-1
Я построил SSL-приложение клиент-сервер, в котором хочу сделать несколько тестов, но у меня проблемы с клиентом. Сервер работает нормально, но когда я пытаюсь запустить клиент у меня есть это сообщение:Java SSL Client - Сервер: не удалось найти действительную сертификацию
Exception in thread "main" javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Unknown Source)
at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)
at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source)
at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)
at sun.security.ssl.Handshaker.processLoop(Unknown Source)
at sun.security.ssl.Handshaker.process_record(Unknown Source)
at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.writeRecord(Unknown Source)
at sun.security.ssl.AppOutputStream.write(Unknown Source)
at java.io.OutputStream.write(Unknown Source)
at ssl.Client.main(Client.java:17)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(Unknown Source)
at sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
at sun.security.validator.Validator.validate(Unknown Source)
at sun.security.ssl.X509TrustManagerImpl.validate(Unknown Source)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(Unknown Source)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
... 10 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.build(Unknown Source)
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source)
at java.security.cert.CertPathBuilder.build(Unknown Source)
... 16 more
Сервер:
package ssl;
import java.io.PrintStream;
import java.math.BigInteger;
import java.net.InetAddress;
import java.net.ServerSocket;
import java.net.Socket;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
public class Server {
private static final String HOST = "localhost";
private static final int PORT = 3443;
public static void main(String[] args) throws Exception {
System.setProperty("javax.net.ssl.keyStore", "DebKeyStore.jks");
System.setProperty("javax.net.ssl.keyStorePassword", "iliebc");
SSLServerSocketFactory ssf = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault();
ServerSocket ss = ssf.createServerSocket(PORT, 0, InetAddress.getByName(HOST));
System.out.println("Server started on port " + PORT);
while (true) {
Socket s = ss.accept();
SSLSession session = ((SSLSocket) s).getSession();
//System.out.println(session.getLocalCertificates());
Certificate[] cchain2 = session.getLocalCertificates();
for (int i = 0; i < cchain2.length; i++) {
System.out.println(((X509Certificate) cchain2[i]).getSubjectDN());
}
System.out.println("Peer host is " + session.getPeerHost());
System.out.println("Cipher is " + session.getCipherSuite());
System.out.println("Protocol is " + session.getProtocol());
System.out.println("ID is " + new BigInteger(session.getId()));
System.out.println("Session created in " + session.getCreationTime());
System.out.println("Session accessed in " + session.getLastAccessedTime());
PrintStream out = new PrintStream(s.getOutputStream());
out.println("Hi");
out.close();
s.close();
}
}
}
Клиент:
package ssl;
import java.io.OutputStream;
import java.net.InetAddress;
import java.net.Socket;
import javax.net.ssl.SSLSocketFactory;
public class Client {
private static final String HOST = "localhost";
private static final int PORT = 3443;
public static void main(String[] args) throws Exception {
SSLSocketFactory sf = (SSLSocketFactory) SSLSocketFactory.getDefault();
Socket socket = sf.createSocket(InetAddress.getByName(HOST), PORT);
OutputStream out = socket.getOutputStream();
System.out.println(out);
out.write("\nConnection established.\n\n".getBytes());
out.flush();
int theCharacter = 0;
theCharacter = System.in.read();
while (theCharacter != '~') { // The '~' is an escape character to exit
out.write(theCharacter);
out.flush();
theCharacter = System.in.read();
}
out.close();
socket.close();
}
}
Как я могу решить это исключение ?
Где вы получить сертификат? – mattm
Я делаю это с помощью keytool: keytool -genkey -alias localhost -keyalg RSA -keystore keystore.jks -keysize 2048 – Doro
Не обрезайте сообщения об ошибках и не ругайте их. – EJP