如何解决如何找出预先为AWS Lambda安装了哪些受信任的CA?
对于我的AWS Lambda,我需要知道那里有哪些受信任的CA。我想要一个CA的列表,以便lambda尝试达到的服务可以信任它而无需安装任何新证书。
解决方法
您可以发现自己:
public class PrintCAInfo implements RequestStreamHandler {
public void handleRequest(InputStream inputStream,OutputStream outputStream,Context context) throws IOException {
LambdaLogger logger = context.getLogger();
StringBuilder stringBuilder = new StringBuilder("[");
try {
TrustManagerFactory trustManagerFactory =
TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init((KeyStore) null);
for( TrustManager trustManager: trustManagerFactory.getTrustManagers()) {
X509TrustManager x509TrustManager = (X509TrustManager)trustManager;
for(X509Certificate x509Certificate: x509TrustManager.getAcceptedIssuers() ) {
stringBuilder.append("{");
stringBuilder.append("\"subjectDN\":\"");
stringBuilder.append(x509Certificate.getSubjectDN().toString().replaceAll("\"",""));
stringBuilder.append("\"},");
}
}
} catch (NoSuchAlgorithmException | KeyStoreException e) {
e.printStackTrace();
}
stringBuilder = new StringBuilder(stringBuilder.substring(0,stringBuilder.length() - 1));
stringBuilder.append("]");
OutputStreamWriter writer = new OutputStreamWriter(outputStream,StandardCharsets.UTF_8);
writer.write(stringBuilder.toString());
logger.log(stringBuilder.toString());
writer.close();
}
}
这将返回(并记录)一个非常简单的JSON正文:
[
{
"subjectDN": "CN=Amazon RDS eu-south-1 CA,OU=Amazon RDS,O=Amazon Web Services,Inc.,L=Seattle,ST=Washington,C=US"
},{
"subjectDN": "CN=Hongkong Post Root CA 1,O=Hongkong Post,C=HK"
},{
"subjectDN": "CN=SecureTrust CA,O=SecureTrust Corporation,{
"subjectDN": "CN=Entrust Root Certification Authority - EC1,OU=(c) 2012 Entrust,Inc. - for authorized use only,OU=See www.entrust.net/legal-terms,O=Entrust,{
"subjectDN": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,{
"subjectDN": "OU=Security Communication RootCA1,O=SECOM Trust.net,C=JP"
},
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。