1.建立密鑰庫：

keytool -genkey -v -keyalg RSA -alias test -keystore sslkeystore

其中；－keyalg RSA表示密鑰算法RSA，-alias test 表示別名test，-keystore sslkeystore 表示密鑰庫名為sslkeystore

2. 制作 證書文件：制作證書是從密鑰庫輸出特定別名的證書，保存到證書文件test.cer中。

keytool -export -alias test -file test.cer -keystore sslkeystore

3.將證書文件test.cer導入自己的密鑰庫test:

keytool -import -alias test -file test.cer -keystore test

4.SSL服務端程序：

SSLServerExample.java

package com.cjq.save;

import java.io.IOException;

import java.io.PrintWriter;

import java.net.ServerSocket;

import java.net.Socket;

import javax.net.ssl.SSLServerSocketFactory;

//SSL服務器端程序

public class SSLServerExample {

public static void main(String[] args) throws IOException{

System.setProperty("javax.net.ssl.keyStore","sslkeystore");

System.setProperty("javax.net.ssl.keyStorePassword", "123456");

//創建SSLServerSocketFactory類對象。利用getDefault()方法建立一個強制轉換成的SSLServerSocketFactory類對象

SSLServerSocketFactory sslsf = (SSLServerSocketFactory)SSLServerSocketFactory.getDefault();

//建立服務器套接口ServerSocket類對象，其端口8080

ServerSocket ss = sslsf.createServerSocket(8080);

System.out.println("Waiting for connection...");

while(true){

Socket s= ss.accept();

System.out.println("Client connection made");

//

PrintWriter out = new PrintWriter(s.getOutputStream());

out.println("HI");

System.out.println("HI is sent to client");

out.close();

s.close();

}

}

}

5.SSL客戶端程序：

SSLClientExample.java:

package com.cjq.save;

import java.io.BufferedReader;

import java.io.IOException;

import java.io.InputStreamReader;

import java.net.Socket;

import javax.net.ssl.SSLSocketFactory;

//SSL客戶端程序

public class SSLClientExample {

public static void main(String[] args) throws IOException{

//

System.setProperty("javax.net.ssl.trustStore", "test");

System.setProperty("javax.net.ssl.keyStorePassword", "123456");

SSLSocketFactory sslsf = (SSLSocketFactory)SSLSocketFactory.getDefault();

Socket s = sslsf.createSocket("127.0.0.1",8080);

System.out.println("the connection is ok");

BufferedReader in = new BufferedReader(new InputStreamReader(s.getInputStream()));

System.out.println(in.readLine());

in.close();

s.close();

System.out.println("the connection is close");

}

}

6.運行程序：

cmd窗口運行，且程序中System.setProperty(..,...)的代碼是不存在的時候：

java ?-Djavax.net.ssl.keyStore=sslkeystore -Djava.net.ssl.keyStorePassword=123456?SSLClientExample

則會出現錯誤：

Exception in thread "main" java.net.SocketException: java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: Default, provider: SunJSSE, class: com.sun.net.ssl.internal.ssl.DefaultSSLContextImpl)

at javax.net.ssl.DefaultSSLServerSocketFactory.throwException(Unknown Source)

at javax.net.ssl.DefaultSSLServerSocketFactory.createServerSocket(Unknown Source)

at com.cjq.save.SSLServerExample.main(SSLServerExample.java:16)

Caused by: java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: Default, provider: SunJSSE, class: com.sun.net.ssl.internal.ssl.DefaultSSLContextImpl)

at java.security.Provider$Service.newInstance(Unknown Source)

at sun.security.jca.GetInstance.getInstance(Unknown Source)

at sun.security.jca.GetInstance.getInstance(Unknown Source)

at javax.net.ssl.SSLContext.getInstance(Unknown Source)

at javax.net.ssl.SSLContext.getDefault(Unknown Source)

at javax.net.ssl.SSLServerSocketFactory.getDefault(Unknown Source)

at com.cjq.save.SSLServerExample.main(SSLServerExample.java:14)

Caused by: java.security.UnrecoverableKeyException: Password must not be null

at sun.security.provider.JavaKeyStore.engineGetKey(Unknown Source)

at sun.security.provider.JavaKeyStore$JKS.engineGetKey(Unknown Source)

at java.security.KeyStore.getKey(Unknown Source)

at com.sun.net.ssl.internal.ssl.SunX509KeyManagerImpl.(Unknown Source)

at com.sun.net.ssl.internal.ssl.KeyManagerFactoryImpl$SunX509.engineInit(Unknown Source)

at javax.net.ssl.KeyManagerFactory.init(Unknown Source)

at com.sun.net.ssl.internal.ssl.DefaultSSLContextImpl.getDefaultKeyManager(Unknown Source)

at com.sun.net.ssl.internal.ssl.DefaultSSLContextImpl.(Unknown Source)

at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)

at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)

at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)

at java.lang.reflect.Constructor.newInstance(Unknown Source)

at java.lang.Class.newInstance0(Unknown Source)

at java.lang.Class.newInstance(Unknown Source)

... 7 more

原因是密碼為空，但實際上參數中有“-Djava.net.ssl.keyStorePassword=123456”這個，密碼不應該為空， 卻報空， 目前不解。

但將java 之后兩個參數寫在程序中：

System.setProperty("javax.net.ssl.keyStore","sslkeystore");

System.setProperty("javax.net.ssl.keyStorePassword", "123456");則正常運行。

總結

以上是生活随笔為你收集整理的java密钥库文件存在但为空_java安全套接层SSL示例的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。