Security Jetty SSL服务器
以下是我的安全ssl服务器代码。我已经创建了一个密钥库“服务器”,它有一个由密码生成的密钥对Security Jetty SSL服务器,security,ssl,jetty,Security,Ssl,Jetty,以下是我的安全ssl服务器代码。我已经创建了一个密钥库“服务器”,它有一个由密码生成的密钥对 public static void main(String[] args) throws Exception { Server server = new Server(); HttpConfiguration https_config = new HttpConfiguration(); https_config.setSecureScheme("https"); h
public static void main(String[] args) throws Exception {
Server server = new Server();
HttpConfiguration https_config = new HttpConfiguration();
https_config.setSecureScheme("https");
https_config.setSecurePort(8443);
https_config.addCustomizer(new SecureRequestCustomizer());
https_config.setSendServerVersion(true);
File keystoreFile = new File("server");
System.out.print(keystoreFile.getAbsolutePath());
SslContextFactory sslContextFactory = new SslContextFactory();
if (keystoreFile.exists())
{
sslContextFactory.setKeyStorePath(keystoreFile.getAbsolutePath());
sslContextFactory.setTrustStorePath(keystoreFile.getAbsolutePath());
sslContextFactory.setKeyStorePassword("secret");
sslContextFactory.setKeyManagerPassword("secret");
sslContextFactory.setTrustStorePassword("secret");
sslContextFactory.setExcludeCipherSuites(
"SSL_RSA_WITH_DES_CBC_SHA",
"SSL_DHE_RSA_WITH_DES_CBC_SHA",
"SSL_DHE_DSS_WITH_DES_CBC_SHA",
"SSL_RSA_EXPORT_WITH_RC4_40_MD5",
"SSL_RSA_EXPORT_WITH_DES40_CBC_SHA",
"SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA",
"SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA");
}
ServerConnector https =
new ServerConnector(server,
new SslConnectionFactory(sslContextFactory,HttpVersion.HTTP_1_1.asString()),
new HttpConnectionFactory(https_config));
https.setPort(8443);
server.setConnectors(new Connector[] { https});
ServletContextHandler scHandler = new ServletContextHandler(server,"/");
scHandler.addServlet(Testpage1.class, "/test");
server.setHandler(scHandler);
server.start();
}
}
当我尝试使用或连接到时,它会给我“网页不可用错误”,而使用curl时,它会给我“curl:(35)连接到本地主机时出现未知SSL协议错误:8443”
有人能指导我调试这个问题吗。经过一整天的调试和试用,我决定发布这个问题,但在朋友的一点建议下,我通过更新密钥库解决了这个问题。所以我遇到的问题是由于我在密钥存储中生成的密钥。似乎您需要使用RSA算法而不是EC算法。Hi@Tharanga,您能告诉我您是否使用keytool以及如何使用它来更改为RSA吗?提前谢谢。不,我用了密钥存储资源管理器。