java keytool生成证书,使用JDK中提供的keytool生成SSL证书

我在Web应用程序中使用的密钥库文件上周过期。我很久以前就创造了它。所以我开始使用keytool生成新的证书。我使用此证书连接事务服务器和Web服务器。我想为这个申请使用自签名证书。我使用以下命令生成事务服务器的自签名密钥。

keytool -genkey -keystore keys/SvrKeyStore -keyalg rsa -validity 365 -alias Svr -storepass 123456 -keypass abcdefg -dname "CN=One1, OU=Development1, O=One, L=Bamba, S=Western Prov1, C=S1"

按照命令为Web应用程序生成密钥库

keytool -genkey -keystore keys/ClientKeyStore -keyalg rsa -validity 365 -alias Web -storepass 123456 -keypass abcdefg -dname "CN=One, OU=Development, O=One, L=Bamba, S=Western Prov, C=SL"

我在事务服务器中使用了以下代码来创建套接字连接

String KEYSTORE = Config.KEYSTORE_FILE;//SvrKeyStore keystore file

char[] KEYSTOREPW = "123456".toCharArray();

char[] KEYPW = "abcdefg".toCharArray();

com.sun.net.ssl.TrustManagerFactory tmf;

boolean requireClientAuthentication;

java.security.Security.addProvider(new com.sun.net.ssl.internal.ssl.

Provider());

java.security.KeyStore keystore = java.security.KeyStore.getInstance(

"JKS");

keystore.load(new FileInputStream(KEYSTORE), KEYSTOREPW);

com.sun.net.ssl.KeyManagerFactory kmf = com.sun.net.ssl.

KeyManagerFactory.getInstance("SunX509");

kmf.init(keystore, KEYPW);

com.sun.net.ssl.SSLContext sslc = com.sun.net.ssl.SSLContext.

getInstance("SSLv3");

tmf = com.sun.net.ssl.TrustManagerFactory.getInstance("sunx509");

tmf.init(keystore);

sslc.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);

SSLServerSocketFactory ssf = sslc.getServerSocketFactory();

SSLServerSocket ssocket = (SSLServerSocket) ssf.createServerSocket(port);

ssocket.setNeedClientAuth(true);

但当我在应用程序中使用它并尝试通过Web服务器连接到事务服务器时,它给出了以下异常

javax.net.ssl.SSLException: Connection has been shutdown: javax.net.ssl.SSLHands

hakeException: java.security.cert.CertificateException: Untrusted Server Certifi

cate Chain

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.checkEOF(SSLSocketImpl.jav

a:1172)

at com.sun.net.ssl.internal.ssl.AppInputStream.read(AppInputStream.java:

65)

at net.schubart.fixme.internal.MessageInput.readExactly(MessageInput.jav

a:166)

at net.schubart.fixme.internal.MessageInput.readMessage(MessageInput.jav

a:78)

at cc.aot.itsWeb.ClientWriterThread.run(ClientWriterThread.java:241)

at java.lang.Thread.run(Thread.java:619)

Caused by: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateEx

ception: Untrusted Server Certificate Chain

at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1

520)

at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:182)

at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:176)

at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Clien

tHandshaker.java:975)

at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHa

ndshaker.java:123)

at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:5

11)

at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.jav

a:449)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.j

ava:817)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SS

LSocketImpl.java:1029)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.

java:621)

at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.ja

va:59)

at java.io.OutputStream.write(OutputStream.java:58)

请问哪里有问题

评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值