Communication with server that support ssl in java -


i have question sslconnectionin java , write below code client side ( application have connect server, have server support ssl )but error” javax.net.ssl.sslexception: connection has been shutdown: javax.net.ssl.sslhandshakeexception: sun.security.validator.validatorexception: pkix path building failed: sun.security.provider.certpath.suncertpathbuilderexception: unable find valid certification path requested target”

how can resolve problem ? 

  public static void main(string[] args)  {               bufferedreader in = new bufferedreader(                  new inputstreamreader(system.in));               printstream out = system.out;               sslsocketfactory f =                   (sslsocketfactory) sslsocketfactory.getdefault();               try {                  sslsocket c =                    (sslsocket) f.createsocket("192.168.10.38", 7701);                    printsocketinfo(c);                    system.out.println("end printsocketinfo");                    c.starthandshake();                    system.out.println("handshake ok");                     bufferedwriter w = new bufferedwriter(                     new outputstreamwriter(c.getoutputstream()));                    bufferedreader r = new bufferedreader(                     new inputstreamreader(c.getinputstream()));                    string m = null;                 // string m=                  while ((m=r.readline())!= null) {                      system.out.println("11111");                     out.println(m);                     m = in.readline();                     system.out.println("m is:  "+ m);                     w.write(m,0,m.length());                     w.newline();                     w.flush();                  }                  w.close();                  r.close();                  c.close();               } catch (ioexception e) {                  system.err.println(e.tostring());               }     }       private static void printsocketinfo(sslsocket s) {           system.out.println("socket class: "+s.getclass());           system.out.println("   remote address = "              +s.getinetaddress().tostring());           system.out.println("   remote port = "+s.getport());           system.out.println("   local socket address = "              +s.getlocalsocketaddress().tostring());           system.out.println("   local address = "              +s.getlocaladdress().tostring());           system.out.println("   local port = "+s.getlocalport());           system.out.println("   need client authentication = "              +s.getneedclientauth());           sslsession ss = s.getsession();           system.out.println("   cipher suite = "+ss.getciphersuite());           system.out.println("   protocol = "+ss.getprotocol());        }

i have certificate file, how have use certificate?

best regards

is self signed certificate

if yes have 2 options first option :

import certificate authority certificate in global java certificate trust store. store located @ 

%java installation%/jre/lib/security/cacerts

to import can use keytool command comes java installation

keytool -import -alias keyname -file yourcertificate.crt -keystore cacerts

advantage:

  • no code modification needed.
  • simple deploy

disadvantage:

  • cacert file overwritten in next java update. have import certificate again.
  • requires administrative privileges (both on linux , windows)

second option :

if want bypass certificate validation follow java: overriding function disable ssl certificate check

else create new trust store program 

keytool -import -alias keyname -file yourcertificate.crt -keystore yourtruststore

this command ask password 2 times. enter password want , input "yes" questions file created @ current directory name "yourtruststore"

now need use trust store in program 

sslsocketfactory sslfactory = null; inputstream truststore = null; keystore keystore = null; truststore = new fileinputstream("<your trust store absolute path>"); keystore = keystore.getinstance(keystore.getdefaulttype()); keystore.load(truststore, "<your trust store password>".tochararray()); trustmanagerfactory tmf = trustmanagerfactory.getinstance(trustmanagerfactory.getdefaultalgorithm()); tmf.init(keystore); sslcontext ctx = sslcontext.getinstance("tls"); ctx.init(null, tmf.gettrustmanagers(), null); sslfactory = ctx.getsocketfactory();

you can use socket factory open new sockets


Comments

Post a Comment

Popular posts from this blog

commonjs - How to write a typescript definition file for a node module that exports a function? -

consider, toml node module can use: // toml.d.ts declare module toml { export function parse(value:string):any; } declare module "toml" { export = toml; } then: /// <reference path="../../../../../defs/toml/toml.d.ts"/> import toml = require('toml'); toml.parse(...); however, node module export single function, such 'glob' ( https://github.com/isaacs/node-glob ). the node usage of module be: var glob = require("glob") glob("*.js", {}, callback(err, files) { ... }); you'd naively expect this: // glob.d.ts declare function globs(paths:string, options:any, callback:{(err:any, files:string[]):void; ...but because typescripts 'import' semantics bit strange, seems can use 'import .. = require()' statement alias modules . trying call: /// <reference path="../../../../../defs/glob/glob.d.ts"/> import blog = require('glob'); results in: error ts2072: mod
Read more

openid - Okta: Failed to get authorization code through API call -

i'm integrating okta own idp server using okta's api. i'm implementing authorization code flow following steps below: in own server, use /api/v1/authn endpoint sessiontoken. use sessiontoken obtain authorization calling endpoint: /oauth2/v1/authorize?client_id=" + clientid + "&sessiontoken=" + sessiontoken + "&response_type=code&response_mode=query&scope=openid&redirect_uri=" + redirecturl + "&state=evanyang&nonce=" it's supposed return response status code 302 , location header containing redirect url code value. however, keep getting response status code 200 , without location header, html body saying "you using unsupported browser." , "javascript disabled on browser." according api documentation: http://developer.okta.com/docs/api/resources/oidc.html#authentication-request , sessiontoken parameter sufficient this: an okta one-time sessiontoken. allows api-based
Read more

thorough guide for profiling racket code -

did googling ("racket profiling", "racket measure performance"), didn't find , there no examples in docs. did google "profile" search on htdp - no luck. (profile (f ...)) output isn't obvious other small snippets. ideally want python's python -m cprofile usage examples. when search "python profiling", both duckduckgo , google give top result: 26.4. python profilers . (although scanned quickly, seems more of reference "thorough usage guide" examples. if had else in mind, perhaps please link that?) the equivalent racket documentation be: profile: statistical profiler . a usage example: #lang racket (require profile) (profile-thunk (thunk (function-to-profile arg0 arg1) )) here (thunk e) convenience (lambda () e) . bigger example: #lang racket (module mod racket (provide f) (define (f) (for/list ([i 10000]) i))) (require (prefix-in mod: 'mod)) (define (f) (for ([i 10000
Read more