在java中生成SSL证书并将SSL客户端连接到证书中
所以我有一些ssl服务器和客户端代码。不过,我不确定在一些方法中加入什么在java中生成SSL证书并将SSL客户端连接到证书中,java,ssl,certificate,Java,Ssl,Certificate,所以我有一些ssl服务器和客户端代码。不过,我不确定在一些方法中加入什么 public void client() throws UnknownHostException, IOException{ KeyStore keyStore = KeyStore.getInstance("PKCS12"); FileInputStream stream = new FileInputStream(new File("")); // need correct file keySt
public void client() throws UnknownHostException, IOException{
KeyStore keyStore = KeyStore.getInstance("PKCS12");
FileInputStream stream = new FileInputStream(new File("")); // need correct file
keyStore.load(stream, "Some Password".toCharArray());
// load in the appropriate keystore and truststore for the client
// get the X509KeyManager and X509TrustManager instances
TrustManagerFactory trustManagerFactory =
TrustManagerFactory.getInstance("PKIX", "SunJSSE");
trustManagerFactory.init("NOT SURE WHAT TO PUT HERE");
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(new KeyManager[]{"NOT SURE WHAT TO PUT HERE"},
new TrustManager[]{"NOT SURE WHAT TO PUT HERE"}, null);
SSLSocketFactory socketFactory = sslContext.getSocketFactory();
SSLSocket socket =
(SSLSocket) socketFactory.createSocket("localhost", 25500);
socket.setEnabledProtocols(new String[]{"TLSv1"});
// read from the socket, etc
}
public void server() throws IOException{
// load in the appropriate keystore and truststore for the server
// get the X509KeyManager and X509TrustManager instances
SSLContext sslContext = SSLContext.getInstance("TLS");
// the final null means use the default secure random source
sslContext.init(new KeyManager[]{"NOT SURE WHAT TO PUT HERE"},
new TrustManager[]{"NOT SURE WHAT TO PUT HERE"}, null);
SSLServerSocketFactory serverSocketFactory =
sslContext.getServerSocketFactory();
SSLServerSocket serverSocket =
(SSLServerSocket) serverSocketFactory.createServerSocket(25500);
serverSocket.setNeedClientAuth(true);
// prevent older protocols from being used, especially SSL2 which is insecure
serverSocket.setEnabledProtocols(new String[]{"TLSv1"});
// you can now call accept() on the server socket, etc
}
另外,我如何像代码一样用java生成证书,并将其打印到文件中,让它反复使用相同的证书
谢谢您的帮助。您所说的“还有”是什么意思?我如何用java像代码一样生成证书,并将其打印到文件中,让它反复使用相同的证书?比如哪种代码?我的意思是让客户端生成一个证书。为什么您要用新代码生成它,而不是用keytool或CA工具一次性生成它?你想在客户端每次启动时都这样做吗?这毫无意义?我只想让客户端生成一个证书,而不需要用户知道如何生成证书。