Using Self Signed certificate in java

*爱你&永不变心* 提交于 2019-12-11 04:41:45

问题


I want to connect to a sms gateway. I found the following code.

public void smsSender(String username, String password, String to,
        String text) throws IOException {

    try {
        String data = "username=" + username + "&password=" + password
                + "&to=" + to + "&text=" + text;

        URL url = new URL("https://sendsms.abc.com:1010/sms.php");

        HttpURLConnection urlc = (HttpURLConnection) url.openConnection();
        urlc.setRequestMethod("POST");
        urlc.setDoOutput(true);
        urlc.setRequestProperty("Content-type",
                "application/x-www-form-urlencoded");

        BufferedWriter br = new BufferedWriter(new OutputStreamWriter(
                urlc.getOutputStream()));

        br.write(data);
        br.flush();

        BufferedReader rd = new BufferedReader(new InputStreamReader(
                urlc.getInputStream()));
        String line;
        while (null != ((line = rd.readLine()))) {
            output = line;
            System.out.println(output);
        }

        rd.close();
    } catch (Exception e) {
        e.printStackTrace();
    }
}

When i try to connect using this method Eclipse sends an error message.

unable to find valid certification path to requested target

The server that i'm trying to access is using self signed certificate. I'm new to this field. How can i solve this problem. Thanks in advance :)


回答1:


To make remote method invocations over SSL, a client needs to trust the certificate of the server. As you said the server has a self-signed certificate, you client needs to be explicitly configured to trust the certificate else the connection fails. To create a trust relationship between a client and server's self-signed certificate, follow the steps mentioned below,

  1. First you should get the server certificate on your client side.
    For that the way I know of is, i.e. hit the server url in a browser and get the server's certificate and import it in the browser. There might be other ways of getting the server certificate but you'll have to explore.

  2. Now export the public key as a certificate from the browser to the client. let it be server.cer.

  3. Now, create the client keystore

    keytool -genkey -alias clientkeys -keyalg RSA -keystore client.keystore -storepass 123456 -keypass 123456 -dname "CN=localhost, OU=MYOU, O=MYORG, L=MYCITY, S=MYSTATE, C=MY"

  4. create the client certificate

    keytool -export -alias clientkeys -keystore client.keystore -storepass 123456 -file client.cer

  5. Now, import the server certificate to the client trust store.

    keytool -import -alias serverCert -keystore client.truststore -storepass clientcert -file server.cer

  6. now load the client keystore as mentioned in erickson's comment in the link provided by Werner.

Let me know if things are still not clear. But I suggest you read some documentation on google related to SSL Handshaking between a client and a server.



来源:https://stackoverflow.com/questions/13015910/using-self-signed-certificate-in-java

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!