- 浏览: 93949 次
- 性别:
- 来自: 上海
文章分类
- 全部博客 (61)
- Hibernate (5)
- WebService (6)
- Python (13)
- ExtJs (0)
- Java (20)
- SMB (1)
- Game (1)
- Java Advanced Image (1)
- CMD (4)
- Oracle (2)
- Windows (2)
- Linux (1)
- Forums (1)
- Struts (2)
- Internationalization (1)
- NTLM (1)
- HttpClient (1)
- Http (1)
- Form (1)
- Tomcat (2)
- Log4j (1)
- Eclipse (1)
- ant (1)
- soap (0)
- SSL (2)
- security (2)
- permission (1)
- 面试 (0)
- authentication (1)
- Spring (0)
- ioc (0)
- javascript (1)
- license (0)
- web (0)
- Maven (0)
- website (0)
- tool (0)
- git (1)
- Thread (2)
- 软件工程 (0)
- mongodb (1)
最新评论
-
howgoo:
OpenSystemArchitect 中文乱码。
免费的数据库建模工具 -
tojaoomy:
如果需要输出时不换行,在最后加上逗号即可。比如print 'H ...
Python静态属性,静态方法 -
tojaoomy:
http://www.oracle.com/technetwo ...
丢失更新 -
tojaoomy:
teasp 写道tojaoomy 写道teasp 写道toja ...
synchronized (this) 柳暗花明又一村 -
teasp:
tojaoomy 写道teasp 写道tojaoomy 写道t ...
synchronized (this) 柳暗花明又一村
Java SSL
一直调查SSL的问题,毫无进展,头疼,先把手头搞定的资料整理下:
网上的资料很多,偷懒一下把。
服务器端代码:
package com.ricoh.rits.bct.ssl; import java.io.BufferedReader; import java.io.FileInputStream; import java.io.FileNotFoundException; import java.io.IOException; import java.io.InputStreamReader; import java.io.PrintWriter; import java.io.UnsupportedEncodingException; import java.net.Socket; import java.security.KeyManagementException; import java.security.KeyStore; import java.security.KeyStoreException; import java.security.NoSuchAlgorithmException; import java.security.UnrecoverableKeyException; import java.security.cert.CertificateException; import javax.net.ssl.SSLServerSocket; import javax.net.ssl.SSLServerSocketFactory; import javax.net.ssl.SSLSocket; import com.sun.net.ssl.KeyManagerFactory; import com.sun.net.ssl.SSLContext; public class SSLServer { public static final int PORT = 8888; public static SSLServerSocket server; public SSLServer() {} @SuppressWarnings("deprecation") public static SSLServerSocket getServerSocket(int port){ SSLServerSocket s = null; try { String key = "E:\\others\\ssl\\SSLKey"; char keyStorePass[] = "rst200233".toCharArray(); char keyPassword[] = "rst200233".toCharArray(); KeyStore ks = KeyStore.getInstance("JKS"); ks.load(new FileInputStream(key),keyStorePass); //create Manager Secret Key Library of JKS KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509"); kmf.init(ks, keyPassword); SSLContext sslContext = SSLContext.getInstance("SSLv3"); //init SSL context,second agrument tell JSSE the CA where from //set null means get CA from the javax.net.ssl.trustStore //third argument is the JSSE ramdonly generated,while this agrument will affect the security of the system //it is good chioce to set its value null,can ensure the JSSE security. sslContext.init(kmf.getKeyManagers(), null, null); //according to the privious configuration on SSLContext to create SSLServerSocketFactory,different with common method SSLServerSocketFactory factory = sslContext.getServerSocketFactory(); s = (SSLServerSocket) factory.createServerSocket(port); } catch (KeyStoreException e) { e.printStackTrace(); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } catch (CertificateException e) { e.printStackTrace(); } catch (FileNotFoundException e) { e.printStackTrace(); } catch (IOException e) { e.printStackTrace(); } catch (UnrecoverableKeyException e) { e.printStackTrace(); } catch (KeyManagementException e) { e.printStackTrace(); } return (s); } public static void main(String[] args) { try { server = getServerSocket(PORT); System.out.println("Waiting for connection... on port " + PORT); while(true){ SSLSocket socket = (SSLSocket) server.accept(); new CreateThread(socket); } } catch (IOException e) { // TODO Auto-generated catch block e.printStackTrace(); } } } class CreateThread extends Thread{ static BufferedReader in; static PrintWriter out; static Socket s; public CreateThread(Socket socket) { try { s = socket; in = new BufferedReader(new InputStreamReader(s.getInputStream(),"UTF-8")); out = new PrintWriter(s.getOutputStream(),true); start(); } catch (UnsupportedEncodingException e) { e.printStackTrace(); } catch (IOException e) { e.printStackTrace(); } } @Override public void run() { String msg; StringBuilder builder = new StringBuilder(); try { msg = in.readLine(); builder.append(msg); System.out.println(builder.toString()); out.println(builder.toString()); s.close(); } catch (IOException e) { e.printStackTrace(); } } }
