指令是 keytool -importcert -trustcacerts -file CA_CERT_FILE。
在底下的例子中,我試圖以 Groovy 讀取 localhost 的 HTTPS server。
import java.security.KeyStore
import javax.net.ssl.SSLContext
import javax.net.ssl.TrustManagerFactory
import java.net.URL
keyfile = new FileInputStream('localhost.keystore')
keypass = 'password'
keystore = KeyStore.getInstance(KeyStore.getDefaultType())
keystore.load(keyfile, keypass.toCharArray())
keyfile.close()
trusted = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm())
trusted.init(keystore)
ssl = SSLContext.getInstance('SSL')
ssl.init(null, trusted.getTrustManagers(), null)
SSLContext.setDefault(ssl)
cn = 'AMG' // usually hostname if self-signed certificate
uri = new URL("https://${cn}")
conn = uri.openConnection()
input = conn.getInputStream()
reader = new BufferedReader(new InputStreamReader(input))
content = reader.getText()
println content
