package com.ethan.security;
import java.io.InputStream;
import java.io.OutputStream;
import java.net.ServerSocket;
import java.net.Socket;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLServerSocketFactory;
/**
* SSL secure socket layer 安全套接层
* 服务器发送给客户端 证书
* 客户端 查看自己的证书,存下
* 客户端 要自己取比尔的证书
* @author ETHAN
*
*/
public class ServerSocketTest {
/**
* http://localhost:9999/portal/a.html
* telnet localhsot 9999
*自己随便敲一个字符,看到返回的内容
* @param args
* @throws Exception
*
* user.home --->C:\Users\ETHAN 用户主目录
*
* 使用 https://localhost:9999/portal/a.html 访问浏览器
*
* 证书 用户名 要是自己的域名,这样才匹配
* c:\jdk6\bin>keytool -genkeypair -alias abc -storepass 123456
您的名字与姓氏是什么?
[Unknown]: localhost 此处对应域名网址
您的组织单位名称是什么?
[Unknown]: henu
您的组织名称是什么?
[Unknown]: henu
您所在的城市或区域名称是什么?
[Unknown]: kaifeng
您所在的州或省份名称是什么?
[Unknown]: henan
该单位的两字母国家代码是什么
[Unknown]: cn
CN=localhost, OU=henu, O=henu, L=kaifeng, ST=henan, C=cn 正确吗?
[否]: y
*
* 不受信任,可选择安装证书
*
* c:\jdk6\bin>keytool -delete -alias ethan1
*/
public static void main(String[] args) throws Exception {
// TODO Auto-generated method stub
// ServerSocket ss = new ServerSocket(9999);
//用户主目录
String home = System.getProperty("user.home");
System.setProperty("javax.net.ssl.keyStore", home+"/.keystore");
System.setProperty("javax.net.ssl.keyStorePassword", "123456");
//要去keystore里边去取证书
SSLServerSocketFactory factory = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault();
SSLServerSocket ss = (SSLServerSocket) factory.createServerSocket(9999);
//15人可以连接
for(int i=0;i<15;i++) {
//匿名内部类访问 局部变量 加 final
final Socket socket = ss.accept();
System.out.println(socket.getInetAddress());
new Thread() {
public void run() {
OutputStream ops = null;
InputStream ips = null;
try {
ops = socket.getOutputStream();
ips = socket.getInputStream();
byte[] buf = new byte[1024];
int len = ips.read(buf);
System.out.println(new String(buf,0,len));
ops.write("welcome nba".getBytes());
} catch (Exception e) {
// TODO: handle exception
e.printStackTrace();
} finally {
try{ops.close();}catch(Exception e) {}
try{ips.close();}catch(Exception e) {}
try{socket.close();}catch(Exception e) {}
}
}
}.start();
}
}
}
客户端:
package com.ethan.security;
import java.io.InputStream;
import java.io.OutputStream;
import java.net.Socket;
import javax.net.ssl.SSLSocketFactory;
public class SocketTest {
/**
* SSL客户端
* truststore
* 拿到证书
* 导入到 c:\jdk6\jre\lib\security\cacerts(修改一下eclipse的默认配置)
* 如果不指定truststore,java程序就去找c:\jdk6\jre\lib\security\cacerts
*
* 指定属性:javax.net.ssl.trustStore证书文件的目录
* @param args
*
* 客户端访问,会找一个受信任证书
* 两套证书:个人证书,信任别人的证书
*/
public static void main(String[] args) throws Exception {
// TODO Auto-generated method stub
//Socket socket = new Socket("localhost",9999);
SSLSocketFactory factory = (SSLSocketFactory) SSLSocketFactory.getDefault();
Socket socket = factory.createSocket("localhost",9999);
OutputStream ops = null;
InputStream ips = null;
try {
ops = socket.getOutputStream();
ips = socket.getInputStream();
ops.write("welcome nba".getBytes());
byte[] buf = new byte[1024];
int len = ips.read(buf);
System.out.println(new String(buf,0,len));
} catch (Exception e) {
// TODO: handle exception
e.printStackTrace();
} finally {
try{ops.close();}catch(Exception e) {}
try{ips.close();}catch(Exception e) {}
try{socket.close();}catch(Exception e) {}
}
}
}
错误粗浅之处,请多多指教!