Netty SSL服务器和客户端
似乎服务器拒绝wireshark输出中的tls协商,但我无法从代码中看出原因。它基于有效的代码,只是它被弃用了,因此我用新的API进行了更新。代码是要开始的。需要使用真实的证书。有人知道服务器为什么发送tcp FIN,ACK吗 我有以下服务器代码:Netty SSL服务器和客户端,netty,Netty,似乎服务器拒绝wireshark输出中的tls协商,但我无法从代码中看出原因。它基于有效的代码,只是它被弃用了,因此我用新的API进行了更新。代码是要开始的。需要使用真实的证书。有人知道服务器为什么发送tcp FIN,ACK吗 我有以下服务器代码: ServerBootstrap sbssl = new ServerBootstrap(); bossGroupSsl = new NioEventLoopGroup(1); workerGroupSsl = new NioE
ServerBootstrap sbssl = new ServerBootstrap();
bossGroupSsl = new NioEventLoopGroup(1);
workerGroupSsl = new NioEventLoopGroup();
sbssl.group(bossGroupSsl, workerGroupSsl).option(ChannelOption.SO_RCVBUF, 8192).handler(new LoggingHandler(LogLevel.DEBUG))
.option(ChannelOption.RCVBUF_ALLOCATOR, new FixedRecvByteBufAllocator(8192))
.channel(NioServerSocketChannel.class)
.childHandler(new ChannelInitializer<SocketChannel>() {
@Override
protected void initChannel(SocketChannel ch) throws Exception {
ChannelPipeline cp = ch.pipeline();
SelfSignedCertificate cert = new SelfSignedCertificate();
SslContext cont2 = SslContextBuilder.forServer(cert.privateKey(), cert.certificate()).build();
SSLEngine engine = cont2.newEngine(ch.alloc());
cp.addLast("ssl", new SslHandler(engine));
Netty 4.1.20.Final解决了服务器没有响应的问题。不过,ChannelComplete在服务器端调用了几次,而在客户端有一个空指针。所有这些都不会影响客户机-服务器进程的功能。似乎存在NullPointerException。请注意,当服务器端配置了不推荐使用的方法SslContext.newServerContext时,就会出现空指针。还要注意,服务器端的Android/客户端和JSSE使用openssl。
Bootstrap b = new Bootstrap();
group = new NioEventLoopGroup();
Log.d(RegisterAttemptSSL.class.getName(), "connecting");
InetSocketAddress ria = new InetSocketAddress(toHostname, portDestination);
b.group(group).channel(NioSocketChannel.class).option(ChannelOption.IP_TOS, 24)
.remoteAddress(ria).handler(new ChannelInitializer<SocketChannel>() {
@Override
protected void initChannel(SocketChannel ch) throws Exception {
SslContext cont2 = SslContextBuilder.forClient().trustManager(InsecureTrustManagerFactory.INSTANCE).build();
SSLEngine engine = cont2.newEngine(ch.alloc(), toHostname, portDestination);
engine.setEnabledProtocols(new String[] {"TLSv1.2"});
ch.pipeline().addLast(new SslHandler(engine, false));
ServerBootstrap sbssl = new ServerBootstrap();
bossGroupSsl = new NioEventLoopGroup(1);
workerGroupSsl = new NioEventLoopGroup();
sbssl.group(bossGroupSsl, workerGroupSsl).option(ChannelOption.SO_RCVBUF, 8192)
.option(ChannelOption.RCVBUF_ALLOCATOR, new FixedRecvByteBufAllocator(8192))
.channel(NioServerSocketChannel.class).handler(new LoggingHandler(LogLevel.DEBUG))
.childHandler(new ChannelInitializer<SocketChannel>() {
@Override
protected void initChannel(SocketChannel ch) throws Exception {
ChannelPipeline cp = ch.pipeline();
SelfSignedCertificate cert = new SelfSignedCertificate();
SslContext cont = SslContext.newServerContext(cert.certificate(), cert.privateKey());
cp.addLast("ssl", cont.newHandler(ch.alloc()));
SelfSignedCertificate cert = new SelfSignedCertificate();
SslContext cont = SslContext.newServerContext(cert.certificate(), cert.privateKey());
//SslContext cont2 = SslContextBuilder.forServer(cert.privateKey(), cert.certificate()).build();
//SSLEngine engine = cont2.newEngine(ch.alloc());
//engine.setUseClientMode(true);;
//cp.addFirst("ssl", new SslHandler(engine));
cp.addFirst("ssl", cont.newHandler(ch.alloc()));
SelfSignedCertificate cert = new SelfSignedCertificate();
SslContext cont = SslContext.newServerContext(cert.certificate(), cert.privateKey());
SslContext cont2 = SslContextBuilder.forServer(cert.privateKey(), cert.certificate()).build();
SSLEngine engine = cont2.newEngine(ch.alloc());
//cp.addFirst("ssl", new SslHandler(engine));
cp.addFirst("ssl", cont.newHandler(ch.alloc()));