SSLSocket_demo

参考：https://www.jianshu.com/p/7145bd9c8e95

ssl通信过程图解：https://blog.csdn.net/HD243608836/article/details/118708843

keytool各参数含义：java存取密码于keystore文件中_keystore.load_qq_34721505的博客-CSDN博客

代码中各类含义：Java SSL实现使用详解_keymanagerfactory_adrninistrat0r的博客-CSDN博客

 

参考：Java Keytool 命令行工具_keytool安装_oscar999的博客-CSDN博客，以管理员身份运行cmd，生成证书，两次输入的口令都是：123456

将生成的seckey文件拷贝到 resources目录下

 Server.java

package com.hmb;

import javax.net.ssl.*;
import java.io.*;
import java.net.Socket;
import java.net.URL;
import java.security.*;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

public class Server {
    public static void main(String[] args) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException, UnrecoverableKeyException, KeyManagementException {
        String keyName = "SSL";
        URL url = Server.class.getResource("/seckey");
        String keyPath = url.getPath();
        char[] keyPwd = "123456".toCharArray();
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());

        try (InputStream in = new FileInputStream(new File(keyPath))){
            keyStore.load(in, keyPwd);
        }

        KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        // 不知为啥这里的密码参数不用keyPwd的话会报错
        kmf.init(keyStore, keyPwd);

        SSLContext sslContext = SSLContext.getInstance(keyName);
        sslContext.init(kmf.getKeyManagers(), new TrustManager[]{getX509TrustManager()}, new SecureRandom());

        SSLServerSocketFactory factory = sslContext.getServerSocketFactory();
        SSLServerSocket serverSocket = (SSLServerSocket) factory.createServerSocket(9999);
        System.out.println("start server...");
        Socket socket = serverSocket.accept();
        ObjectOutputStream oos = new ObjectOutputStream(socket.getOutputStream());
        ObjectInputStream ois = new ObjectInputStream(socket.getInputStream());
        String msg = ois.readUTF();
        System.out.println("client msg:" + msg);
        oos.writeUTF("hello client");
        oos.flush();
        oos.close();
        ois.close();
        serverSocket.close();
    }

    public static X509TrustManager getX509TrustManager() {
        return new X509TrustManager() {
            @Override
            public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {

            }

            @Override
            public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {

            }

            @Override
            public X509Certificate[] getAcceptedIssuers() {
                return new X509Certificate[0];
            }
        };
    }
}

　　

Client.java

package com.hmb;

import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import java.io.IOException;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;

public class Client {
    public static void main(String[] args) throws NoSuchAlgorithmException, KeyManagementException, IOException, InterruptedException {
        SSLContext context = SSLContext.getInstance("SSL");
        context.init(null, new TrustManager[]{Server.getX509TrustManager()}, new SecureRandom());
        SSLSocketFactory factory = context.getSocketFactory();
        SSLSocket socket = (SSLSocket) factory.createSocket("localhost", 9999);
        ObjectInputStream ois = new ObjectInputStream(socket.getInputStream());
        ObjectOutputStream oos = new ObjectOutputStream(socket.getOutputStream());
        oos.writeUTF("hello server");
        oos.flush();
        Thread.sleep(3000);
        String msg = ois.readUTF();
        System.out.println("server msg:" + msg);
        oos.close();
        ois.close();
    }
}

　　

先运行服务端，再运行客户端，运行效果如下