SSLSocket Demo

服务端代码

public class SSLServer {
    public static void main(String[] args) throws Exception {

        //自己的证书,公钥和私钥,PKCS12是证书密码学标准
        KeyStore keyStore=KeyStore.getInstance("PKCS12");
        keyStore.load(new FileInputStream("E:\\自制证书\\server-ks.jks"), "123456".toCharArray());
        //SunX509为公钥证书的格式标准,行业标准为X509
        KeyManagerFactory keyManagerFactory=KeyManagerFactory.getInstance("SunX509");
        keyManagerFactory.init(keyStore, "123456".toCharArray());

        //添加信任客户端公钥(双向验证需要配置)
        KeyStore clientKs=KeyStore.getInstance("JKS");
        clientKs.load(new FileInputStream("E:\\自制证书\\client-public-ks.jks"),"123456".toCharArray());
        TrustManagerFactory tsm=TrustManagerFactory.getInstance("SunX509");
        tsm.init(clientKs);

        //初始化SSLSocket
        SSLContext sslContext=SSLContext.getInstance("SSL");
        //双向验证配置
        sslContext.init(keyManagerFactory.getKeyManagers(),tsm.getTrustManagers(),null);
        //单向验证配置如下
        //sslContext.init(keyManagerFactory.getKeyManagers(),null,null);
        SSLServerSocketFactory serverSocketFactory = sslContext.getServerSocketFactory();
        SSLServerSocket serverSocket = (SSLServerSocket) serverSocketFactory.createServerSocket(10086);
        //开启双向验证
        serverSocket.setNeedClientAuth(true);
        while (true){
            System.out.println("等待连接...");
            Socket socket = serverSocket.accept();
            InputStream inputStream = socket.getInputStream();
            OutputStream outputStream = socket.getOutputStream();
            byte[] buf=new byte[512];
            int read=0;
            StringBuilder msg=new StringBuilder();
            read=inputStream.read(buf);
            msg.append(new String(buf,0,read));
            System.out.println("服务器接收到消息:"+msg.toString());
            outputStream.write("i'am server!".getBytes());
            outputStream.flush();
            socket.close();
        }
    }
}

客户端代码

public class SSLClient {
    public static void main(String[] args) throws Exception {

        //自己的证书(公钥和私钥,双向验证需要此配置)
        KeyStore keyStore=KeyStore.getInstance("PKCS12");
        keyStore.load(new FileInputStream("E:\\自制证书\\client-ks.jks"),"123456".toCharArray());
        KeyManagerFactory kmf=KeyManagerFactory.getInstance("SunX509");
        kmf.init(keyStore, "123456".toCharArray());

        //信任服务器公钥证书
        KeyStore keyStore2=KeyStore.getInstance("JKS");
        keyStore2.load(new FileInputStream("E:\\自制证书\\server-public-ks.jks"),"123456".toCharArray());
        TrustManagerFactory trustManagerFactory2=TrustManagerFactory.getInstance("SunX509");
        trustManagerFactory2.init(keyStore2);

        //初始化SSLSocket
        SSLContext sslContext=SSLContext.getInstance("SSL");
        //双向验证配置如下
        sslContext.init(kmf.getKeyManagers(),trustManagerFactory2.getTrustManagers(),null);
        //单向验证配置如下
        //sslContext.init(null,trustManagerFactory2.getTrustManagers(),null);
        SSLSocketFactory socketFactory = sslContext.getSocketFactory();
        SSLSocket socket = (SSLSocket) socketFactory.createSocket("localhost", 10086);
        InputStream inputStream = socket.getInputStream();
        OutputStream outputStream = socket.getOutputStream();
        outputStream.write("i'm client!".getBytes());
        outputStream.flush();
        byte[] buf=new byte[512];
        int read=0;
        StringBuilder msg=new StringBuilder();
        read=inputStream.read(buf);
        msg.append(new String(buf,0,read));
        System.out.println("客户端收到消息:"+msg);
        socket.close();
    }
}

注意:涉及证书,请参考本人证书制作博客

posted @ 2020-07-24 16:52  Small丶  阅读(304)  评论(0编辑  收藏  举报