SSL Verbindung
Added by Heslacher 4 months ago
Hallo,
ich bin gerade in den letzten Zügen der Fertigstellung meines Projektes. Nun hat sich allerdings doch noch ein Problem aufgetan, bei dem ich nicht so genau weiß wie ich es lösen kann/soll.
Folgende Ausgangssituation:
Dem Kunde wird auf einem Webserver ein JavaFX Applet zur Verfügung gestellt. Dieses Applet verbindet sich mit einem Server mittels Simon ( Version 1.1.0 ).
Soweit so gut, das funktioniert auch alles.
Dies soll nun aber auch mittels SSL funktionieren. Auf der Serverseite habe ich damit auch kein Problem, aber auf der Client Seite. Der Client hat ja (im Normalfall )kein keystore file.
Nun die Frage:
Wie kann ich eine SSL Verbindung zum Simon Server erstellen, ohne dass ein keystore file existiert ?
Replies (11)
RE: SSL Verbindung - Added by achristian 4 months ago
In dem Fall musst du selbst eine SslContextFactory implementieren und schauen dass du das Zertifikat anderswie reinbekommst. Kannst ja hier ein wenig spicken: http://dev.root1.de/projects/simon/repository/entry/trunk/src/main/java/de/root1/simon/ssl/DefaultSslContextFactory.java
RE: SSL Verbindung - Added by Heslacher 4 months ago
Da habe ich selbstverständlich schon gespickt ;-)
Die Frage ist ja genau, wie bekomme ich das Zertifikat in den Keystore, bzw. wenn es ein Zertifikat von einer Certificate Authority muss dieses dann auch in den Keystore oder wie geht man damit um.
Wenn ich eine FTPS verbindung aufbaue und das Zertifikat von einer Certificate Authority kommt, dann muss ich das Zertifikat ja auch nicht erst importieren.
RE: SSL Verbindung - Added by achristian 4 months ago
Bin nicht wirklich der SSL Experte. Aber alles was MINA (die verwendete Netzwerk-Library) benötigt, ist ein passender "SSLContext". Bin mir fast sicher, dass man den auch ohne KeyStore erzeugen kann. Wird mit sicherheit aufwendiger sein, aber möglich sollte es doch sein.
Hab selbst google diesbezüglich noch nicht gefragt. Aber ich werde google gleich mal mit "How to create SSLContext without keystore" füttern.
- Alex
RE: SSL Verbindung - Added by achristian 4 months ago
Was mir gerade so noch einfällt, aber ein wenig "quick'n'dirty" wirkt:
Du kannst den Keystore auch als File zu deinen Packages legen, und den FileInputStream dann nicht vom FileSystem, sondern mit getClass.getResourceAsStream(...) holen.
SSL scheint ein recht komplexes Thema zu sein wenn um Java geht...
Einfach zu lesende Doku gibts hierzu irgendwie recht wenig bis gar nicht.
- Alex
RE: SSL Verbindung - Added by Heslacher 4 months ago
Das bezüglich der Doku ist mir leider auch schon aufgefallen :-(
Ich muss jetzt leider nach Hause, sonst bekomm ich Ärger mit Frau und Kind. Ich schaue heute Abend nochmal rein.
RE: SSL Verbindung - Added by achristian 4 months ago
Das könnte dir weiter helfen: http://www.mombu.com/programming/java/t-ssl-for-java-without-keystores-1366416.html
RE: SSL Verbindung - Added by Heslacher 4 months ago
Hallo Alex,
diesen Link hatte ich auch kurz vorher gefunden, das schien mir aber nicht ganz zu passen.
Allerdings habe ich in der Zwischenzeit auch etwas ausgearbeitet und will Dich natürlich an meinem geistigen Erguß teilhaben lassen ;-)
Allerdings ist dies mit Simon noch ungetestet.
