java安全套接层SSL示例

原文地址为:java安全套接层SSL示例

1.建立密钥库:

keytool -genkey -v -keyalg RSA -alias test -keystore sslkeystore
其中;-keyalg RSA表示密钥算法RSA,-alias test 表示别名test,-keystore sslkeystore 表示密钥库名为sslkeystore

2. 制作 证书文件:制作证书是从密钥库输出特定别名的证书,保存到证书文件test.cer中。

keytool -export -alias test -file test.cer -keystore sslkeystore

3.将证书文件test.cer导入自己的密钥库test:

keytool -import -alias test -file test.cer -keystore test

4.SSL服务端程序:

SSLServerExample.java

package com.cjq.save;

import java.io.IOException;
import java.io.PrintWriter;
import java.net.ServerSocket;
import java.net.Socket;

import javax.net.ssl.SSLServerSocketFactory;

//SSL服务器端程序
public class SSLServerExample {

	public static void main(String[] args) throws IOException{
		System.setProperty("javax.net.ssl.keyStore","sslkeystore");
		System.setProperty("javax.net.ssl.keyStorePassword", "123456");
		//创建SSLServerSocketFactory类对象。利用getDefault()方法建立一个强制转换成的SSLServerSocketFactory类对象
		SSLServerSocketFactory sslsf = (SSLServerSocketFactory)SSLServerSocketFactory.getDefault();
		//建立服务器套接口ServerSocket类对象,其端口8080
		ServerSocket ss = sslsf.createServerSocket(8080);
		System.out.println("Waiting for connection...");
		
		while(true){
			Socket  s= ss.accept();
			System.out.println("Client connection made");
			//
			PrintWriter out = new PrintWriter(s.getOutputStream());
			out.println("HI");
			System.out.println("HI is sent to client");
			
			
			out.close();
			s.close();
		}
	}

}

5.SSL客户端程序:

SSLClientExample.java:

package com.cjq.save;

import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.net.Socket;

import javax.net.ssl.SSLSocketFactory;

//SSL客户端程序
public class SSLClientExample {

	public static void main(String[] args) throws IOException{
		//
		System.setProperty("javax.net.ssl.trustStore", "test");
		System.setProperty("javax.net.ssl.keyStorePassword", "123456");
		SSLSocketFactory sslsf = (SSLSocketFactory)SSLSocketFactory.getDefault();
		
		Socket s = sslsf.createSocket("127.0.0.1",8080);
		System.out.println("the connection is ok");
		
		BufferedReader in = new BufferedReader(new InputStreamReader(s.getInputStream()));
		
		System.out.println(in.readLine());
		
		in.close();
		s.close();
		
		System.out.println("the connection is close");
	}

}

6.运行程序:

cmd窗口运行,且程序中System.setProperty(..,...)的代码是不存在的时候:

java  -Djavax.net.ssl.keyStore=sslkeystore -Djava.net.ssl.keyStorePassword=123456 SSLClientExample

则会出现错误:

Exception in thread "main" java.net.SocketException: java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: Default, provider: SunJSSE, class: com.sun.net.ssl.internal.ssl.DefaultSSLContextImpl)
	at javax.net.ssl.DefaultSSLServerSocketFactory.throwException(Unknown Source)
	at javax.net.ssl.DefaultSSLServerSocketFactory.createServerSocket(Unknown Source)
	at com.cjq.save.SSLServerExample.main(SSLServerExample.java:16)
Caused by: java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: Default, provider: SunJSSE, class: com.sun.net.ssl.internal.ssl.DefaultSSLContextImpl)
	at java.security.Provider$Service.newInstance(Unknown Source)
	at sun.security.jca.GetInstance.getInstance(Unknown Source)
	at sun.security.jca.GetInstance.getInstance(Unknown Source)
	at javax.net.ssl.SSLContext.getInstance(Unknown Source)
	at javax.net.ssl.SSLContext.getDefault(Unknown Source)
	at javax.net.ssl.SSLServerSocketFactory.getDefault(Unknown Source)
	at com.cjq.save.SSLServerExample.main(SSLServerExample.java:14)
Caused by: java.security.UnrecoverableKeyException: Password must not be null
	at sun.security.provider.JavaKeyStore.engineGetKey(Unknown Source)
	at sun.security.provider.JavaKeyStore$JKS.engineGetKey(Unknown Source)
	at java.security.KeyStore.getKey(Unknown Source)
	at com.sun.net.ssl.internal.ssl.SunX509KeyManagerImpl.<init>(Unknown Source)
	at com.sun.net.ssl.internal.ssl.KeyManagerFactoryImpl$SunX509.engineInit(Unknown Source)
	at javax.net.ssl.KeyManagerFactory.init(Unknown Source)
	at com.sun.net.ssl.internal.ssl.DefaultSSLContextImpl.getDefaultKeyManager(Unknown Source)
	at com.sun.net.ssl.internal.ssl.DefaultSSLContextImpl.<init>(Unknown Source)
	at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
	at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
	at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
	at java.lang.reflect.Constructor.newInstance(Unknown Source)
	at java.lang.Class.newInstance0(Unknown Source)
	at java.lang.Class.newInstance(Unknown Source)
	... 7 more

原因是密码为空,但实际上参数中有“-Djava.net.ssl.keyStorePassword=123456”这个,密码不应该为空, 却报空, 目前不解。

但将java 之后两个参数写在程序中:

		System.setProperty("javax.net.ssl.keyStore","sslkeystore");
		System.setProperty("javax.net.ssl.keyStorePassword", "123456");
则正常运行。







转载请注明本文地址:java安全套接层SSL示例
阅读更多

没有更多推荐了,返回首页