Fatal编程技术网
  • java/
  • 在java中生成SSL证书并将SSL客户端连接到证书中

在java中生成SSL证书并将SSL客户端连接到证书中

java ssl certificate

在java中生成SSL证书并将SSL客户端连接到证书中,java,ssl,certificate,Java,Ssl,Certificate,所以我有一些ssl服务器和客户端代码。不过,我不确定在一些方法中加入什么 public void client() throws UnknownHostException, IOException{ KeyStore keyStore = KeyStore.getInstance("PKCS12"); FileInputStream stream = new FileInputStream(new File("")); // need correct file keySt

所以我有一些ssl服务器和客户端代码。不过,我不确定在一些方法中加入什么

public void client() throws UnknownHostException, IOException{
    KeyStore keyStore = KeyStore.getInstance("PKCS12");
    FileInputStream stream = new FileInputStream(new File("")); // need correct file
    keyStore.load(stream, "Some Password".toCharArray());
    // load in the appropriate keystore and truststore for the client
    // get the X509KeyManager and X509TrustManager instances
    TrustManagerFactory trustManagerFactory =
            TrustManagerFactory.getInstance("PKIX", "SunJSSE");
        trustManagerFactory.init("NOT SURE WHAT TO PUT HERE");


    SSLContext sslContext = SSLContext.getInstance("TLS");

    sslContext.init(new KeyManager[]{"NOT SURE WHAT TO PUT HERE"},
        new TrustManager[]{"NOT SURE WHAT TO PUT HERE"}, null);

    SSLSocketFactory socketFactory = sslContext.getSocketFactory();
    SSLSocket socket =
        (SSLSocket) socketFactory.createSocket("localhost", 25500);

    socket.setEnabledProtocols(new String[]{"TLSv1"});

    // read from the socket, etc
}

public void server() throws IOException{
    // load in the appropriate keystore and truststore for the server
    // get the X509KeyManager and X509TrustManager instances

    SSLContext sslContext = SSLContext.getInstance("TLS");
    // the final null means use the default secure random source
    sslContext.init(new KeyManager[]{"NOT SURE WHAT TO PUT HERE"},
        new TrustManager[]{"NOT SURE WHAT TO PUT HERE"}, null);

    SSLServerSocketFactory serverSocketFactory =
        sslContext.getServerSocketFactory();
    SSLServerSocket serverSocket =
        (SSLServerSocket) serverSocketFactory.createServerSocket(25500);

    serverSocket.setNeedClientAuth(true);
    // prevent older protocols from being used, especially SSL2 which is insecure
    serverSocket.setEnabledProtocols(new String[]{"TLSv1"});

    // you can now call accept() on the server socket, etc
}
另外,我如何像代码一样用java生成证书,并将其打印到文件中,让它反复使用相同的证书

谢谢您的帮助。

您所说的“还有”是什么意思?我如何用java像代码一样生成证书,并将其打印到文件中,让它反复使用相同的证书?比如哪种代码?我的意思是让客户端生成一个证书。为什么您要用新代码生成它,而不是用keytool或CA工具一次性生成它?你想在客户端每次启动时都这样做吗?这毫无意义?我只想让客户端生成一个证书,而不需要用户知道如何生成证书。