public static void main(String[] args) throws Exception {
ContextProvider.onStart();
File keyFile = new File("/out/my.key");
File crtFile = new File("/out/my.crt");
EventLoopGroup bossGroup = new NioEventLoopGroup(); // (1)
EventLoopGroup workerGroup = new NioEventLoopGroup();
try {
/** 使用已有的证书 */
final SslContext ctx = SslContextBuilder.forServer(crtFile,
keyFile, "123456").build();
ServerBootstrap b = new ServerBootstrap(); // (2)
b.group(bossGroup, workerGroup)
.channel(NioServerSocketChannel.class) // (3)
.childHandler(new ChannelInitializer<SocketChannel>() { // (4)
@Override
public void initChannel(SocketChannel ch) throws Exception {
ChannelPipeline pipe = ch.pipeline();
if (ch.localAddress().getPort() == 443) {
pipe.addLast(ctx.newHandler(ch.alloc()));
}
pipe.addLast(new RtspDecoder()).addLast(new RTSPHandler());
pipe.addLast(new ReadTimeoutHandler(30));
}
})
.option(ChannelOption.SO_BACKLOG, 128) // (5)
.childOption(ChannelOption.SO_KEEPALIVE, true); // (6)
List<ChannelFuture> futures = new ArrayList<>();
futures.add(b.bind(80));
futures.add(b.bind(443));
for (ChannelFuture f : futures) {
f.channel().closeFuture().sync();
}
} catch (Exception ex) {
logger.error("start netty failed, ", ex);
} finally {
workerGroup.shutdownGracefully();
bossGroup.shutdownGracefully();
}
}
结果报错
java.lang.IllegalArgumentException: File does not contain valid private key: \out\my.key
at io.netty.handler.ssl.SslContextBuilder.keyManager(SslContextBuilder.java:270) ~[netty-all-4.1.32.Final.jar:4.1.32.Final]
at io.netty.handler.ssl.SslContextBuilder.forServer(SslContextBuilder.java:90) ~[netty-all-4.1.32.Final.jar:4.1.32.Final]
at com.eques.eqhome.Main.Main.main(Main.java:153) [classes/:?]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_151]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_151]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_151]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_151]
at org.codehaus.mojo.exec.ExecJavaMojo$1.run(ExecJavaMojo.java:294) [exec-maven-plugin-1.5.0.jar:?]
at java.lang.Thread.run(Thread.java:748) [?:1.8.0_151]
Caused by: java.security.KeyException: could not find a PKCS #8 private key in input stream (see http://netty.io/wiki/sslcontextbuilder-and-private-key.html for more information)
at io.netty.handler.ssl.PemReader.readPrivateKey(PemReader.java:128) ~[netty-all-4.1.32.Final.jar:4.1.32.Final]
at io.netty.handler.ssl.PemReader.readPrivateKey(PemReader.java:109) ~[netty-all-4.1.32.Final.jar:4.1.32.Final]
at io.netty.handler.ssl.SslContext.toPrivateKey(SslContext.java:1015) ~[netty-all-4.1.32.Final.jar:4.1.32.Final]
at io.netty.handler.ssl.SslContextBuilder.keyManager(SslContextBuilder.java:268) ~[netty-all-4.1.32.Final.jar:4.1.32.Final]
... 8 more
因为netty4不支持pkcs12格式的私钥, 所以需要将私钥转换成pkcs8格式. 见
https://blog.csdn.net/wzj_whut/article/details/85715347#pkcs12pkcs8_50
openssl pkcs8 -in my.key -topk8 -out my.pk8