如何保护客户端/服务器套接字通信 [英] How to secure a client/ server socket communication

问题描述

假设客户端和服务器应用程序在不同的计算机上运行

Assume that client and server apps are running on different machine

今天：

// Server will receive the request and cast it as needed
ProxyResponse message = (ProxyResponse) objStream.readObject();

// Update message with some content
...

// Sent it back to client
ObjectOutputStream oos = new ObjectOutputStream(toClient);
oos.writeObject(message);

我想进一步加强这一点，以确保发出的数据以某种方式受到保护。您如何推荐我接近这个？

I'd like to further enhance this to make sure data sent out is somehow protected. How would you recommend i approach this?

我正在寻找一个例子，说明客户端和服务器之间传递的数据如何在两端加密和解密并通过SSL发送。

I am looking for an example of how data passed between client an server be encrypted and decrypted on both ends and sent over an SSL.

推荐答案

JDK 提供了一个SSL套接字实现，似乎是一个合适的起点。它很容易使用。

The JDK provides an SSL socket implementation that seems an appropriate place to start. It's straightforward to use.

最初，你可能有这样的代码：

Originally, you probably have code like this:

final SocketFactory factory = SocketFactory.getDefault();
final Socket socket = factory.createSocket(host, port);

您只需更改工厂：

final SocketFactory factory = SSLSocketFactory.getDefault();
final Socket socket = factory.createSocket(host, port);

ServerSocketFactory 也是如此。

这篇关于如何保护客户端/服务器套接字通信的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！