSTOREPATH = "clientkeystore.p12"; // or .jks // store password can be null if there is no password final char[] KEYSTOREPASS = "keystorepass".toCharArray(); // key password can be null if there is no password final char[] KEYPASS = "keypass".toCharArray(); try (InputStream storeStream = this.getClass().getResourceAsStream(KEYSTOREPATH)) { setSSLFactories(storeStream, "PKCS12", KEYSTOREPASS, KEYPASS); } } private static void setSSLFactories(InputStream keyStream, String keystoreType, char[] keyStorePassword, char[] keyPassword) throws Exception { KeyStore keyStore = KeyStore.getInstance(keystoreType); keyStore.load(keyStream, keyStorePassword); KeyManagerFactory keyFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); keyFactory.init(keyStore, keyPassword); KeyManager[] keyManagers = keyFactory.getKeyManagers(); SSLContext sslContext = SSLContext.getInstance("SSL"); sslContext.init(keyManagers, null, null); SSLContext.setDefault(sslContext); } }