SSL socket php代码需要转换成Java

【问题标题】:SSL socket php code needs to be converted to JavaSSL socket php代码需要转换成Java
【发布时间】:2010-10-17 21:35:56
【问题描述】:

我有一个 Pem 文件,我用这个 php 代码连接到一个 c++ SSL 服务器,但现在我需要这个用 Java 编写的 php 代码

$ctx = stream_context_create();

stream_context_set_option($ctx, 'ssl', 'local_cert', 'cert.pem');

stream_context_set_option($ctx, 'ssl', 'passphrase', $pass);

$fp = stream_socket_client('ssl://serverURL', $err, $errstr, 60, STREAM_CLIENT_CONNECT, $ctx);

if (!$fp) {

    print "Failed to connect $err $errstr\n";
    return;
}

任何想法如何在 Java 中读取 cert.pem 文件,然后建立 SSL 套接字?

谢谢!

【问题讨论】:

    标签: java php ssl sockets


    【解决方案1】:

    你的类路径中需要Bouncy Castle

    PEMReader pr = new PEMReader(new FileReader("cert.pem"));
X509Certificate cert = (X509Certificate) pr.readObject();
PEMReader kr = new PEMReader(new FileReader("privkey.pem"),
        new PasswordFinder() {
    public char[] getPassword() {
        return "passphase".toCharArray();
    }
});
KeyPair key = (KeyPair) kr.readObject();
KeyStore ksKeys = KeyStore.getInstance("JKS");
ksKeys.load(null, "passphase".toCharArray());
ksKeys.setCertificateEntry("MyCert", cert);
ksKeys.setKeyEntry("Mykey", key.getPrivate(),
        "passphase".toCharArray(), new Certificate[]{cert});
KeyManagerFactory kmf = KeyManagerFactory.getInstance(
        KeyManagerFactory.getDefaultAlgorithm());
kmf.init(ksKeys, "passphase".toCharArray());
TrustManagerFactory tmf = TrustManagerFactory.getInstance(
        TrustManagerFactory.getDefaultAlgorithm());
tmf.init(ksKeys);

SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);

Socket socket = sslContext.getSocketFactory().createSocket(
        "localhost", 4433);
BufferedReader in = new BufferedReader(new InputStreamReader(
        socket.getInputStream()));
PrintWriter out = new PrintWriter(new OutputStreamWriter(
        socket.getOutputStream()));
out.println("Hello World");
System.out.println(in.readLine());
out.close();
in.close();

    如果你运行openssl s_server -Verify cert.pem -cert cert.pem -key privkey.pem,它应该会显示:

    depth=0 /C=AU/ST=Some-State/O=Internet Widgits Pty Ltd
verify error:num=18:self signed certificate
verify return:1
depth=0 /C=AU/ST=Some-State/O=Internet Widgits Pty Ltd
verify return:1
Hello World
DONE
shutting down SSL
CONNECTION CLOSED
ACCEPT

    【讨论】:

      猜你喜欢
      • 1970-01-01
      • 2015-07-15
      • 2017-10-02
      • 2016-04-30
      • 2013-06-28
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      相关资源
      最近更新 更多
      热门标签
      Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode