我建立了一个需要客户端证书认证的WEB站点,但是用我如下JAVA程序进行连接时,始终返回错误的证书提示:
try
{
String sAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
SSLContext ctx = SSLContext.getInstance("SSL");
KeyManagerFactory kmf = KeyManagerFactory.getInstance(sAlgorithm);
TrustManagerFactory tmf = TrustManagerFactory.getInstance(sAlgorithm); KeyStore ks = KeyStore.getInstance("jks");
KeyStore tks = KeyStore.getInstance("jks");
String sCKPass ="[email protected]";
String sCTKPass ="[email protected]"; ks.load(new FileInputStream("d:/appserver.jks"), sCKPass .toCharArray());
tks.load(new FileInputStream("d:/appserver.jks"), sCKPass .toCharArray()); kmf.init(ks, sCKPass.toCharArray());
tmf.init(tks); ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
SSLSocket socket = (SSLSocket) ctx.getSocketFactory().createSocket("127.0.0.1", 443);
socket.startHandshake();
String sAffirmParam = "RequestType=AppConfirm&RequestData=abcd";
Writer out = new OutputStreamWriter(socket.getOutputStream(), "GBK");
out.write("GET /AffirmServer?" + sAffirmParam +
" HTTP/1.1\r\nAccept: */*\r\n");
out.write("Host: 127.0.0.1:443\r\n");
out.write("\r\n");
out.flush();
String sLine = null;
BufferedReader in = new BufferedReader(new InputStreamReader(socket.getInputStream(), "GBK"));
while((sLine = in.readLine())!=null){
System.out.println(sLine);
}
}
catch(Exception err)
{
err.printStackTrace();
}其中appserver.jks中包含了客户端密钥和证书,以及服务器端的证书和根证书
执行后的错误消息为:javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate,
但是用openssl生成p12格式的证书并导入的浏览器后,可以与服务器正常通信!但用上面的java客户端却始终不行,不知道是怎么会事呀?
try
{
String sAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
SSLContext ctx = SSLContext.getInstance("SSL");
KeyManagerFactory kmf = KeyManagerFactory.getInstance(sAlgorithm);
TrustManagerFactory tmf = TrustManagerFactory.getInstance(sAlgorithm); KeyStore ks = KeyStore.getInstance("jks");
KeyStore tks = KeyStore.getInstance("jks");
String sCKPass ="[email protected]";
String sCTKPass ="[email protected]"; ks.load(new FileInputStream("d:/appserver.jks"), sCKPass .toCharArray());
tks.load(new FileInputStream("d:/appserver.jks"), sCKPass .toCharArray()); kmf.init(ks, sCKPass.toCharArray());
tmf.init(tks); ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
SSLSocket socket = (SSLSocket) ctx.getSocketFactory().createSocket("127.0.0.1", 443);
socket.startHandshake();
String sAffirmParam = "RequestType=AppConfirm&RequestData=abcd";
Writer out = new OutputStreamWriter(socket.getOutputStream(), "GBK");
out.write("GET /AffirmServer?" + sAffirmParam +
" HTTP/1.1\r\nAccept: */*\r\n");
out.write("Host: 127.0.0.1:443\r\n");
out.write("\r\n");
out.flush();
String sLine = null;
BufferedReader in = new BufferedReader(new InputStreamReader(socket.getInputStream(), "GBK"));
while((sLine = in.readLine())!=null){
System.out.println(sLine);
}
}
catch(Exception err)
{
err.printStackTrace();
}其中appserver.jks中包含了客户端密钥和证书,以及服务器端的证书和根证书
执行后的错误消息为:javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate,
但是用openssl生成p12格式的证书并导入的浏览器后,可以与服务器正常通信!但用上面的java客户端却始终不行,不知道是怎么会事呀?
解决方案 »
免费领取超大流量手机卡,每月29元包185G流量+100分钟通话, 中国电信官方发货