SSLSocket_demo
参考:https://www.jianshu.com/p/7145bd9c8e95
ssl通信过程图解:https://blog.csdn.net/HD243608836/article/details/118708843
keytool各参数含义:java存取密码于keystore文件中_keystore.load_qq_34721505的博客-CSDN博客
代码中各类含义:Java SSL实现使用详解_keymanagerfactory_adrninistrat0r的博客-CSDN博客
参考:Java Keytool 命令行工具_keytool安装_oscar999的博客-CSDN博客,以管理员身份运行cmd,生成证书,两次输入的口令都是:123456
将生成的seckey文件拷贝到 resources目录下
Server.java
package com.hmb;
import javax.net.ssl.*;
import java.io.*;
import java.net.Socket;
import java.net.URL;
import java.security.*;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
public class Server {
public static void main(String[] args) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException, UnrecoverableKeyException, KeyManagementException {
String keyName = "SSL";
URL url = Server.class.getResource("/seckey");
String keyPath = url.getPath();
char[] keyPwd = "123456".toCharArray();
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
try (InputStream in = new FileInputStream(new File(keyPath))){
keyStore.load(in, keyPwd);
}
KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
// 不知为啥这里的密码参数不用keyPwd的话会报错
kmf.init(keyStore, keyPwd);
SSLContext sslContext = SSLContext.getInstance(keyName);
sslContext.init(kmf.getKeyManagers(), new TrustManager[]{getX509TrustManager()}, new SecureRandom());
SSLServerSocketFactory factory = sslContext.getServerSocketFactory();
SSLServerSocket serverSocket = (SSLServerSocket) factory.createServerSocket(9999);
System.out.println("start server...");
Socket socket = serverSocket.accept();
ObjectOutputStream oos = new ObjectOutputStream(socket.getOutputStream());
ObjectInputStream ois = new ObjectInputStream(socket.getInputStream());
String msg = ois.readUTF();
System.out.println("client msg:" + msg);
oos.writeUTF("hello client");
oos.flush();
oos.close();
ois.close();
serverSocket.close();
}
public static X509TrustManager getX509TrustManager() {
return new X509TrustManager() {
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
}
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
}
@Override
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}
};
}
}
Client.java
package com.hmb;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import java.io.IOException;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
public class Client {
public static void main(String[] args) throws NoSuchAlgorithmException, KeyManagementException, IOException, InterruptedException {
SSLContext context = SSLContext.getInstance("SSL");
context.init(null, new TrustManager[]{Server.getX509TrustManager()}, new SecureRandom());
SSLSocketFactory factory = context.getSocketFactory();
SSLSocket socket = (SSLSocket) factory.createSocket("localhost", 9999);
ObjectInputStream ois = new ObjectInputStream(socket.getInputStream());
ObjectOutputStream oos = new ObjectOutputStream(socket.getOutputStream());
oos.writeUTF("hello server");
oos.flush();
Thread.sleep(3000);
String msg = ois.readUTF();
System.out.println("server msg:" + msg);
oos.close();
ois.close();
}
}
先运行服务端,再运行客户端,运行效果如下