其实只要在浏览器Type :https://localhost:8888也可以访问,输出的内容如下:
GET / HTTP/1.1
但是,把服务器的线程内容稍作修改的话,
msg = in.readLine(); builder.append(msg); while(msg != null){ msg = in.readLine(); builder.append(msg); }
会出现一个问题:
不知为何,一致阻塞在哪里,百思不得其解。
或者在IDE如下
客户端代码:
package com.ricoh.rits.bct.ssl; import java.io.IOException; import java.io.PrintWriter; import java.net.Socket; import java.net.UnknownHostException; import javax.net.ssl.SSLSocketFactory; public class SSLClient { static int port = 8888; public static void main(String[] args) { System.out.println(System.getProperty("java.home")); SSLSocketFactory factory = (SSLSocketFactory) SSLSocketFactory.getDefault(); try { Socket s = factory.createSocket("localhost", port); PrintWriter out = new PrintWriter(s.getOutputStream(),true); out.println("你好,我叫何剑!!!"); out.close(); s.close(); } catch (UnknownHostException e) { // TODO Auto-generated catch block e.printStackTrace(); } catch (IOException e) { // TODO Auto-generated catch block e.printStackTrace(); } } }
参考资料:
http://fishhappy365.iteye.com/blog/963876
http://java.chinaitlab.com/JavaSecurity/792540.html
http://www.51testing.com/?uid-202848-action-viewspace-itemid-134594
下面的命令来检测是否已经正确完成了授权。
keytool -list -v -keystore SSLKey(生成的证书名称)
发表评论
-
Filter,Servlet,Conponent如何获取ApplicationContext
2014-08-04 18:35 1193Filter 获取Context 在init()方法获取S ... -
synchronized (this) 柳暗花明又一村
2013-05-17 16:23 1446今天写一个测试类,主要是测试wait(long timeo ... -
同一个线程synchronized方法调用synchronized方法
2013-02-21 16:28 884一个线程里面有两个synchronized方法a(),b( ... -
Java开源工具:网站开发工具清单
2012-07-23 14:07 0【IT168 技术】美国程序员Jon Sco ... -
Maven construct Maven Project
2012-07-17 17:36 0<project xmlns="http ... -
开源中最好的Web开发的资源
2012-06-20 09:52 0文章来源:Best “must know” open sour ... -
SimulateSpringIOC
2012-05-20 15:05 0Code View: package jp.co.ri ... -
User Authentication
2012-05-18 14:35 1743The Java Authentication and Aut ... -
Security Managers and Permissions
2012-05-11 17:44 944Once a class has been loaded in ... -
[转]Web Services Over SSL - HOW TO
2012-05-07 15:31 878一篇好文章,原文地址:http://www.pankaj- ... -
Java Use the keyword goto
2012-05-07 14:53 0Today,I am unconsciously found ... -
HttpClient Access to HTML Form
2012-03-19 17:27 943Sample Html Form Code: <s:f ... -
Top 10 Java Developer Forums
2012-03-08 15:46 1083Developers get into tricky situ ... -
Python调用WebService出错,求解决
2012-03-01 21:43 1396import logginglogging.basicConf ... -
windows下安装suds一些问题
2012-03-01 11:26 4866使用java访问SharePoint,当初不知为何,多种方式失 ... -
Web Service for Python
2012-02-29 15:04 0Welcome to the Python Web Ser ... -
发几个收藏的Java游戏
2012-02-29 13:47 578JavaMine.jar 扫雷 jdiamonds. ... -
How Java access to shared folder
2012-02-27 20:23 1098import java.io.IOException; im ... -
Axis2 integrate with tomcat occur "unsupport" error
2012-02-27 14:42 1838Creating a Dynamic web project ... -
内网WebService访问外网出现UnknownHostException方法
2012-02-21 21:54 3360If you utilize webservice to su ...
相关推荐
NULL 博文链接:https://1002878825-qq-com.iteye.com/blog/1838805
ssl demo 测试双向认证握手时间消耗 华为的手机消耗比较多时间
java实现 SSL双向认证,java ssl包使用
NULL 博文链接:https://410063005.iteye.com/blog/1751243
java实现 SSL双向认证,java ssl包使用
下载cer.zip文件后解压,得到cer文件夹,该目录下有运行脚本,其中Test文件夹为java项目源码,直接导出到Eclipse。 SSLServer主类在com.csii.ssl包下,其它pack下的内容都用不到。 cer目录下除server.sh,client.sh,...
java SSL HttpClient。java 通过ssl去访问服务器(tomcat)
java 支持SSL/TLS协议 支持HTTPS
NULL 博文链接:https://jiangdian.iteye.com/blog/501164
SSL加密简单的服务端和客户端书写.希望对大家有所帮助
Tomcat中SSL配置(SSL安全协议认证)
this is about ssl to connect the server and client
ssl 生成文件key 包含服务端、客户端、并解决乱码问题
Secure Login based on SSL Server Socket.
用法示例: mvn 编译 exec:java -Daddress=$HOST_IP:5696 -DprivateKey=private.key -DpublicKey=public.crt
java实现的ssl登陆,与开放平台原理相似,提供出来供大家学习参考
ssl加密传输:包含了证书的生成,加载,服务器与客户端的双向通讯程序,是我花了很大精力才弄出来的,欢迎大家来借鉴啊....
使用方法见:https://blog.csdn.net/upset_ming/article/details/96491058 1. 修改了前一版本中证书验证的bug,支持JDK8的高版本 2. 支持国密SSL双向认证 3. 将过期的国密证书替换为新证书
portecle制作证书工具,详细操作 http://www.oschina.net/p/portecle