如何从 Java SSLSocket 访问最终协商的协议和密码? [英] How to access final negotiated protocol and cipher from Java SSLSocket?
问题描述
我一直在尝试组合一个小型的基于 Java 的 HTTPS/SSL 服务器,主要是为了尝试获得一些对于我们的测试/诊断目的来说相当可移植的东西.
I have been working on trying to put together a small Java-based HTTPS/SSL server, mainly to try to get something that can be fairly portable for our testing/diagnostics purposes.
基于这里的示例,我得到了这样一个服务器应用程序:
I got such a server app working, based on the example here:
http://www.mybinarylife.net/2012/06/java-ssl-threaded-echo-server.html
但是,正如我所说,我想要的一件事是该服务器应用程序将为每个传入连接输出最终协商的协议和密码信息,类似于 Apache 自定义日志记录如何输出协议和密码信息,如上所述本页:
But, as I said, one of the things I want is that this server app will output the final negotiated protocol and cipher information for each incoming connection, similar to how Apache custom logging can output the protocol and cipher information as described on this page:
https://isc.sans.edu/forums/diary/Logging+SSL/18847/
In Apache, you can log the protocol version and cipher easily by logging the respective environment variable [1] . For example:
CustomLog logs/ssl_request_log "%t %h \"{User-agent}i\" %{SSL_PROTOCOL}x %{SSL_CIPHER}x "
Logs SSL protocol and cipher.
但我没有看到任何方法或任何可以在基于 Java 的应用程序中获取该信息的方法?
but I don't see any methods or anything that would get that information in a Java-based application?
SSLSocket 有获取 ENABLED 协议等的方法,但似乎没有任何获取最终协商协议和密码的方法.
SSLSocket has methods for getting ENABLED protocols, etc., but doesn't seem to have any methods for getting the final, negotiated protocol and cipher.
有谁知道这在 Java 中是否可行,如果可以,我该怎么做?
Does anyone know if this is possible in Java, and if so, how can I do that?
谢谢!!
吉姆
推荐答案
我终于找到了问题的答案.基本上就是这里所说的:
I've finally found the answer to my question. It's basically what was said here:
从客户端上的 SSLSocket 获取 SSLSession 并使用其 getProtocol() 方法.
Get the SSLSession from your SSLSocket on your client and use its getProtocol() method.
我能够使用 SSLSocket 上的 getSession() 方法获取 SSLSession,然后使用 SSLSession 的 getProtocol() 和 getCipherSuite() 方法获取我想要的信息.
I was able to use the getSession() method on the SSLSocket to get the SSLSession, and then used the getProtocol() and getCipherSuite() method of the SSLSession to get the info that I wanted.
吉姆
这篇关于如何从 Java SSLSocket 访问最终协商的协议和密码?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
