java https 服务,简单的Java HTTPS服务器

I need to setup a really lightweight HTTPS server for a Java application. It's a simulator that's being used in our development labs to simulate the HTTPS connections accepted by a piece of equipment in the wild. Because it's purely a lightweight development tool and isn't used in production in any way at all I'm quite happy to bypass certifications and as much negotiation as I can.

I'm planning on using the HttpsServer class in Java 6 SE but I'm struggling to get it working. As a test client I'm using wget from the cygwin command line (wget https://[address]:[port]) but wget reports that it was "Unable to establish SSL connection".

If I run wget with the -d option for debugging it tells me "SSL handshake failed".

I've spent 30 minutes googling this and everything seems to just point back to the fairly useless Java6 documentation that describes the methods but doesn't actually talk about how to get the darn thing talking or provide any example code at all.

Can anyone nudge me in the right direction?

解决方案

What I eventually used was this:

try

{

// setup the socket address

InetSocketAddress address = new InetSocketAddress ( InetAddress.getLocalHost (), config.getHttpsPort () );

// initialise the HTTPS server

HttpsServer httpsServer = HttpsServer.create ( address, 0 );

SSLContext sslContext = SSLContext.getInstance ( "TLS" );

// initialise the keystore

char[] password = "simulator".toCharArray ();

KeyStore ks = KeyStore.getInstance ( "JKS" );

FileInputStream fis = new FileInputStream ( "lig.keystore" );

ks.load ( fis, password );

// setup the key manager factory

KeyManagerFactory kmf = KeyManagerFactory.getInstance ( "SunX509" );

kmf.init ( ks, password );

// setup the trust manager factory

TrustManagerFactory tmf = TrustManagerFactory.getInstance ( "SunX509" );

tmf.init ( ks );

// setup the HTTPS context and parameters

sslContext.init ( kmf.getKeyManagers (), tmf.getTrustManagers (), null );

httpsServer.setHttpsConfigurator ( new HttpsConfigurator( sslContext )

{

public void configure ( HttpsParameters params )

{

try

{

// initialise the SSL context

SSLContext c = SSLContext.getDefault ();

SSLEngine engine = c.createSSLEngine ();

params.setNeedClientAuth ( false );

params.setCipherSuites ( engine.getEnabledCipherSuites () );

params.setProtocols ( engine.getEnabledProtocols () );

// get the default parameters

SSLParameters defaultSSLParameters = c.getDefaultSSLParameters ();

params.setSSLParameters ( defaultSSLParameters );

}

catch ( Exception ex )

{

ILogger log = new LoggerFactory ().getLogger ();

log.exception ( ex );

log.error ( "Failed to create HTTPS port" );

}

}

} );

LigServer server = new LigServer ( httpsServer );

joinableThreadList.add ( server.getJoinableThread () );

}

catch ( Exception exception )

{

log.exception ( exception );

log.error ( "Failed to create HTTPS server on port " + config.getHttpsPort () + " of localhost" );

}

To generate a keystore:

$ keytool -genkey -alias alias -keypass simulator \

-keystore lig.keystore -storepass simulator

See also here.

Potentially storepass and keypass might be different, in which case the ks.load and kmf.init must use storepass and keypass, respectively.