当我尝试使用getServerSocket方法初始化SSLServerSocket时,如下所示,其中定义了密钥库:
public static ServerSocket getServerSocket(int port) {
System.setProperty("sun.security.ssl.allowUnsafeRenegotiation", "true");
ServerSocket serverSocket = null;
secureRandom = new SecureRandom();
Thread.currentThread().sleep(30000);
secureRandom.nextInt();
setupClientKeyStore();
setupServerKeystore();
setupSSLContext();
SSLServerSocketFactory sf = sslContext.getServerSocketFactory();
serverSocket = sf.createServerSocket(port);
((SSLServerSocket)serverSocket).setNeedClientAuth(true);
}
return serverSocket;
}
private static void setupClientKeyStore() throws GeneralSecurityException, IOException {
clientKeyStore = KeyStore.getInstance("JKS");
KeyStore client = KeyStore.getInstance("JKS");
client.load( new FileInputStream("client.public"), "public".toCharArray() );
KeyStore client1 = KeyStore.getInstance( "JKS" );
client1.load( new FileInputStream("client1.public"), "public".toCharArray() );
KeyStore.Entry clientpublic = client.getEntry("clientpublic", null);
KeyStore.Entry client1public = client1.getEntry("client1public", null);
clientKeyStore.load(null, null);
clientKeyStore.setEntry("clientpublic", clientpublic, null);
clientKeyStore.setEntry("client1public", client1public, null);
}
private static void setupServerKeystore() throws GeneralSecurityException, IOException {
serverKeyStore = KeyStore.getInstance( "JKS" );
serverKeyStore.load( new FileInputStream( "server.private" ),
passphrase.toCharArray() );
}
private static void setupSSLContext() throws GeneralSecurityException, IOException {
TrustManagerFactory tmf = TrustManagerFactory.getInstance( "SunX509" );
tmf.init( clientKeyStore );
KeyManagerFactory kmf = KeyManagerFactory.getInstance( "SunX509" );
kmf.init( serverKeyStore, passphrase.toCharArray() );
sslContext = SSLContext.getInstance("TLS");
sslContext.init( kmf.getKeyManagers(),
tmf.getTrustManagers(),
secureRandom);
}
它引发异常:
trigger seeding of SecureRandom
trigger seeding of SecureRandom
done seeding SecureRandom
done seeding SecureRandom
java.lang.IllegalStateException: SSLContext is not initialized
atcom.sun.net.ssl.internal.ssl.SSLContextImpl.enginegetServerSocketFactory<SSLContextImpl.java.153>
at javax.net.ssl.SSLContext.getServerSocketFactory<SSLContext.java.272>
Allow unsafe renegotiation: false
Allow legacy hello message: true
Is initial handshake: true
Is secure renegotiation: false
我不明白为什么它两次将“ SecureRandom的触发种子”和“已完成SecureRandom的种子”放入两次。
显然,输出出现了两次,因为您同时在两个线程中运行此代码。我建议您在两个线程中也使用相同的Runnable,这将完全解释此故障。
在nextInt()之前不需要睡眠。我不明白您为什么也将KeyStore条目设置为null。
本文收集自互联网,转载请注明来源。
如有侵权,请联系 [email protected] 删除。
我来说两句