如何在Java中通过TLS v.1.2创建安全的TCP连接
我想通过TLS v1.2在两个系统之间创建通信。它包含的信息是机密的。我希望避免https web服务调用,并直接希望在TCP层执行消息交换 您能建议如何实现这一点吗?我可以通过TLSV1.2安全地传输数据 编辑: 在阅读了下面的答案后,我写了以下代码 SSLServer如何在Java中通过TLS v.1.2创建安全的TCP连接,java,sockets,ssl,networking,serversocket,Java,Sockets,Ssl,Networking,Serversocket,我想通过TLS v1.2在两个系统之间创建通信。它包含的信息是机密的。我希望避免https web服务调用,并直接希望在TCP层执行消息交换 您能建议如何实现这一点吗?我可以通过TLSV1.2安全地传输数据 编辑: 在阅读了下面的答案后,我写了以下代码 SSLServer System.setProperty("javax.net.ssl.keyStore", "/home/user/.keystore"); System.setProperty("javax.n
System.setProperty("javax.net.ssl.keyStore", "/home/user/.keystore");
System.setProperty("javax.net.ssl.keyStorePassword", "changeit");
SSLServerSocketFactory ssf = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault();
ServerSocket ss = ssf.createServerSocket(8362);
while (true) {
System.out.println("awaiting to accept..");
Socket s = ss.accept();
SSLSession session = ((SSLSocket) s).getSession();
Certificate[] cchain2 = session.getLocalCertificates();
for (int i = 0; i < cchain2.length; i++) {
System.out.println(((X509Certificate) cchain2[i]).getSubjectDN());
}
System.out.println("Peer host is " + session.getPeerHost());
System.out.println("Cipher is " + session.getCipherSuite());
System.out.println("Protocol is " + session.getProtocol());
System.out.println("ID is " + new BigInteger(session.getId()));
System.out.println("Session created in " + session.getCreationTime());
System.out.println("Session accessed in " + session.getLastAccessedTime());
PrintStream out = new PrintStream(s.getOutputStream());
/*BufferedReader in = new BufferedReader(new InputStreamReader(
s.getInputStream()));*/
boolean isChatOver = false;
System.out.println("\n\n*******************Type Below********************");
System.out.println("To End Chat Type 'Bye'!");
BufferedReader br = new BufferedReader(new InputStreamReader(System.in));
while(!isChatOver) {
String nextChat = br.readLine();
out.println(nextChat);
if("bye".equalsIgnoreCase(nextChat.trim())) {
isChatOver = true;
}
}
out.close();
s.close();
}
System.setProperty(“javax.net.ssl.keyStore”,“/home/user/.keyStore”);
setProperty(“javax.net.ssl.keystrepassword”、“changeit”);
SSLServerSocketFactory ssf=(SSLServerSocketFactory)SSLServerSocketFactory.getDefault();
ServerSocket ss=ssf.createServerSocket(8362);
while(true){
System.out.println(“等待接受…”);
套接字s=ss.accept();
SSLSession会话=((SSLSocket)s).getSession();
证书[]cchain2=session.getLocalCertificates();
对于(int i=0;i
SSL客户
System.setProperty("javax.net.ssl.trustStore", "/home/user/.truststore");
System.setProperty("javax.net.ssl.trustStorePassword", "changeit");
SSLSocketFactory ssf = (SSLSocketFactory) SSLSocketFactory.getDefault();
Socket s = ssf.createSocket("127.0.0.1", 8362);
SSLSession session = ((SSLSocket) s).getSession();
Certificate[] cchain = session.getPeerCertificates();
System.out.println("The Certificates used by peer");
for (int i = 0; i < cchain.length; i++) {
System.out.println(((X509Certificate) cchain[i]).getSubjectDN());
}
System.out.println("Peer host is " + session.getPeerHost());
System.out.println("Cipher is " + session.getCipherSuite());
System.out.println("Protocol is " + session.getProtocol());
System.out.println("ID is " + new BigInteger(session.getId()));
System.out.println("Session created in " + session.getCreationTime());
System.out.println("Session accessed in "
+ session.getLastAccessedTime());
BufferedReader in = new BufferedReader(new InputStreamReader(
s.getInputStream()));
boolean isChatOver = false;
while(!isChatOver) {
if(in.ready()) {
Thread.sleep(5000);
}
String nextChat = in.readLine();
System.out.println("server says : " + nextChat);
if("bye".equalsIgnoreCase(nextChat.trim())) {
System.out.println("**************************************Closing Session.*********************************************");
isChatOver = true;
}
}
in.close();
System.setProperty(“javax.net.ssl.trustStore”,“/home/user/.trustStore”);
setProperty(“javax.net.ssl.trustStorePassword”、“changeit”);
SSLSocketFactory ssf=(SSLSocketFactory)SSLSocketFactory.getDefault();
套接字s=ssf.createSocket(“127.0.0.1”,8362);
SSLSession会话=((SSLSocket)s).getSession();
证书[]cchain=session.getPeerCertificates();
System.out.println(“对等方使用的证书”);
for(int i=0;i
在上面的代码中,我的代码是否使用TLS1.2加密后直接将消息传递到TCP层?我希望它不要在内部调用https,因为我想不惜一切代价避免应用层
如果对这个问题有任何疑问,请告诉我
谢谢
干杯:)您使用的是哪个Java版本?JDK 8默认使用v1.2看看。嗨@Boris,我使用的是JDK 1.8。您可以发布一个使用sslsocket类进行客户机-服务器通信的示例以供参考。我假设如果我使用sslSocket类,那么我将直接使用SSL/TLS进行加密,并通过TCP层发送加密消息,避免使用HTTPS为我进行加密。我的理解正确吗?请看JSSE参考指南。太宽泛了。你已经实现了你的要求,不清楚你的要求。