简单的Java HTTPS服务器 [英] Simple Java HTTPS server
问题描述
我需要为Java应用程序设置一个非常轻量级的HTTPS服务器。它是我们开发实验室中使用的模拟器,用于模拟野外设备接受的HTTPS连接。因为它纯粹是一种轻量级的开发工具,并且完全不以任何方式用于生产,所以我很乐意绕过认证和尽可能多的谈判。
I need to setup a really lightweight HTTPS server for a Java application. It's a simulator that's being used in our development labs to simulate the HTTPS connections accepted by a piece of equipment in the wild. Because it's purely a lightweight development tool and isn't used in production in any way at all I'm quite happy to bypass certifications and as much negotiation as I can.
我打算在Java 6 SE中使用 HttpsServer
类,但我很难让它运行起来。作为测试客户端,我在cygwin命令行中使用 wget
( wget https:// [地址]:[端口]
)但是 wget
报告它无法建立SSL连接。
I'm planning on using the HttpsServer
class in Java 6 SE but I'm struggling to get it working. As a test client I'm using wget
from the cygwin command line (wget https://[address]:[port]
) but wget
reports that it was "Unable to establish SSL connection".
如果我运行 wget
使用 -d
选项进行调试它告诉我SSL握手失败。
If I run wget
with the -d
option for debugging it tells me "SSL handshake failed".
我花了30分钟谷歌搜索这一切似乎只是指向描述方法的相当无用的Java6文档,但实际上并没有谈论如何让讨论的事情或提供任何示例完全没有代码。
I've spent 30 minutes googling this and everything seems to just point back to the fairly useless Java6 documentation that describes the methods but doesn't actually talk about how to get the darn thing talking or provide any example code at all.
任何人都可以向我推进正确的方向吗?
Can anyone nudge me in the right direction?
推荐答案
我最终使用的是:
try
{
// setup the socket address
InetSocketAddress address = new InetSocketAddress ( InetAddress.getLocalHost (), config.getHttpsPort () );
// initialise the HTTPS server
HttpsServer httpsServer = HttpsServer.create ( address, 0 );
SSLContext sslContext = SSLContext.getInstance ( "TLS" );
// initialise the keystore
char[] password = "simulator".toCharArray ();
KeyStore ks = KeyStore.getInstance ( "JKS" );
FileInputStream fis = new FileInputStream ( "lig.keystore" );
ks.load ( fis, password );
// setup the key manager factory
KeyManagerFactory kmf = KeyManagerFactory.getInstance ( "SunX509" );
kmf.init ( ks, password );
// setup the trust manager factory
TrustManagerFactory tmf = TrustManagerFactory.getInstance ( "SunX509" );
tmf.init ( ks );
// setup the HTTPS context and parameters
sslContext.init ( kmf.getKeyManagers (), tmf.getTrustManagers (), null );
httpsServer.setHttpsConfigurator ( new HttpsConfigurator( sslContext )
{
public void configure ( HttpsParameters params )
{
try
{
// initialise the SSL context
SSLContext c = SSLContext.getDefault ();
SSLEngine engine = c.createSSLEngine ();
params.setNeedClientAuth ( false );
params.setCipherSuites ( engine.getEnabledCipherSuites () );
params.setProtocols ( engine.getEnabledProtocols () );
// get the default parameters
SSLParameters defaultSSLParameters = c.getDefaultSSLParameters ();
params.setSSLParameters ( defaultSSLParameters );
}
catch ( Exception ex )
{
ILogger log = new LoggerFactory ().getLogger ();
log.exception ( ex );
log.error ( "Failed to create HTTPS port" );
}
}
} );
LigServer server = new LigServer ( httpsServer );
joinableThreadList.add ( server.getJoinableThread () );
}
catch ( Exception exception )
{
log.exception ( exception );
log.error ( "Failed to create HTTPS server on port " + config.getHttpsPort () + " of localhost" );
}
生成密钥库:
$ keytool -genkey -alias alias -keypass simulator \
-keystore lig.keystore -storepass simulator
参见这里。
潜在的storepass和keypass可能会有所不同,在这种情况下 ks.load
和 kmf.init
必须分别使用storepass和keypass。
Potentially storepass and keypass might be different, in which case the ks.load
and kmf.init
must use storepass and keypass, respectively.
这篇关于简单的Java HTTPS服务器的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!