我在java安全方面相当新,我的任务是为我的网络服务器进行客户端身份验证。
我从Web服务器获得的文件是server.jks client.jks,client.p12,client.pem,不知怎的,我需要使用客户端证书将我的客户端验证到服务器。
我有这个代码,我需要知道iam是否遗漏了一些信息,因为这段代码会引发我在下面发布的异常。
System.setProperty(" javax.net.debug"" SSL&#34);
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
KeyStore keyStore = KeyStore.getInstance("PKCS12");
InputStream is = new FileInputStream(new File("client.p12"));
keyStore.load(is,"ccCert".toCharArray());
is.close();
keyManagerFactory.init(keyStore,"ccCert".toCharArray());
SSLContext context = SSLContext.getInstance("TLS");
TrustManagerFactory trustManagerFactory = TrustManagerFactory
.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(keyStore);
context.init(keyManagerFactory.getKeyManagers(),trustManagerFactory.getTrustManagers(), new SecureRandom());
URL url = new URL("https://localhost:8787");
HttpsURLConnection con = (HttpsURLConnection) url.openConnection();
con.setSSLSocketFactory(context.getSocketFactory());
con.connect();
Exception in thread "main" javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target.
如果有人能给我一些提示,我的代码有什么问题,或者我错过的内容会非常有帮助。
提前致谢。