62,635
社区成员
发帖
与我相关
我的任务
分享java搭建SSL服务器的问题
一段用java搭建SSL服务器的代码:
pushd %CD%
cd /d %~dp0
REM 1.Create key and certificate:
keytool -genkeypair -v -alias zhaohw7 -dname "cn=kortide.server, ou=Kortide, o=Kortide Cor, c=CHA, l=shanghai" -validity 365 -keypass 1234567 -keystore ..\data\server.keystore -storepass 1234567 -storetype BKS -providername "BC"
REM 2.Check the certifacate:
keytool -list -keystore ..\data\server.keystore -storepass 1234567 -storetype BKS
REM 3.Export it to a file as a certificate(serverCertificate.cer) and give the client to use it:
keytool -export -keystore ..\data\server.keystore -storepass 1234567 -storetype BKS -file ..\data\server.cer -alias zhaohw7
REM (optional)open the certificate(server.cer)
keytool -printcert -file ..\data\server.cer
REM ***.create a Server side policy file:
REM file name: ssl.policy
REM grant {
REM permission java.security.AllPermission;
REM }
REM @echo off
REM if not exist .\ssl.policy (
REM echo.grant {>ssl.policy
REM echo. permission java.security.AllPermission;>>ssl.policy
REM echo }>>ssl.policy
REM )
REM 4.server VM to do:
REM 1) Import the digital certificate to keystore base, and trust it;
REM 2) Use same keystore base as server side.
REM keytool -import -file ..\data\server.cer -alias alias-1 -storepass 1234567 -storetype BKS
REM 5.Compile and Run SSLNetworkServer
javac -d ..\bin\ ..\src\AndroidSSLServer2.java
java -classpath ..\bin\ -Djava.security.policy=..\data\ssl.policy -Djavax.net.ssl.trustStore=..\data\server.keystore AndroidSSLServer2
popd
pause
在执行到最后的语句:
java -classpath ..\bin\ -Djava.security.policy=..\data\ssl.policy -Djavax.net.ssl.trustStore=..\data\server.keystore AndroidSSLServer2
时,出现错误:
java.security.KeyStoreException: BKS not found
at java.security.KeyStore.getInstance(Unknown Source)
at AndroidSSLServer2.startServer(AndroidSSLServer2.java:222)
at AndroidSSLServer2.main(AndroidSSLServer2.java:89)
Caused by: java.security.NoSuchAlgorithmException: BKS KeyStore not available
at sun.security.jca.GetInstance.getInstance(Unknown Source)
at java.security.Security.getImpl(Unknown Source)
... 3 more
Server started at port: 6666
一开始认为是没有加入密码的缘故(因为在前面的语句中server.keystore是受密码1234567保护的),但是加上后“-Djavax.net.ssl.trustStorePassword=1234567”后,依然出现上述错误。
请诸位帮个忙!
pushd %CD%
cd /d %~dp0
REM 1.Create key and certificate:
keytool -genkeypair -v -alias zhaohw7 -dname "cn=kortide.server, ou=Kortide, o=Kortide Cor, c=CHA, l=shanghai" -validity 365 -keypass 1234567 -keystore ..\data\server.keystore -storepass 1234567 -storetype BKS -providername "BC"
REM 2.Check the certifacate:
keytool -list -keystore ..\data\server.keystore -storepass 1234567 -storetype BKS
REM 3.Export it to a file as a certificate(serverCertificate.cer) and give the client to use it:
keytool -export -keystore ..\data\server.keystore -storepass 1234567 -storetype BKS -file ..\data\server.cer -alias zhaohw7
REM (optional)open the certificate(server.cer)
keytool -printcert -file ..\data\server.cer
REM ***.create a Server side policy file:
REM file name: ssl.policy
REM grant {
REM permission java.security.AllPermission;
REM }
REM @echo off
REM if not exist .\ssl.policy (
REM echo.grant {>ssl.policy
REM echo. permission java.security.AllPermission;>>ssl.policy
REM echo }>>ssl.policy
REM )
REM 4.server VM to do:
REM 1) Import the digital certificate to keystore base, and trust it;
REM 2) Use same keystore base as server side.
REM keytool -import -file ..\data\server.cer -alias alias-1 -storepass 1234567 -storetype BKS
REM 5.Compile and Run SSLNetworkServer
javac -d ..\bin\ ..\src\AndroidSSLServer2.java
java -classpath ..\bin\ -Djava.security.policy=..\data\ssl.policy -Djavax.net.ssl.trustStore=..\data\server.keystore AndroidSSLServer2
popd
pause
在执行到最后的语句:
java -classpath ..\bin\ -Djava.security.policy=..\data\ssl.policy -Djavax.net.ssl.trustStore=..\data\server.keystore AndroidSSLServer2
时,出现错误:
java.security.KeyStoreException: BKS not found
at java.security.KeyStore.getInstance(Unknown Source)
at AndroidSSLServer2.startServer(AndroidSSLServer2.java:222)
at AndroidSSLServer2.main(AndroidSSLServer2.java:89)
Caused by: java.security.NoSuchAlgorithmException: BKS KeyStore not available
at sun.security.jca.GetInstance.getInstance(Unknown Source)
at java.security.Security.getImpl(Unknown Source)
... 3 more
Server started at port: 6666
一开始认为是没有加入密码的缘故(因为在前面的语句中server.keystore是受密码1234567保护的),但是加上后“-Djavax.net.ssl.trustStorePassword=1234567”后,依然出现上述错误。
请诸位帮个忙!
...全文
请发表友善的回复…
发表回复
大龙猫008 2011-08-15
- 打赏
- 举报
问题自己解决了,是provider的问题。
"security.provider.1=org.bouncycastle.jce.provider.BouncyCastleProvider”这句话应该在两个地方添加:一个地方是jdk\jre\lib\security\java.security文件中;另一个是java\jre6\lib\security\java.security文件中。
我只对第一个文件作了修改,把第二个文件给忘了,呵呵。
楼上的那位哥: 你的方案不鞥解决这个问题,加上之后还是包同样的error? 请教?
"security.provider.1=org.bouncycastle.jce.provider.BouncyCastleProvider”这句话应该在两个地方添加:一个地方是jdk\jre\lib\security\java.security文件中;另一个是java\jre6\lib\security\java.security文件中。
我只对第一个文件作了修改,把第二个文件给忘了,呵呵。
楼上的那位哥: 你的方案不鞥解决这个问题,加上之后还是包同样的error? 请教?
君望永远 2011-05-06
- 打赏
- 举报
我博客里有 LZ自己看吧
soli11722984 2011-05-06
- 打赏
- 举报
LZ教我安全方面知识吧,偶想学,不知怎么入手
zhwind 2011-05-06
- 打赏
- 举报
问题自己解决了,是provider的问题。
"security.provider.1=org.bouncycastle.jce.provider.BouncyCastleProvider”这句话应该在两个地方添加:一个地方是jdk\jre\lib\security\java.security文件中;另一个是java\jre6\lib\security\java.security文件中。
我只对第一个文件作了修改,把第二个文件给忘了,呵呵。
"security.provider.1=org.bouncycastle.jce.provider.BouncyCastleProvider”这句话应该在两个地方添加:一个地方是jdk\jre\lib\security\java.security文件中;另一个是java\jre6\lib\security\java.security文件中。
我只对第一个文件作了修改,把第二个文件给忘了,呵呵。
