SSL Java java.io.IOException:无效的密钥库格式
我在java中使用SSLServerSocket和java.ssl包中的其他类测试SSL。 当我运行以下代码时,我得到exceptionjava.io.IOException:无效的密钥库格式。 我的代码:
package testing; import java.io.BufferedReader; import java.io.FileInputStream; import java.io.InputStream; import java.io.InputStreamReader; import java.io.PrintWriter; import java.net.Socket; import java.security.KeyStore; import javax.net.ServerSocketFactory; import javax.net.ssl.KeyManagerFactory; import javax.net.ssl.SSLContext; import javax.net.ssl.SSLServerSocket; import javax.net.ssl.TrustManager; public class SSLServerTest { public static void main(String[] args) { try { int port = 3000; SSLContext sc = SSLContext.getInstance("TLSv1.2"); KeyStore ks = KeyStore.getInstance("JKS"); InputStream ksIs = new FileInputStream("key.txt"); try { ks.load(ksIs, "Bennett556".toCharArray()); } finally { if (ksIs != null) { ksIs.close(); } } KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509"); kmf.init(ks, "Bennett556".toCharArray()); sc.init(kmf.getKeyManagers(), new TrustManager[] {}, null); ServerSocketFactory ssocketFactory = sc.getServerSocketFactory(); SSLServerSocket ssocket = (SSLServerSocket) ssocketFactory .createServerSocket(port); ssocket.setEnabledProtocols(new String[] { "SSLv3" }); Socket socket = ssocket.accept(); BufferedReader in = new BufferedReader(new InputStreamReader( socket.getInputStream())); PrintWriter out = new PrintWriter(socket.getOutputStream()); out.println("Hello, Securly!"); out.close(); in.close(); out.close(); } catch (Exception e) { e.printStackTrace(); } } }
文件key.txt:1268312345812304612348712634283427346我猜我应该在key.txt文件中添加其他内容,但我不知道该放入什么内容。 可能是一个被玷污的物体。
编辑:客户代码:
package testing; import java.io.BufferedReader; import java.io.FileInputStream; import java.io.InputStream; import java.io.InputStreamReader; import java.security.KeyStore; import javax.net.SocketFactory; import javax.net.ssl.KeyManagerFactory; import javax.net.ssl.SSLContext; import javax.net.ssl.SSLSocket; import javax.net.ssl.TrustManager; public class SSLClientTest { public static void main(String[] args) { int port = 3000; String host = "localhost"; try { SSLContext sc = SSLContext.getInstance("TLSv1.2"); KeyStore ks = KeyStore.getInstance("JKS"); InputStream ksIs = new FileInputStream("key.txt"); try { ks.load(ksIs, "Bennett556".toCharArray()); } finally { if (ksIs != null) { ksIs.close(); } } KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509"); kmf.init(ks, "Bennett556".toCharArray()); sc.init(kmf.getKeyManagers(), new TrustManager[] {}, null); SocketFactory factory = sc.getSocketFactory(); SSLSocket socket = (SSLSocket) factory.createSocket(host, port); socket.startHandshake(); BufferedReader in = new BufferedReader(new InputStreamReader( socket.getInputStream())); String str = ""; while ((str = in.readLine()) != null) System.out.println(str); in.close(); socket.close(); } catch (Exception e) { e.printStackTrace(); } } }
您的文件无效。 您必须导入JKS密钥库文件而不是txt密钥库文件。 您必须使用keytool创建密钥库文件,然后导入此文件。
使用以下代码load keystore
时,我遇到了同样的问题:
KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType()); Resource resource = new ClassPathResource(file); trustStore.load(resource.getInputStream(), password.toCharArray());
它原来是JDK问题,它不适用于jre1.8.0_25
。 当我将JDK版本升级到最新的jre1.8.0_121
,它可以工作。
我看到了这个例外:
密钥库格式无效
在CentOS 6.6 64位Linux上使用JRE-1.8.0_40运行java应用程序时。
在使用JRE-1.8.0_172时,exception消失了。