我需要在程序中进行 ssl 握手,以获取有关远程服务器的一些信息,例如公钥和密码套装。我知道一种叫做隐形握手的东西,它不会完成握手,但会像我提到的那样获得所需的信息。任何机构都可以解释如何在 Java 中做到这一点。我试图搜索但无法找到确切的具体方法。
问问题
945 次
2 回答
1
Stelath 模式对此不确定,但我曾经做过类似下面的事情来从服务器检索证书链
import java.io.IOException;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
public class GetCertificates {
public static void main(String[] args) throws NoSuchAlgorithmException, KeyManagementException, IOException{
String host="google.com";
int port = 443;
SSLContext ssl = SSLContext.getInstance("TLS");
ssl.init(null, new TrustManager[]{new SimpleX509TrustManager()}, null);
SSLSocketFactory factory = ssl.getSocketFactory();
SSLSocket socket = (SSLSocket) factory.createSocket(host,port);
SSLSession session = socket.getSession();
javax.security.cert.X509Certificate[] certs = session.getPeerCertificateChain();
System.out.println(certs[certs.length-1].getSubjectDN());
// you can display certificates info here and also cipher suites
session.getCipherSuite();
session.invalidate();
}
}
class SimpleX509TrustManager implements X509TrustManager {
public void checkClientTrusted(
X509Certificate[] cert, String a)
throws CertificateException {
}
public void checkServerTrusted(
X509Certificate[] cert, String a)
throws CertificateException {
}
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}
}
于 2012-08-10T20:57:21.510 回答
1
隐身?从来没有听说过这个。
您可以向您的 ssl 客户端套接字注册一个javax.net.ssl.HandShakeCompletedListener以获取证书等,但在握手完成后
javax.net.ssl.HandShakeCompletedListener 是由任何类实现的接口,这些类希望在给定的 SSLSocket 连接上接收 SSL 协议握手完成的通知。
您还可以通过SSLEngine.
于 2012-08-10T20:49:20.393 回答