Java 和 SSL - java.security.NoSuchAlgorithmException [英] Java and SSL - java.security.NoSuchAlgorithmException
问题描述
我已经构建了一个 Java 程序作为服务器上数据库的前端,并且我正在尝试使用 SSL 来加密客户端和服务器之间的流量.这是我为创建服务器证书而发出的命令:
I've built a Java program as a front end for a database on a server, and I'm trying to use SSL to encrypt traffic between clients and the server. Here is the command I issued to create the server certificate:
keytool -genkey -alias localhost -keyalg RSA -keypass kpass123 -storepass kpass123 -keystore keystore.jks
相关代码如下:
System.setProperty("javax.net.ssl.keyStore",
"G:/Data/Android_Project/keystore.jks");
System.setProperty("javax.net.ssl.keyPassword", "kpass123");
SSLServerSocketFactory factory =
(SSLServerSocketFactory)SSLServerSocketFactory.getDefault();
SSLServerSocket accessSocket =
(SSLServerSocket)factory.createServerSocket(DB_ACCESS_PORT);
当我尝试运行它时,我发现了:
When I try to run this, I catch this:
java.security.NoSuchAlgorithmException:构建实现时出错(算法:默认,提供者:SunJSSE,类:com.sun.net.ssl.internal.ssl.DefaultSSLContextImpl)
java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: Default, provider: SunJSSE, class: com.sun.net.ssl.internal.ssl.DefaultSSLContextImpl)
我还发现KeyPairGenerator"服务有可用的算法 DIFFIEHELLMAN、DSA、RSA,而SSLContext"有算法 SSL、TLS、SSLV3、DEFAULT、TLSV1.
I've also found that the "KeyPairGenerator" service has algorithms DIFFIEHELLMAN, DSA, RSA available to it, while "SSLContext" has algorithms SSL, TLS, SSLV3, DEFAULT, TLSV1.
我是否需要找到某种方式将 RSA 安装到 SSLContext 服务中?我什至在看正确的服务吗?我不应该使用 RSA 吗?
Do I need to find some way to install RSA into the SSLContext service? Am I even looking at the correct services? Should I not be using RSA?
我对 SSL - 安全 - 证书这件事还不熟悉,当这些不同的服务应该访问相同的证书时,它们中的每一个都没有相同的算法,这让我大吃一惊.
I'm new to the whole SSL - Security - Certificates thing, and it just blows me away that each of these different services don't have the same algorithms when they are supposed to be accessing the same certificates.
推荐答案
Try javax.net.ssl.keyStorePassword 而不是 javax.net.ssl.keyPassword:JSSE ref 中没有提到后者指南.
Try javax.net.ssl.keyStorePassword instead of javax.net.ssl.keyPassword: the latter isn't mentioned in the JSSE ref guide.
您提到的算法应该使用默认安全提供程序默认存在.NoSuchAlgorithmException 通常是由其他底层异常(未找到文件、错误密码、错误密钥库类型等)引起的.查看完整的堆栈跟踪很有用.
The algorithms you mention should be there by default using the default security providers. NoSuchAlgorithmExceptions are often cause by other underlying exceptions (file not found, wrong password, wrong keystore type, ...). It's useful to look at the full stack trace.
您也可以使用 -Djavax.net.debug=ssl,或者至少使用 -Djavax.net.debug=ssl,keymanager,来获取更多调试信息,如果堆栈跟踪中的信息不足.
You could also use -Djavax.net.debug=ssl, or at least -Djavax.net.debug=ssl,keymanager, to get more debugging information, if the information in the stack trace isn't sufficient.
这篇关于Java 和 SSL - java.security.NoSuchAlgorithmException的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
