Java I'；我正在尝试建立SSL连接。我做错了什么？_Java_Authentication_Ssl_Connection_Client Server

Java I'；我正在尝试建立SSL连接。我做错了什么？

java authentication ssl

Java I'；我正在尝试建立SSL连接。我做错了什么？,java,authentication,ssl,connection,client-server,Java,Authentication,Ssl,Connection,Client Server,这是服务器源： package main; import java.io.BufferedReader; import java.io.BufferedWriter; import java.io.FileInputStream; import java.io.InputStreamReader; import java.io.OutputStreamWriter; import java.security.KeyStore; import javax.net.ssl.KeyManagerF

这是服务器源：

package main;

import java.io.BufferedReader;
import java.io.BufferedWriter;
import java.io.FileInputStream;
import java.io.InputStreamReader;
import java.io.OutputStreamWriter;
import java.security.KeyStore;

import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;

public class SslReverseEchoer {
    public static void main(String[] args) throws Exception {
        String ksName = "keystore.jks";
        char ksPass[] = "".toCharArray();
        char ctPass[] = "".toCharArray();
        KeyStore ks = KeyStore.getInstance("JKS");
        ks.load(new FileInputStream(ksName), ksPass);
        KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
        kmf.init(ks, ctPass);
        SSLContext sc = SSLContext.getInstance("TLS");
        sc.init(kmf.getKeyManagers(), null, null);

        SSLServerSocketFactory ssf = sc.getServerSocketFactory();
        SSLServerSocket s = (SSLServerSocket) ssf.createServerSocket(8888);
        SSLSocket c = (SSLSocket) s.accept();
        BufferedWriter w = new BufferedWriter(new OutputStreamWriter(
                c.getOutputStream()));
        BufferedReader r = new BufferedReader(new InputStreamReader(
                c.getInputStream()));
        String m = "Welcome to SSL Reverse Echo Server."
                + " Please type in some words.";
        w.write(m, 0, m.length());
        w.newLine();
        w.flush();
        while ((m = r.readLine()) != null) {
            if (m.equals("."))
                break;
            char[] a = m.toCharArray();
            int n = a.length;
            for (int i = 0; i < n / 2; i++) {
                char t = a[i];
                a[i] = a[n - 1 - i];
                a[n - i - 1] = t;
            }
            w.write(a, 0, n);
            w.newLine();
            w.flush();
        }
        w.close();
        r.close();
        c.close();
        s.close();
    }
}

当我尝试运行它们时，会出现以下错误：

客户：

Exception in thread "main" javax.net.ssl.SSLException: Connection has been shutdown: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

服务器：

javax.net.ssl.SSLException: Connection has been shutdown: javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown

我在编程方面不是很有经验，所以我（想我）知道错误消息的意思，但我不知道如何解决它。这两个密钥库已经就位。一个持有密钥对，另一个持有由该密钥对生成的证书。（测试时删除所有密码）我在互联网上搜索了很长一段时间，但我发现对它们的解释很差，因为大多数SSL连接尝试连接到web服务器，而不是自制的。

最后，我希望有两个Java应用程序通过安全的SSL连接传输数据。这不是HTTPS服务器。

证书是否由可信验证器认证？不，我自己创建了证书，但我认为这不是问题所在……我相信您的服务器必须通过传递一个TrustManagers数组作为SSLContext.init方法的第二个参数，将自签名证书指定为可信证书。您可以在调用其

init

方法之一后从中获取该数组。我认为您还需要将您的证书设置为密钥库中的受信任证书（例如使用keytool的

-importcert-trustcacerts

选项）。

javax.net.ssl.SSLException: Connection has been shutdown: javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown