摘要:上文讲了如何使用生成的签名证书进行加密通信,结果客户端告诉我他们用的版本没有类,并且由于一些交易的原因还不能更新没有你总有吧,来吧。
上文讲了netty如何使用openssl生成的签名证书进行加密通信,结果客户端告诉我他们用的netty版本没有SslContextBuilder类,并且由于一些PY交易的原因还不能更新netty....
SslContextBuilder没有java你总有吧,来吧。
一、老规矩,创建key 1.创建客户端和服务端的keystore文件随便找个文件夹就行,打开命令行输入
keytool -genkey -alias sslserver -keystore sslserverkeys keytool -genkey -alias sslclient -keystore sslclientkeys2.将keystore导出证书格式
keytool -export -alias sslserver -keystore sslserverkeys -file sslserver.cer keytool -export -alias sslclient -keystore sslclientkeys -file sslclient.cer3.将客户端证书导入到服务器端信任的 keystore 里,将服务器端证书导入到客户端信任的 keystore 里。
keytool -import -alias sslclient -keystore sslservertrust -file sslclient.cer keytool -import -alias sslserver -keystore sslclienttrust -file sslserver.cer
最后得到有用的文件分别为
服务端:sslserverkeys、sslservertrust
客户端:sslclientkeys、sslclienttrust
public class SecureChatSslContextFactory { private static final String PROTOCOL = "SSL"; private static final SSLContext SERVER_CONTEXT; private static String SERVER_KEY_STORE = ".sslsslserverkeys"; private static String SERVER_TRUST_KEY_STORE = ".sslsslservertrust"; private static String SERVER_KEY_STORE_PASSWORD = "123123123"; private static String SERVER_TRUST_KEY_STORE_PASSWORD = "123123123"; static { String algorithm = SystemPropertyUtil.get("ssl.KeyManagerFactory.algorithm"); if (algorithm == null) { algorithm = "SunX509"; } SSLContext serverContext; try { KeyStore ks = KeyStore.getInstance("JKS"); ks.load(new FileInputStream(SERVER_KEY_STORE), SERVER_KEY_STORE_PASSWORD.toCharArray()); KeyStore tks = KeyStore.getInstance("JKS"); tks.load(new FileInputStream(SERVER_TRUST_KEY_STORE), SERVER_TRUST_KEY_STORE_PASSWORD.toCharArray()); KeyManagerFactory kmf = KeyManagerFactory.getInstance(algorithm); TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509"); kmf.init(ks, SERVER_KEY_STORE_PASSWORD.toCharArray()); tmf.init(tks); serverContext = SSLContext.getInstance(PROTOCOL); serverContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null); } catch (Exception e) { throw new Error(e); } SERVER_CONTEXT = serverContext; } public static SSLContext getServerContext() { return SERVER_CONTEXT; } }Main.java
public class Main { private static final int m_port = 23333; public void run() throws InterruptedException { EventLoopGroup bossGroup = new NioEventLoopGroup(1); EventLoopGroup workerGroup = new NioEventLoopGroup(); try { ServerBootstrap b = new ServerBootstrap(); b.group(bossGroup, workerGroup) .channel(NioServerSocketChannel.class) .childHandler(new Initializer()); System.out.println("启动了,端口:" + m_port); ChannelFuture f = b.bind(m_port).sync(); f.channel().closeFuture().sync(); } finally { bossGroup.shutdownGracefully(); workerGroup.shutdownGracefully(); System.out.println("关闭了"); } } public static void main(String[] args) throws Exception { new Main().run(); } }Initializer.java
public class Initializer extends ChannelInitializerHandler.java{ @Override public void initChannel(SocketChannel ch) throws Exception { ChannelPipeline pipeline = ch.pipeline(); SSLEngine engine = SecureChatSslContextFactory.getServerContext().createSSLEngine(); engine.setUseClientMode(false); engine.setNeedClientAuth(true); pipeline.addLast("ssl", new SslHandler(engine)); pipeline.addLast(new DelimiterBasedFrameDecoder(8192, Delimiters.lineDelimiter())); pipeline.addLast(new StringDecoder()); pipeline.addLast(new StringEncoder()); pipeline.addLast(new Handler()); } }
public class Handler extends SimpleChannelInboundHandler三、客户端代码(git) SecureChatSslContextFactory.java{ @Override public void handlerAdded(ChannelHandlerContext ctx) throws Exception { Channel incoming = ctx.channel(); ctx.writeAndFlush("[SERVER] - " + incoming.remoteAddress() + " 加入 "); } @Override protected void channelRead0(ChannelHandlerContext ctx, String s) throws Exception { Channel incoming = ctx.channel(); System.out.println("收到" + incoming.id() + "消息:" + s); } @Override public void channelActive(ChannelHandlerContext ctx) throws Exception { Channel incoming = ctx.channel(); System.out.println("SimpleChatClient:" + incoming.remoteAddress() + "在线"); } @Override public void handlerRemoved(ChannelHandlerContext ctx) throws Exception { Channel incoming = ctx.channel(); ctx.writeAndFlush("[SERVER] - " + incoming.remoteAddress() + " 离开 "); } @Override public void channelInactive(ChannelHandlerContext ctx) throws Exception { Channel incoming = ctx.channel(); System.out.println(incoming.remoteAddress() + "掉线"); } @Override public void exceptionCaught(ChannelHandlerContext ctx, Throwable cause) throws Exception { Channel incoming = ctx.channel(); System.out.println(incoming.remoteAddress() + "异常"); // 当出现异常就关闭连接 cause.printStackTrace(); ctx.close(); } }
public class SecureChatSslContextFactory { private static final String PROTOCOL = "SSL"; private static final SSLContext CLIENT_CONTEXT; private static String CLIENT_KEY_STORE = ".sslsslclientkeys"; private static String CLIENT_TRUST_KEY_STORE = ".sslsslclienttrust"; private static String CLIENT_KEY_STORE_PASSWORD = "321321321"; private static String CLIENT_TRUST_KEY_STORE_PASSWORD = "321321321"; static { String algorithm = SystemPropertyUtil.get("ssl.KeyManagerFactory.algorithm"); if (algorithm == null) { algorithm = "SunX509"; } SSLContext clientContext; try { KeyStore ks2 = KeyStore.getInstance("JKS"); ks2.load(new FileInputStream(CLIENT_KEY_STORE), CLIENT_KEY_STORE_PASSWORD.toCharArray()); KeyStore tks2 = KeyStore.getInstance("JKS"); tks2.load(new FileInputStream(CLIENT_TRUST_KEY_STORE), CLIENT_TRUST_KEY_STORE_PASSWORD.toCharArray()); KeyManagerFactory kmf2 = KeyManagerFactory.getInstance(algorithm); TrustManagerFactory tmf2 = TrustManagerFactory.getInstance("SunX509"); kmf2.init(ks2, CLIENT_KEY_STORE_PASSWORD.toCharArray()); tmf2.init(tks2); clientContext = SSLContext.getInstance(PROTOCOL); clientContext.init(kmf2.getKeyManagers(), tmf2.getTrustManagers(), null); } catch (Exception e) { throw new Error(e); } CLIENT_CONTEXT = clientContext; } public static SSLContext getClientContext() { return CLIENT_CONTEXT; }Main.java
public class Main { private static String m_host = "127.0.0.1"; private static int m_prot = 23333; public static void main(String[] args) throws Exception { new Main().run(); } public void run() throws Exception { EventLoopGroup group = new NioEventLoopGroup(); try { Bootstrap bt = new Bootstrap().group(group).channel(NioSocketChannel.class).handler(new Initializer()); Channel channel = bt.connect(m_host, m_prot).sync().channel(); BufferedReader in = new BufferedReader(new InputStreamReader(System.in)); while (true) { channel.writeAndFlush(in.readLine() + " "); } } catch (IOException e) { e.printStackTrace(); } finally { group.shutdownGracefully(); } } }Initializer.java
public class Initializer extends ChannelInitializerHandler.java{ @Override public void initChannel(SocketChannel ch) throws Exception { ChannelPipeline pipeline = ch.pipeline(); SSLEngine engine = SecureChatSslContextFactory.getClientContext().createSSLEngine(); engine.setUseClientMode(true); pipeline.addLast("ssl", new SslHandler(engine)); pipeline.addLast(new DelimiterBasedFrameDecoder(8192, Delimiters.lineDelimiter())); pipeline.addLast(new StringDecoder()); pipeline.addLast(new StringEncoder()); pipeline.addLast(new Handler()); } }
public class Handler extends SimpleChannelInboundHandler{ protected void channelRead0(ChannelHandlerContext channelHandlerContext, String s) throws Exception { System.out.println("收到:" + s); } }
文章版权归作者所有,未经允许请勿转载,若此文章存在违规行为,您可以联系管理员删除。
转载请注明本文地址:https://www.ucloud.cn/yun/67276.html
摘要:前言升级了后台推送接口,使用协议,提高了的最大大小,本文介绍新版实现方法基于框架框架不要使用的类直接发送请求,因为底层虽然使用了,可以设置和,但是超过,链接还是会断开,而官方建议保持长链接所以最好自建长链接,使用底层的类来直接发送请求,并通 前言 Apple 升级了后台推送接口,使用 http2 协议,提高了 payload 的最大大小(4k),本文介绍新版 APNS 实现方法 基于 ...
时间:2018年04月11日星期三 说明:本文部分内容均来自慕课网。@慕课网:https://www.imooc.com 教学源码:https://github.com/zccodere/s... 学习源码:https://github.com/zccodere/s... 第一章:课程介绍 1-1 课程介绍 什么是Netty 高性能、事件驱动、异步非阻塞的IO Java开源框架 基于NIO的客户...
摘要:而我们项目在实测时也是将项目发布到测试服务器,通过模拟工具进行测试连接,当数据格式正常,且业务数据正常,服务器就会对指令执行对应的操作。 阅读本文约5.5分钟 最近又有粉丝加Q群讨论netty整合SSM项目的方式等,我在这里抽了休息日的时候整理一下,一步一步的记录,注意的是,本案例仅实现了用netty整合SSM后与单片机等类TCP应用通信。 SSM + Netty项目结合思路 对于N...
阅读 1639·2023-04-25 20:36
阅读 2047·2021-09-02 15:11
阅读 1176·2021-08-27 13:13
阅读 2653·2019-08-30 15:52
阅读 4586·2019-08-29 17:13
阅读 1000·2019-08-29 11:09
阅读 1490·2019-08-26 11:51
阅读 833·2019-08-26 10:56