Tag: ssl certificate
Bing Azure搜索API
我正在尝试连接到Bing搜索API并且无法使代码生效。 我搜索了问题,找不到工作代码。 这是我的代码: import java.io.BufferedReader; import java.io.IOException; import java.io.InputStreamReader; import java.net.HttpURLConnection; import java.net.MalformedURLException; import java.net.URL; import org.apache.commons.codec.binary.Base64; public class BSearch{ public static void main(String[] args) { // TODO Auto-generated method stub //————————————–Bing search—————————— String searchText = “barack”; searchText = searchText.replaceAll(” “, “%20″); String accountKey=”MYACCOUNTKEY”; byte[] accountKeyBytes = Base64.encodeBase64((accountKey + “:” + accountKey).getBytes()); String accountKeyEnc = […]
IBM MQ8.0 – AMQ9503通道协商失败
在客户端通道(SVRCONN)启用SSL时,从Java客户端连接到IBM MQ8.0时出现问题。 在通道上禁用SSL(SSLAUTH为OPTIONAL)时,流程正常。 客户端是带有JRE1.7的java。 MQ服务器版本是IBM MQ8.0 创建自签名证书并根据MQ设置引用正确交换。 javax.net.debug = ssl选项cofirms在日志中证书交换和SSL握手成功。 但是当java客户端代码试图获取MQManager对象时,抛出MQ Exception。 com.ibm.mq.MQException: MQJE001: Completion code ‘2’, reason ‘2059’ … caused by: com.ibm.jmqi.JmqiException: CC=2;RC=2059;AMQ9204: Connection to host ‘1.2.3.4(1414)’ rejected. [1=com.ibm.jmqi.JmqiException[CC=2;RC=2059;AMQ9503: Channel negotiation failed. [3=CHANNEL.SVRCONN.SSL]],3=1.2.3.4(1414), 5=RemoteConnection.analyseSegment] … caused by: com.ibm.jmqi.JmqiException: CC=2;RC=2059;AMQ9503: Channel negotiation failed. [3=CHANNEL.SVRCONN.SSL] 我已将客户端和MQ客户端通道(SVRCONN)中的TLS_RSA_WITH_AES_256_CBC_SHA256配置为cipherspec。 尝试使用其他密码,如TLS_RSA_WITH_AES_128_CBC_SHA,错误保持不变。 MQ server error log has AMQ9665: SSL connection closed […]
错误:0c0890ba:ASN.1编码例程:asn1_check_tlen:WRONG_TAG
我正试图在我的截击请求中实现ssl支持(我也在SO中看到类似问题的答案,但它对我没有帮助) 在本文的帮助下,我将证书扩展名从.cer转换为.bks 根据这个SO答案我接下来做 mRequestQueue = Volley.newRequestQueue(this, hurlStack); private HurlStack hurlStack = new HurlStack() { @Override protected HttpURLConnection createConnection(URL url) throws IOException { HttpsURLConnection httpsURLConnection = (HttpsURLConnection) super.createConnection(url); try { httpsURLConnection.setSSLSocketFactory(getSSLSocketFactory()); httpsURLConnection.setHostnameVerifier(getHostnameVerifier()); } catch (Exception e) { AppUtils.printLog(Log.ERROR, TAG, e.getMessage()); } return httpsURLConnection; } }; private SSLSocketFactory getSSLSocketFactory() throws CertificateException, KeyStoreException, IOException, NoSuchAlgorithmException, KeyManagementException { CertificateFactory […]
如何以编程方式添加自签名证书以从java代码发出HTTPS请求?
