我试图在Java中创建安全连接。为此,我创建了以下服务器和客户端
服务器:
public static void main(String[] args){
try {
// relative keystorepath
String certificateChain = "keystore";
String password = "***";
System.setProperty("javax.net.ssl.keyStore", certificateChain);
System.setProperty("javax.net.ssl.keyStorePassword", password);
SSLServerSocketFactory sslserversocketfactory =
(SSLServerSocketFactory) SSLServerSocketFactory.getDefault();
SSLServerSocket sslserversocket =
(SSLServerSocket) sslserversocketfactory.createServerSocket(9999);
SSLSocket sslsocket = (SSLSocket) sslserversocket.accept();
InputStream inputstream = sslsocket.getInputStream();
InputStreamReader inputstreamreader = new InputStreamReader(inputstream);
BufferedReader bufferedreader = new BufferedReader(inputstreamreader);
String string = null;
while ((string = bufferedreader.readLine()) != null) {
System.out.println(string);
System.out.flush();
}
} catch (Exception exception) {
exception.printStackTrace();
}
}
客户:
public static void main(String[] arstring) {
try {
// Pfad zum Truststore
String certificateChain = "/usr/lib64/jvm/java-1.7.0-openjdk-1.7.0/jre/lib/security/cacerts";
String password = "***";
System.setProperty("javax.net.ssl.trustStore", certificateChain);
System.setProperty("javax.net.ssl.trustStorePassword", password);
SSLSocketFactory sslsocketfactory = (SSLSocketFactory) SSLSocketFactory.getDefault();
SSLSocket sslsocket = (SSLSocket) sslsocketfactory.createSocket("localhost", 9999);
OutputStream outputstream = sslsocket.getOutputStream();
OutputStreamWriter outputstreamwriter = new OutputStreamWriter(outputstream);
BufferedWriter bufferedwriter = new BufferedWriter(outputstreamwriter);
String string = "testmessage";
bufferedwriter.write(string + '\n');
bufferedwriter.flush();
} catch (Exception exception) {
exception.printStackTrace();
}
}
之后我尝试将我的证书添加到特定路径的Truststore。 生成的密钥已添加到工作目录中的密钥库中。
如果尝试使用许多不同的关键字关注Google前5页的所有教程和说明,那么运气不错。我总是得到handshake_failure异常:
javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.Alerts.getSSLException(Alerts.java:154)
at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1959)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1077)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312)
at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:702)
at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:122)
at sun.nio.cs.StreamEncoder.writeBytes(StreamEncoder.java:221)
at sun.nio.cs.StreamEncoder.implFlushBuffer(StreamEncoder.java:291)
at sun.nio.cs.StreamEncoder.implFlush(StreamEncoder.java:295)
at sun.nio.cs.StreamEncoder.flush(StreamEncoder.java:141)
at java.io.OutputStreamWriter.flush(OutputStreamWriter.java:229)
at java.io.BufferedWriter.flush(BufferedWriter.java:254)
at client.SSLClientMain.main(SSLClientMain.java:151)
由于代码只是复制粘贴,我认为它不是代码问题,而是证书问题。所以我的问题是: 我做错了什么,我还需要做些什么呢?
答案 0 :(得分:0)
您可能在服务器端使用证书,而在客户端未使用证书,反之亦然。 为服务器和客户端使用相同的证书进行尝试。