This web page has links to Java code that demonstrates how to build a basic SSL client server that uses the Apache Thrift SSL classes (from Thrift 0.9.0).
This code is just reference code and doesn't do anything more than send a string from the client to the server.
Apache Thrift allows communication objects, with marshaling and unmarshaling, to be built via an abstract defintion and compiled for a variety of languages (including Java and Python). Using SSL with Thrift can be a bit obscure.
This code is based on Buddhika Chamith's code, which I gratefully acknowledge.
|
To generate the key the SSL Keys for SSL communication in Java |
keytool -genkeypair -alias certificatekey -keyalg RSA -validity 7 -keystore keystore.jks Give a suitable password and answers to the prompts. After that it will create the key store keystore.jks containing generated private/ public key pair. keytool -export -alias certificatekey -keystore keystore.jks -rfc -file cert.cer Export the certificate (cret.cer) containing the public key from the key store using following command. keytool -export -alias certificatekey -keystore keystore.jks -rfc -file cert.cer Create trust store Now let's create the trust store (truststore.jks) and import the certificate to it. This can be done using single command line as given below. keytool -import -alias certificatekey -file cert.cer -keystore truststore.jks Again give a password and say yes to the prompt asking whether to trust this certificate. Now the certificate setup is complete. Let's create the secure Thrift server and client to consume it.
From: Buddhika Chamith's blog |