以下代码片段是从HTTP URL获取JSon响应: private static void getJson(String location) { try { try { createSSLSocket(); URL url = new URL( “https://abc.com/key/one”); HttpURLConnection conn = (HttpURLConnection) url .openConnection(); conn.setRequestMethod(“GET”); conn.setRequestProperty(“Accept”, “application/json”); if (conn.getResponseCode() != 200) { throw new RuntimeException(“Failed : HTTP error code : ” + conn.getResponseCode()); } BufferedReader br = new BufferedReader(new InputStreamReader( (conn.getInputStream()))); String output; System.out.println(“Output […]
Java服务器自签名证书+客户端证书和SSL – 连接重置
(我已经问过类似的问题了 ,事实certificate我的客户端密钥没有被加载,但我只有一个例外,所以我发布了另一个问题。) 我正在连接到成功之前使用的Web服务,但现在他们已经更改了主机名并向我发送了两个.pem文件; 一个是CA,另一个是我的新客户证书。 (我正在使用Java 1.5,Spring + Spring Web Services和Apache httpclient,但我怀疑我的问题是证书,密钥和SSL本身。) 我已经导入了两个.pem文件,以及我从Firefox导出到我的cacerts的主机.crt。 但是,由于我遇到这个exception,我显然做错了什么: org.springframework.ws.client.WebServiceIOException: I/O error: Connection reset; nested exception is java.net.SocketException: Connection reset Caused by: java.net.SocketException: Connection reset at java.net.SocketInputStream.read(SocketInputStream.java:168) at com.sun.net.ssl.internal.ssl.InputRecord.readFully(InputRecord.java:284) at com.sun.net.ssl.internal.ssl.InputRecord.readV3Record(InputRecord.java:396) at com.sun.net.ssl.internal.ssl.InputRecord.read(InputRecord.java:348) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:720) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1025) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:619) at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59) at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65) at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123) at org.apache.commons.httpclient.methods.EntityEnclosingMethod.writeRequestBody(EntityEnclosingMethod.java:502) at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:1973) at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:993) […]
拆分ssl认证处理:
我想将认证处理分为Host,Peer,Both和None两类:两者 – validation对等认证和进行主机名validation无 – 通过对等和主机名对等 – 进行对等validation但不进行主机名validation主机 – 做主机名validation但不进行对等validation(特别适用于自签名证书) 目前的实施如下: static SSLSocketFactory getSSLSocketFactory(SslValidationType validationType) throws IOException, NoSuchAlgorithmException, CertificateException, KeyManagementException, KeyStoreException, UnrecoverableKeyException { // First, create a ‘current’ KeyStore that we can provide to the SSLSocketFactory // //File capath = new File(“/system/etc/security/cacert1s.bks”); //KeyStore trustStore = KeyStore.getInstance(“jks”); KeyStore trustStore = KeyStore.getInstance(getKeystoreProperty()); if (capath.exists() == true) { FileInputStream […]
C#客户端通过SSL连接到Java服务器
作为一个团队项目,我需要从C#客户端连接到Java 6.5 SSL服务器,但是当我到达stream.AuthenticateAsClient行时,它会挂起。 C#连接代码 public static void connect(string server, Int32 port) { try { client = new TcpClient(server, port); stream = new SslStream(client.GetStream(), false); stream.AuthenticateAsClient(“MyCNfield”); … … 如果我连接到像https://mail.google.com这样的东西并将MyCNfield设置为mail.google.com ,它可以正常工作,所以我认为它是Java方面。 Java Init部分是: public void initSSL() throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException, UnrecoverableKeyException, KeyManagementException { char[] passphrase = “scared”.toCharArray(); System.out.println(java.security.KeyStore.getDefaultType()); boolean handshakedone=false; KeyStore keystore1 = KeyStore.getInstance(“jks”); FileInputStream fis […]
Java和C#应用程序之间的SSL通信
我的目标是在Java服务器和用C#编写的客户端之间建立安全通信。 java服务器代码: System.setProperty(“javax.net.ssl.keyStore”,”cert/mySrvKeystore”); System.setProperty(“javax.net.ssl.keyStorePassword”,”myPassword”); SSLServerSocketFactory sslserversocketfactory = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault(); SSLServerSocket sslserversocket = = (SSLServerSocket) sslserversocketfactory.createServerSocket(2389); while(true) { System.err.println(“server w8 new connection”); try { SSLSocket sslsocket = (SSLSocket) sslserversocket.accept(); //sslsocket.startHandshake(); in = sslsocket.getInputStream(); out = sslsocket.getOutputStream(); out.flush(); String response = new String(receiveMessage()); while (response != “end”) { System.out.println(“Server recv=”+response); response = new String(receiveMessage()); sendMessage((“echo=”+response).getBytes()); } } […]
以编程方式在Java中添加受信任的证书
我使用SSL在用Java编写的两个组件之间进行通信。 我不能使用CA,所以我必须自我签名。 不幸的是,这意味着当我尝试握手时,我得到一个SunCertPathBuilderException。 我可以创建我自己的X509TrustManager,它只信任所有东西,但这种方式违背了签署证书的目的。 我想,在第一次建立连接时,提示用户“使用无效证书进行SSL握手。将证书添加到商店?” 或者某些东西,所以他们可以将它们添加到他们的证书商店,就像Web浏览器在具有无效证书的站点那样。 我可以在网上找到很多通过命令行向商店添加证书的例子,但我无法弄清楚如何以编程方式进行。 有没有办法做到这一点?
generateCertificate()时的CertificateException
我正在开发我的Android应用程序。 我试图从我的证书文件流生成X509Certificate实例,但获取CertificateException ,这是我的简单代码: import java.security.cert.CertificateException; import java.security.cert.CertificateFactory; import java.security.cert.X509Certificate; … public class CertMgr { //my certification file ‘mycert.p12’ located in my app internal storage File certFile = GET_CERT(); X509Certificate cert = null; try { FileInputStream fis = new FileInputStream(certFile); BufferedInputStream bis = new BufferedInputStream(fis); CertificateFactory cf = CertificateFactory.getInstance(“X.509”); if(bis.available() > 0){ //I got CertificateException here, […]
