SSL套接字php代码需要转换为Java

您将需要在类路径中使用Bouncy Castle 。

 PEMReader pr = new PEMReader(new FileReader("cert.pem")); X509Certificate cert = (X509Certificate) pr.readObject(); PEMReader kr = new PEMReader(new FileReader("privkey.pem"), new PasswordFinder() { public char[] getPassword() { return "passphase".toCharArray(); } }); KeyPair key = (KeyPair) kr.readObject(); KeyStore ksKeys = KeyStore.getInstance("JKS"); ksKeys.load(null, "passphase".toCharArray()); ksKeys.setCertificateEntry("MyCert", cert); ksKeys.setKeyEntry("Mykey", key.getPrivate(), "passphase".toCharArray(), new Certificate[]{cert}); KeyManagerFactory kmf = KeyManagerFactory.getInstance( KeyManagerFactory.getDefaultAlgorithm()); kmf.init(ksKeys, "passphase".toCharArray()); TrustManagerFactory tmf = TrustManagerFactory.getInstance( TrustManagerFactory.getDefaultAlgorithm()); tmf.init(ksKeys); SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null); Socket socket = sslContext.getSocketFactory().createSocket( "localhost", 4433); BufferedReader in = new BufferedReader(new InputStreamReader( socket.getInputStream())); PrintWriter out = new PrintWriter(new OutputStreamWriter( socket.getOutputStream())); out.println("Hello World"); System.out.println(in.readLine()); out.close(); in.close(); 

如果你运行openssl s_server -Verify cert.pem -cert cert.pem -key privkey.pem ，它应该显示：

 depth=0 /C=AU/ST=Some-State/O=Internet Widgits Pty Ltd verify error:num=18:self signed certificate verify return:1 depth=0 /C=AU/ST=Some-State/O=Internet Widgits Pty Ltd verify return:1 Hello World DONE shutting down SSL CONNECTION CLOSED ACCEPT