我想在 java 中创建 SSL 客户端。我有 SSL 服务器提供的 3 个文件,即: 1. 服务器的公钥:CAfile.pem 2. 客户端的私钥:client.pem 3. 客户端的公钥:client.crt
使用客户端的私钥和公钥,我创建了 1 个作为 pkcs12 文件的密钥库,并使用服务器的公钥创建了 1 个作为 JKS 文件的信任库。然后我设置以下系统属性:
System.setProperty("javax.net.ssl.keyStoreType","pkcs12");
System.setProperty("javax.net.ssl.keyStore",<keystorepath>);
System.setProperty("javax.net.ssl.keyStorePassword",<password>);
System.setProperty("javax.net.ssl.trustStoreType","jks");
System.setProperty("javax.net.ssl.trustStore",<truststorepath>);
System.setProperty("javax.net.ssl.trustStorePassword",<password>);
而且,我的 TLS 握手代码的一部分是:
System.setProperty("jsse.enableSNIExtension", "false");
SSLContext ctx = SSLContext.getInstance("TLS");
ctx.init(new KeyManager[0], new TrustManager[] {new DefaultTrustManager()}, new SecureRandom());
SSLContext.setDefault(ctx);
SSLSocketFactory factory = (SSLSocketFactory) SSLSocketFactory.getDefault();
sslSocket = (SSLSocket) factory.createSocket(socket,socketHost,port,true);
sslSocket.setSoTimeout(timeout);
sslSocket.startHandshake();
但是,在握手时,我遇到了以下错误。
java.net.SocketException: Software caused connection abort: recv failed
at java.net.SocketInputStream.socketRead0(Native Method)
at java.net.SocketInputStream.read(SocketInputStream.java:152)
at java.net.SocketInputStream.read(SocketInputStream.java:122)
at sun.security.ssl.InputRecord.readFully(InputRecord.java:442)
at sun.security.ssl.InputRecord.read(InputRecord.java:480)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:927)
at sun.security.ssl.SSLSocketImpl.waitForClose(SSLSocketImpl.java:1705)
at sun.security.ssl.HandshakeOutStream.flush(HandshakeOutStream.java:122)
at sun.security.ssl.Handshaker.sendChangeCipherSpec(Handshaker.java:972)
at sun.security.ssl.ClientHandshaker.sendChangeCipherAndFinish(ClientHandshaker.java:1087)
at sun.security.ssl.ClientHandshaker.serverHelloDone(ClientHandshaker.java:1006)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:285)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:804)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1016)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323)
at com.integra.socket.TestSocket.connectToSocket(TestSocket.java:107)
at com.integra.socket.TestSocket.main(TestSocket.java:57)
请帮忙。
谢谢