可以通过 System.setProperty("javax.net.ssl.keyStore", "d:\test.keys"); 设置证书。
package org.sl.bean;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.UnsupportedEncodingException;
import java.net.ConnectException;
import java.net.UnknownHostException;
import java.security.KeyStore;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import org.apache.log4j.Logger;
public class SSLClientFactory {
public static final String ENCODING = "UTF-8";
private static final Logger logger = Logger.getLogger(SSLClientFactory.class);
private String serverIp = null;
private int serverPort = 0;
private String keyFile = null;
private SSLSocketFactory sslClientFactory = null;
private char[] passwd = null;
private boolean initSession = false;
public SSLClientFactory(String serverIp, int serverPort){
this.serverIp = serverIp;
this.serverPort = serverPort;
}
public SSLClientFactory(){
}
public boolean send(String msg){
try {
return send(msg.getBytes(ENCODING));
} catch (UnsupportedEncodingException ex) {
logger.error(ex.getMessage(), ex);
return false;
}
}
public boolean send(byte[] msg){
boolean success = false;
SSLSocket client = null;
OutputStream out = null;
try{
client = createClient();
out = client.getOutputStream();
out.write(msg);
success = true;
}catch(Exception ex){
logger.error(ex.getMessage(), ex);
success = false;
}finally{
try{
if(null != client) client.close();
}catch(Exception ex){
}
}
logger.debug("发送信息成功?"+success);
return success;
}
public SSLSocket createClient() throws UnknownHostException, IOException{
SSLSocket client = null;
if(!initSession){
initSession();
}
for(int i=1;;i++){
try{
client = (SSLSocket) sslClientFactory.createSocket(serverIp, serverPort);
// 如果这个值为true,则可共用一个Session
client.setEnableSessionCreation(true);
if(client.isConnected()){
logger.debug("已连接到"+serverIp+":"+serverPort);
break;
}
}catch(ConnectException ce){
logger.debug("连接失败");
}
if(i > 30 ){
throw new IOException("连接"+serverIp+":"+serverPort+"失败.");
}
try {
Thread.sleep(10000);
} catch (InterruptedException e) {
}
logger.debug("重试("+i+")...");
}
return client;
}
public SSLSocket createClient(String serverIp, int serverPort)
throws UnknownHostException, IOException{
SSLSocket client = null;
if(!initSession){
initSession();
}
for(int i=1;;i++){
try{
client = (SSLSocket) sslClientFactory.createSocket(serverIp, serverPort);
// 如果这个值为true,则可共用一个Session
client.setEnableSessionCreation(true);
if(client.isConnected()){
logger.debug("已连接到"+serverIp+":"+serverPort);
break;
}
}catch(ConnectException ce){
logger.debug("连接失败");
}
if(i > 30 ){
throw new IOException("连接"+serverIp+":"+serverPort+"失败.");
}
try {
Thread.sleep(10000);
} catch (InterruptedException e) {
}
logger.debug("重试("+i+")...");
}
return client;
}
private void initSession(){
KeyStore keyStore = null;
InputStream fileIn = null;
KeyManagerFactory keyManagerFactory = null;
KeyManager[] keyManagers = null;
TrustManagerFactory trustManagerFactory = null;
TrustManager[] trustManagers = null;
SSLContext sslContext = null;
try{
keyStore = KeyStore.getInstance("JKS");
fileIn = new FileInputStream(keyFile);
keyStore.load(fileIn, passwd);
try{
if(null != fileIn) fileIn.close();
}catch(Exception ex1){
}
keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
keyManagerFactory.init(keyStore,passwd);
keyManagers = keyManagerFactory.getKeyManagers();
trustManagerFactory = TrustManagerFactory.getInstance("SunX509");
trustManagerFactory.init(keyStore);
trustManagers = trustManagerFactory.getTrustManagers();
sslContext = SSLContext.getInstance("TLS");
sslContext.init(keyManagers, trustManagers, null);
sslClientFactory = (SSLSocketFactory)sslContext.getSocketFactory();
initSession = true;
}catch(Exception ex){
initSession = false;
throw new RuntimeException(ex);
}
}
public void setPasswd(String passwd){
this.passwd = passwd.toCharArray();
}
public void setKeyFile(String keyFile){
this.keyFile = keyFile;
}
}