1.使用keytool创建密钥对..并在服务端和客户端完成分配..具体方法可参看:java-使用keytool来创建管理密钥及证书等-java学习笔记(3)
2.建立客户端和服务端的socket实例:
客户端代码如下:
public class SSLClient {
public static void startSSLClient() throws IOException {
int port = 15408;//要连接的服务器端口
String serverAdd = "127.0.0.1";//要连接的服务器地址
try {
System.setProperty("javax.net.ssl.trustStore","clientkey.jks");//设置可信任的密钥仓库
System.setProperty("javax.net.ssl.trustStorePassword","sslkey1"); //设置可信任的密钥仓库的密码
SSLSocketFactory sslsf = (SSLSocketFactory)SSLSocketFactory.getDefault();//利用工厂来创建SSLSocket安全套接字
Socket csocket = sslsf.createSocket(serverAdd,port);//创建并连接服务器
System.out.println("Client OK~");
System.out.println("===============");
System.out.println("");
//以下代码同socket通讯实例中的代码
BufferedReader socketIn = new BufferedReader( new InputStreamReader(csocket.getInputStream()));//接受到的信息
PrintStream socketOut = new PrintStream(csocket.getOutputStream());//要发送的信息
BufferedReader userIn = new BufferedReader( new InputStreamReader(System.in));//用户输入信息
String s;
while ( true ) {
System.out.print("Client Message: ");
s = userIn.readLine();
socketOut.println(s);
if ( s.trim().equals("BYE") ) break;
else {
System.out.println("Please wait Server Message..");
System.out.println("");
}
s = socketIn.readLine();
System.out.println("Server Message: " + s);
if ( s.trim().equals("BYE") ) break;
}
socketIn.close();
socketOut.close();
userIn.close();
csocket.close();
}
catch (Exception e) {
System.out.println("Error: " + e);
}
}
public static void main(String[] args) {
try {
startSSLClient();
}
catch (Exception e) {
System.out.println("Error: " + e);
}
}
}
服务端代码如下:(这里像换种方式写..结果写烦了..呵呵)
public class SSLServer {
public static void startSSLServer() throws IOException {
int port = 15408;//监听端口
String keyFile = "serverkey.jks";//密钥库文件
String keyFilePass = "sslkey1";//密钥库的密码
String keyPass = "sslkey1";//密钥别名的密码
SSLServerSocket sslsocket = null;//安全连接套接字
KeyStore ks;//密钥库
KeyManagerFactory kmf;//密钥管理工厂
SSLContext sslc = null;//安全连接方式
//初始化安全连接的密钥
try {
ks = KeyStore.getInstance("JKS");
ks.load(new FileInputStream(keyFile), keyFilePass.toCharArray());
kmf = KeyManagerFactory.getInstance("SunX509");
kmf.init(ks,keyPass.toCharArray());
sslc = SSLContext.getInstance("SSLv3");
sslc.init(kmf.getKeyManagers(), null, null);
} catch (KeyManagementException ex) {
Logger.getLogger(SSLServer.class.getName()).log(Level.SEVERE, null, ex);
} catch (UnrecoverableKeyException ex) {
Logger.getLogger(SSLServer.class.getName()).log(Level.SEVERE, null, ex);
} catch (KeyStoreException ex) {
Logger.getLogger(SSLServer.class.getName()).log(Level.SEVERE, null, ex);
} catch (NoSuchAlgorithmException ex) {
Logger.getLogger(SSLServer.class.getName()).log(Level.SEVERE, null, ex);
} catch (CertificateException ex) {
Logger.getLogger(SSLServer.class.getName()).log(Level.SEVERE, null, ex);
}
//用安全连接的工厂来创建安全连接套接字
SSLServerSocketFactory sslssf = sslc.getServerSocketFactory();
sslsocket = (SSLServerSocket) sslssf.createServerSocket(port);//创建并进入监听
System.out.println("Listening...");
SSLSocket ssocket = (SSLSocket)sslsocket.accept();//接受客户端的连接
System.out.println("Server Connection OK~");
System.out.println("========================");
System.out.println("");
//以下代码同socket通讯实例中的代码
BufferedReader socketIn = new BufferedReader(new InputStreamReader(ssocket.getInputStream()));
BufferedReader userIn = new BufferedReader(new InputStreamReader(System.in));
PrintStream socketOut = new PrintStream(ssocket.getOutputStream());
String s;
while (true) {
System.out.println("Please wait client 's message..");
System.out.println("");
s = socketIn.readLine();
System.out.println("Client Message: " + s);
if ( s.trim().equals("BYE") ) break;
System.out.print("Server Message: ");
s = userIn.readLine();
socketOut.println(s);
if ( s.trim().equals("BYE") ) break;
}
socketIn.close();
socketOut.close();
userIn.close();
sslsocket.close();
}
public static void main(String [] args) {
try {
startSSLServer();
}
catch (Exception e) {
System.out.println("Error: " + e);
}
}
}
以上..基本实现了SSL连接..用wireshark抓包比较..证明此方法确实经过加密..比较安全..
