资源简介
SSLSocket双向认证通信示例(含证书库及证书),自己编写的可使用的代码按钮,此代码中含将服务端证书及CA证书自动下载并导入到客户端证书库的功能。
代码片段和文件信息
package ssl_client;
import java.io.BufferedReader;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.nio.charset.CharsetEncoder;
import java.nio.charset.spi.CharsetProvider;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
public class CertHelper {
public static boolean intallCert(String trustKeyStoreFilePath
String trustKeyStorePassword String targetHost int targetPort)
throws Exception {
char[] passphrase = trustKeyStorePassword.toCharArray();
File file = new File(trustKeyStoreFilePath);
if (!file.isFile()) {
char SEP = File.separatorChar;
File dir = new File(System.getProperty(“java.home“) + SEP + “lib“
+ SEP + “security“);
file = new File(dir “jssecacerts“);
if (file.isFile() == false) {
file = new File(dir “cacerts“);
}
}
System.out.println(“加载证书库[“ + file + “]...“);
InputStream in = new FileInputStream(file);
KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
ks.load(in passphrase);
in.close();
SSLContext context = SSLContext.getInstance(“TLS“);
TrustManagerFactory tmf = TrustManagerFactory
.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(ks);
X509TrustManager defaultTrustManager = (X509TrustManager) tmf
.getTrustManagers()[0];
SavingTrustManager tm = new SavingTrustManager(defaultTrustManager);
context.init(null new TrustManager[] { tm } null);
SSLSocketFactory factory = context.getSocketFactory();
System.out.println(“连接 “ + targetHost + “:“ + targetPort + “...“);
SSLSocket socket = (SSLSocket) factory.createSocket(targetHost
targetPort);
socket.setSoTimeout(10000);
try {
socket.startHandshake();
socket.close();
// System.out.println(“存在可信证书,handshake通信成功.“);
// return true;
} catch (Exception e) {
System.out.println(“handshake通信失败...“);
System.out.println(e);
}
X509Certificate[] chain = tm.chain;
if (chain == null) {
System.out.println(“不包含服务器证书链安装失败.“);
return false;
}
System.out.println();
System.out.println(String.format(“收到服务器发送的%d个证书.“ chain.length));
System.out.println();
for (int i = 1; i <= chain.length; i++) {
System.out.println(“安装第“ + i + “个数字证书...“);
X509Certificate cert = chain[i - 1];
String alias = targetHost + “-“ + (i);
ks.setCertificateEntry(alias cert);
OutputStream out = new FileOutputStream(trustKeyStoreFilePath);
ks.store(out passphrase);
out.close();
System.out.println(String.format(“成功安装证书[%s]至证书库[%s]“ alias
trustKeySto属性 大小 日期 时间 名称
----------- --------- ---------- ----- ----
目录 0 2016-06-02 10:58 ssl_client\
文件 301 2016-06-01 15:02 ssl_client\.classpath
文件 386 2016-06-01 15:02 ssl_client\.project
目录 0 2016-06-01 15:02 ssl_client\.settings\
文件 598 2016-06-01 15:02 ssl_client\.settings\org.eclipse.jdt.core.prefs
目录 0 2016-06-03 16:06 ssl_client\bin\
目录 0 2016-06-03 18:03 ssl_client\bin\ssl_client\
文件 1303 2016-06-03 17:51 ssl_client\bin\ssl_client\CertHelper$SavingTrustManager.class
文件 5341 2016-06-03 17:51 ssl_client\bin\ssl_client\CertHelper.class
文件 2098 2016-06-01 15:38 ssl_client\bin\ssl_client\sslClientKeysbyKeytool
目录 0 2016-06-03 16:06 ssl_client\bin\ssl_client_test\
文件 3789 2016-06-06 11:29 ssl_client\bin\ssl_client_test\SSLTestClient.class
文件 2919 2016-06-02 10:58 ssl_client\jssecacerts
目录 0 2016-06-03 16:02 ssl_client\src\
目录 0 2016-06-03 18:01 ssl_client\src\ssl_client\
文件 4137 2016-06-03 17:51 ssl_client\src\ssl_client\CertHelper.java
目录 0 2016-06-03 16:02 ssl_client\src\ssl_client_test\
文件 2340 2016-06-06 11:29 ssl_client\src\ssl_client_test\SSLTestClient.java
目录 0 2016-06-01 14:53 ssl_server\
文件 301 2016-06-01 14:53 ssl_server\.classpath
文件 386 2016-06-01 15:02 ssl_server\.project
目录 0 2016-06-01 14:53 ssl_server\.settings\
文件 598 2016-06-01 14:53 ssl_server\.settings\org.eclipse.jdt.core.prefs
目录 0 2016-06-03 18:03 ssl_server\bin\
目录 0 2016-06-06 09:29 ssl_server\bin\ssl_server_test\
文件 1242 2016-06-06 13:47 ssl_server\bin\ssl_server_test\SSLTestServer$SavingTrustManager.class
文件 3669 2016-06-06 13:47 ssl_server\bin\ssl_server_test\SSLTestServer.class
目录 0 2016-06-03 18:02 ssl_server\src\
目录 0 2016-06-03 16:00 ssl_server\src\ssl_server_test\
文件 3001 2016-06-06 13:47 ssl_server\src\ssl_server_test\SSLTestServer.java
文件 5107 2016-06-03 18:12 ejbcakclient.jks
............此处省略1个文件信息
- 上一篇:笔记本EC芯片逻辑介绍
- 下一篇:专题图制作的源代码,包括指北针,图例,比例尺
相关资源
- CoreUIVue是基于Bootstrap4的免费Vue管理模
- SpringBoot+H2+mybatis-plus59130
- 登录注册界面.zip48872
- 数字华容道
- SSM+Shiro+redis实现单点登陆
- jstl-api-1.2和jstl-impl-1.2
- 基于MVC模式的会员管理系统
- 国内一家大型软件公司内部的正规软
- 仿windows记事本
- GUI银行管理系统
- 超市收银系统eclipse access大学课程设计
- 模拟ATM柜员机系统--连接数据库
- A*算法的2D演示(带源码)
- 代码审查表和代码审查实例
- 仿126 网易 163 邮箱 界面
- Tomcat6.x
- 简单的行编辑器
- 扫雷(MVC架构)
- 302 Found
- window ping命令加时间并记录日志
- springboot+rabbitmq项目demo(亲测可正常运
- jxbrowser 所有版本通用的破解包
- 2017年-传智播客-张志君老师-SpringBoo
- Blob.js+Export2Excel.js
- 机会路由源代码+仿真工具(SCORP)
- POI中文帮助文档附带api手册.zip
- 2018双十一阿里供应链服务平台讲座
- 原银在线信贷平台概要设计说明书v
- office_word_api 开发文档
- sun.misc.Unsafe源码
川公网安备 51152502000135号
评论
共有 条评论