Code Examples For Creating SSL Sockets
2013-05-20 14:19
6460 查看
Code Examples For Creating SSL Sockets
Note:SSLClient extends SSLSocketFactory
SSLServer extends SSLServerSocketFactory
Client Example: SSLClient client = new SSLClient(); // Let's trust usual "cacerts" that come with Java. Plus, let's also trust a self-signed cert // we know of. We have some additional certs to trust inside a java keystore file. client.addTrustMaterial( TrustMaterial.DEFAULT ); client.addTrustMaterial( new TrustMaterial( "/path/to/self-signed.pem" ) ); client.addTrustMaterial( new KeyMaterial( "/path/to/keystore.jks", "changeit".toCharArray() ) ); // To be different, let's allow for expired certificates (not recommended). client.setCheckHostname( true ); // default setting is "true" for SSLClient client.setCheckExpiry( false ); // default setting is "true" for SSLClient client.setCheckCRL( true ); // default setting is "true" for SSLClient // Let's load a client certificate (max: 1 per SSLClient instance). client.setKeyMaterial( new KeyMaterial( "/path/to/client.pfx", "secret".toCharArray() ) ); SSLSocket s = (SSLSocket) client.createSocket( "www.cucbc.com", 443 );
Server Example (OpenSSL/Apache Style) // Compatible with the private key / certificate chain created from following the Apache2 // TLS FAQ: "How do I create a self-signed SSL Certificate for testing purposes?" // http://httpd.apache.org/docs/2.2/ssl/ssl_faq.html#selfcert SSLServer server = new SSLServer(); // Server needs some key material. We'll use an OpenSSL/PKCS8 style key (possibly encrypted). String certificateChain = "/path/to/this/server.crt"; String privateKey = "/path/to/this/server.key"; char[] password = "changeit".toCharArray(); KeyMaterial km = new KeyMaterial( certificateChain, privateKey, password ); server.setKeyMaterial( km ); // These settings have to do with how we'll treat client certificates that are presented // to us. If the client doesn't present any client certificate, then these are ignored. server.setCheckHostname( false ); // default setting is "false" for SSLServer server.setCheckExpiry( true ); // default setting is "true" for SSLServer server.setCheckCRL( true ); // default setting is "true" for SSLServer // This server trusts all client certificates presented (usually people won't present // client certs, but if they do, we'll give them a socket at the very least). server.addTrustMaterial( TrustMaterial.TRUST_ALL ); SSLServerSocket ss = (SSLServerSocket) server.createServerSocket( 7443 ); SSLSocket socket = (SSLSocket) ss.accept();
Server Example (Traditional Java "KeyStore" Style) SSLServer server = new SSLServer(); // Server needs some key material. We'll use a Java Keystore (.jks) or Netscape // PKCS12 (.pfx or .p12) file. Commons-ssl automatically detects the type. String pathToKeyMaterial = "/path/to/.keystore"; char[] password = "changeit".toCharArray(); KeyMaterial km = new KeyMaterial( pathToKeyMaterial, password ); server.setKeyMaterial( km ); // This server trusts all client certificates presented (usually people won't present // client certs, but if they do, we'll give them a socket at the very least). server.addTrustMaterial( TrustMaterial.TRUST_ALL ); SSLServerSocket ss = (SSLServerSocket) server.createServerSocket( 7443 ); SSLSocket socket = (SSLSocket) ss.accept();
from:http://juliusdavies.ca/commons-ssl/ssl.html
http://juliusdavies.ca/commons-ssl/
http://juliusdavies.ca/commons-ssl/download.html
http://blog.palominolabs.com/2011/10/18/java-2-way-tlsssl-client-certificates-and-pkcs12-vs-jks-keystores/
相关文章推荐
- Java Code Examples for org.apache.http.conn.ssl.AllowAllHostnameVerifier
- Java Code Examples for org.apache.http.conn.ssl.AllowAllHostnameVerifier
- Java Code Examples for javax.net.ssl.SSLContext
- Java Code Examples for org.apache.thrift.server.TT
- Cross platform GUI for creating SSL certs with OpenSSL
- Java Code Examples for net.sf.jsqlparser.statement.select.Union
- 10021---Creating a Code Base for Your Project
- 5 Tips for creating good code every day; or how to become a good software developer
- Java Code Examples for com.sun.net.httpserver.HttpExchange.getResponseHeaders()
- Examples for Creating Oracle Functions
- AVI example code for creating AVI files
- Java Code Examples for org.apache.commons.codec.binary.Base64InputStream
- Java Code Examples for org.jsoup.select.Elements
- Java Code Examples for org.openqa.selenium.JavascriptExecutor
- C Language Examples of IPv4 and IPv6 Raw Sockets for Linux
- Java Code Examples for org.springframework.http.HttpStatus
- Examples for Creating Oracle Functions
- 5-tips-for-creating-good-code-every
- Java Code Examples for redis.clients.jedis.Jedis.hmset()
- Best code examples for Bitmap compress method (android.graphics.Bitmap.compress)