Java ssl客户端标识
我使用的是具有相互标识(ClientAuth)的SSL套接字服务器和客户端程序。客户机有两种类型,每种类型使用自己的证书。服务器如何确定新连接的clent的类型,例如客户端的证书别名或其他可区分的属性 以下是设置服务器并接受连接表单客户端的代码:Java ssl客户端标识,java,ssl,Java,Ssl,我使用的是具有相互标识(ClientAuth)的SSL套接字服务器和客户端程序。客户机有两种类型,每种类型使用自己的证书。服务器如何确定新连接的clent的类型,例如客户端的证书别名或其他可区分的属性 以下是设置服务器并接受连接表单客户端的代码: SSLContext ctx = SSLContext.getInstance("TLSv1.2"); KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.ge
SSLContext ctx = SSLContext.getInstance("TLSv1.2");
KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
KeyStore ks = KeyStore.getInstance("JKS");
ks.load(new FileInputStream(serverKeystoreFile), serverKeystorePass);
kmf.init(ks, serverCertificatePass);
ks.load(new FileInputStream(serverTruststoreFile), serverTruststorePass);
tmf.init(ks);
ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
SSLServerSocketFactory ssf = ctx.getServerSocketFactory();
SSLServerSocket sslserversocket = (SSLServerSocket) ssf.createServerSocket(port);
sslserversocket.setNeedClientAuth(true);
// accept connection from client
SSLSocket sslsocket = (SSLSocket) sslserversocket.accept();
// At this point, I would like to determine the connected client's certificate alias
// or some other property that is unique for each of the acceptable client certificates.
握手完成后,您应该能够在服务器上调用
SSLSocket.getSession().getPeerCertificate()getCiphergetCipherSSLContextHttpsUrlConnectiongetSessionContextSSLSocket.getSession().getPeerPrincipal().getName()