HTTPS を使用して相互ハンドシェイクを完了しようとすると、次の問題に直面しています。
main, READ: TLSv1.2 Handshake, length = 30
*** CertificateRequest
Cert Types: RSA, DSS, ECDSA
Supported Signature Algorithms: SHA1withRSA, SHA1withDSA, SHA1withECDSA, SHA256withRSA, Unknown (hash:0x4, signature:0x2), SHA256withECDSA, SHA384withRSA, Unknown (hash:0x5, signature:0x2), SHA384withECDSA
Cert Authorities:
<Empty>
main, READ: TLSv1.2 Handshake, length = 4
*** ServerHelloDone
Warning: no suitable certificate found - continuing without client authentication
*** Certificate chain
<Empty>
私のJAVAクラスは次のとおりです
public class ClientCustomSSL {
@SuppressWarnings("deprecation")
public final static void main(String[] args) throws Exception {
// Trust own CA and all self-signed certs
final String CLIENT_KEYSTORE = "yourkeystore.jks";
final String CLIENT_TRUSTSTORE = "catruststore.jks";
final char[] KEYPASS_AND_STOREPASS_VALUE = "Hello1".toCharArray();
System.setProperty("https.protocols", "TLSv1");
//SSLContext sslcontext = SSLContexts.custom().loadKeyMaterial(keystore, keyPassword)(YK,"Hello1".toCharArray(),"Hello1".toCharArray()).loadTrustMaterial(CA, "Hello1".toCharArray(), (TrustStrategy) new TrustSelfSignedStrategy()).build();
KeyStore clientTrustStore = getStore(CLIENT_TRUSTSTORE, KEYPASS_AND_STOREPASS_VALUE);
KeyStore clientKeyStore = getStore(CLIENT_KEYSTORE, KEYPASS_AND_STOREPASS_VALUE);
SSLContext sslContext = SSLContexts.custom().loadKeyMaterial(clientKeyStore, "Hello1".toCharArray()).loadTrustMaterial(clientTrustStore,(TrustStrategy) new TrustSelfSignedStrategy()).build();
CloseableHttpClient httpclient = HttpClients.custom().setSSLContext(sslContext).build();
System.out.println("SSLCONETXT **** " + sslContext.getProvider());
try {
HttpGet httpget = new HttpGet("https://myserver:10220");
CloseableHttpResponse response = httpclient.execute(httpget);
try {
System.out.println("Inside TRY blcok");
HttpEntity entity = response.getEntity();
System.out.println("----------------------------------------");
System.out.println(response.getStatusLine());
EntityUtils.consume(entity);
} catch (Exception e) {
e.getMessage();
e.printStackTrace();
}
finally {
response.close();
}
} finally {
httpclient.close();
}
}
public static KeyStore getStore(final String storeFileName, final char[] password) throws KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException
{
final String JAVA_KEYSTORE = "jks";
final KeyStore store = KeyStore.getInstance(JAVA_KEYSTORE);
URL url = ClientCustomSSL.class.getClassLoader().getResource(storeFileName);
String workingDir = System.getProperty("user.dir");
System.out.println("Current working directory : " + workingDir);
System.out.println("Value of URL *** " + url);
InputStream inputStream = url.openStream();
try {
store.load(inputStream, password);
} finally {
inputStream.close();
}
return store;
}
}
私はjarファイルを準備し、UNIXボックスからこれをテストしています
次のコマンドを使用 java -Djavax.net.debug=ssl -cp snSSLclientTrustWithStoreCCC.jar cassandra.cass.ClientCustomSSL
SSL ハンドシェイク中にJavaがクライアント証明書を送信しないのはなぜですか? また、ブルーノが言及したすべての手順を完了しました。
ここで何が欠けているのかわかりません。どんな助けでも大歓迎です