收到致命警报,bad_certificate

时间:2017-02-21 07:59:35

标签: java ssl

我正在尝试对服务器进行SSL连接。我创建了一个Truststore,并将服务器的证书和我的证书作为可信条目导入Keystore。服务器人员也将我的证书导入他们的密钥库。但是当我尝试连接时,我收到了这个错误:

  

收到致命警报:bad_certificate

在服务器上,他们收到此错误:

  

javax.net.ssl.SSLHandshakeException:null cert chain

我可能做错了什么?,我该如何解决这个错误?我一直在与这个问题作斗争很长一段时间。

我的客户代码

{{1}}

用于创建信任库的Keytool命令

keytool -import -alias client -file client.cer -keystore MyKeystore -storepass mystore

keytool -import -alias server -file server.cer -keystore MyKeystore -storepass mystore

我还将两个证书添加到我的cacerts密钥库

1 个答案:

答案 0 :(得分:0)

已经有一段时间了,但我不得不面对类似的问题。这是我的工作代码:

    Properties systemProps = System.getProperties();
    systemProps.put("javax.net.debug","ssl");
    systemProps.put("javax.net.ssl.trustStore","<path to trustore>");
    systemProps.put("javax.net.ssl.trustStorePassword","password");
    System.setProperties(systemProps);

    SSLContext sslcontext;
    KeyStore keyStore;
    final char[] JKS_PASSWORD = "password".toCharArray();
    final char[] KEY_PASSWORD = "password".toCharArray();

    try {
        final InputStream is = new FileInputStream("<path_to_keystore.pkcs12>");
        keyStore = KeyStore.getInstance("pkcs12");
        keyStore.load(is, JKS_PASSWORD);
        final KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        kmf.init(keyStore, KEY_PASSWORD);

        sslcontext=SSLContext.getInstance("TLS");
        sslcontext.init(kmf.getKeyManagers(), null, new java.security.SecureRandom());
    } catch (Exception ex) {
        throw new IllegalStateException("Failure initializing default SSL context", ex);
    }

    SSLSocketFactory sslsocketfactory = sslcontext.getSocketFactory();  
    DataOutputStream os = null;

    try {
        SSLSocket sslsocket = (SSLSocket) sslsocketfactory.createSocket();
        sslsocket.connect(new InetSocketAddress(host, port), connectTimeout);
        sslsocket.startHandshake();

        os = new DataOutputStream(sslsocket.getOutputStream());
        // log.info("Sending echo packet");
        String toSend = "{\"echo\":\"echo\"}";
        os.writeBytes(toSend);
    } catch (UnknownHostException e) {
        // TODO Auto-generated catch block
        e.printStackTrace();
    } catch (IOException e) {
        // TODO Auto-generated catch block
        e.printStackTrace();
    } catch (InterruptedException e) {
        // TODO Auto-generated catch block
        e.printStackTrace();
    }
相关问题
最新问题