我已经读过,可以在不竞争握手的情况下获取证书数据。这是减少时间的理想选择。下面的代码用于获取证书信息,但代码完成了ssl hanndshake。如果任何网络编程专家可以告诉我如何在不完成ssl握手的情况下获取远程主机的证书信息?
package com.kushal.security;
import java.security.cert.Certificate;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
public class JavaSSLCertificate {
public static void main(String[] argv) throws Exception {
int port = 443;
String hostname = "gmail.com";
SSLSocketFactory factory = HttpsURLConnection
.getDefaultSSLSocketFactory();
System.out.println("Creating a SSL Socket For "+hostname+" on port "+port);
SSLSocket socket = (SSLSocket) factory.createSocket(hostname, port);
socket.startHandshake();
System.out.println("Handshaking Complete");
Certificate[] serverCerts = socket.getSession().getPeerCertificates();
System.out.println("Retreived Server's Certificate Chain");
System.out.println(serverCerts.length + "Certifcates Found\n\n\n");
for (int i = 0; i < serverCerts.length; i++) {
Certificate myCert = serverCerts[i];
System.out.println("====Certificate:" + (i+1) + "====");
System.out.println("-Public Key-\n" + myCert.getPublicKey());
System.out.println("-Certificate Type-\n " + myCert.getType());
System.out.println();
}
socket.close();
}
}
答案 0 :(得分:-1)
证书交换是握手的一部分。我不知道你在哪里读到你可以在不等待握手的情况下获得证书,但事实并非如此,至少在JSSE中。它对我来说甚至没有意义。