Klasse SpecialSslContextFactory
1import java.io.FileInputStream;
2import java.io.IOException;
3
4import java.security.KeyManagementException;
5import java.security.KeyStore;
6import java.security.KeyStoreException;
7import java.security.NoSuchAlgorithmException;
8import java.security.SecureRandom;
9import java.security.UnrecoverableKeyException;
10import java.security.cert.CertificateException;
11
12import java.util.logging.Level;
13import java.util.logging.Logger;
14
15import javax.net.ssl.KeyManager;
16import javax.net.ssl.KeyManagerFactory;
17import javax.net.ssl.SSLContext;
18import javax.net.ssl.TrustManager;
19import javax.net.ssl.X509TrustManager;
20
21/**
22 *
23 * @author inFLOWmation
24 */
25public class SpecialSslContextFactory implements SslContextFactory {
26
27 private SSLContext sslcontext = null;
28
29 public SpecialSslContextFactory()
30 throws NoSuchAlgorithmException, KeyManagementException {
31
32 initilizeSSLContext((KeyManager[]) null, null, null);
33
34 }
35
36 public SpecialSslContextFactory(KeyStore keyStore, String keyStorePass)
37 throws NoSuchAlgorithmException, KeyManagementException {
38
39 X509TrustManager customX509TrustManager = new CustomX509TrustManager(keyStore);
40 initilizeSSLContext(getKeyManagerFactory(keyStore, keyStorePass), new TrustManager[]{customX509TrustManager}, null);
41
42 }
43
44 public SpecialSslContextFactory(String pathToKeystore, String keyStorePass)
45 throws NoSuchAlgorithmException, KeyManagementException {
46
47 KeyStore keyStore = getKeyStore(pathToKeystore, keyStorePass);
48
49 X509TrustManager customX509TrustManager = new CustomX509TrustManager(keyStore);
50
51 initilizeSSLContext(getKeyManagerFactory(keyStore, keyStorePass), new TrustManager[]{customX509TrustManager}, null);
52
53 }
54
55 public SpecialSslContextFactory(String nameOfTheRessource)
56 throws NoSuchAlgorithmException, KeyManagementException {
57
58 X509TrustManager customX509TrustManager = new CustomX509TrustManager(nameOfTheRessource);
59 initilizeSSLContext(new TrustManager[]{customX509TrustManager});
60
61 }
62
63 private void initilizeSSLContext(TrustManager[] trustManagers)
64 throws NoSuchAlgorithmException, KeyManagementException {
65
66 initilizeSSLContext((KeyManager[]) null, trustManagers, null);
67
68 }
69
70 private void initilizeSSLContext(KeyManagerFactory keyManagerFactory,
71 TrustManager[] trustManagers, SecureRandom secureRandom)
72 throws NoSuchAlgorithmException, KeyManagementException {
73
74 initilizeSSLContext(keyManagerFactory.getKeyManagers(), trustManagers, secureRandom);
75
76 }
77
78 private void initilizeSSLContext(KeyManager[] keyManagers,
79 TrustManager[] trustManagers, SecureRandom secureRandom)
80 throws NoSuchAlgorithmException, KeyManagementException {
81
82 sslcontext = SSLContext.getInstance("TLS");
83 sslcontext.init(keyManagers, trustManagers, secureRandom);
84
85 }
86
87 private KeyStore getKeyStore(String keyStorePath, String keyStorePass) {
88 KeyStore RV = null;
89 try {
90 RV = KeyStore.getInstance(KeyStore.getDefaultType());
91 RV.load(new FileInputStream(keyStorePath), keyStorePass.toCharArray());
92 } catch (IOException ex) {
93 Logger.getLogger(SpecialSslContextFactory.class.getName()).log(Level.SEVERE, null, ex);
94 } catch (NoSuchAlgorithmException ex) {
95 Logger.getLogger(SpecialSslContextFactory.class.getName()).log(Level.SEVERE, null, ex);
96 } catch (CertificateException ex) {
97 Logger.getLogger(SpecialSslContextFactory.class.getName()).log(Level.SEVERE, null, ex);
98 } catch (KeyStoreException ex) {
99 Logger.getLogger(SpecialSslContextFactory.class.getName()).log(Level.SEVERE, null, ex);
100 }
101 return RV;
102 }
103
104 private KeyManagerFactory getKeyManagerFactory(KeyStore keyStore,
105 String keyStorePass) {
106
107 KeyManagerFactory RV = null;
108
109 if (keyStore != null && keyStorePass != null) {
110
111 try {
112 RV = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
113 RV.init(keyStore, keyStorePass.toCharArray());
114 } catch (KeyStoreException ex) {
115 Logger.getLogger(SpecialSslContextFactory.class.getName()).log(Level.SEVERE, null, ex);
116 } catch (UnrecoverableKeyException ex) {
117 Logger.getLogger(SpecialSslContextFactory.class.getName()).log(Level.SEVERE, null, ex);
118 } catch (NoSuchAlgorithmException ex) {
119 Logger.getLogger(SpecialSslContextFactory.class.getName()).log(Level.SEVERE, null, ex);
120 }
121
122 }
123
124 return RV;
125 }
126
127 public SSLContext getSslContext() {
128 return sslcontext;
129 }
130}
Klasse CustomX509TrustManager
1import java.io.IOException;
2import java.io.InputStream;
3
4import java.util.Arrays;
5import java.util.logging.Level;
6import java.util.logging.Logger;
7
8import javax.net.ssl.TrustManager;
9import javax.net.ssl.TrustManagerFactory;
10import javax.net.ssl.X509TrustManager;
11
12import java.security.NoSuchAlgorithmException;
13import java.security.KeyStore;
14import java.security.KeyStoreException;
15import java.security.cert.CertificateException;
16import java.security.cert.X509Certificate;
17
18public class CustomX509TrustManager implements X509TrustManager {
19
20 private byte[] referenceCertificateByteArray = null;
21 private X509TrustManager defaultTrustManager = null;
22
23 public CustomX509TrustManager(String nameOfTheRessource) {
24 this();
25 try {
26 InitReferenceCertificateByteArray(nameOfTheRessource);
27 } catch (IOException ex) {
28 Logger.getLogger(CustomX509TrustManager.class.getName()).log(Level.SEVERE, null, ex);
29 }
30 }
31
32 private void InitReferenceCertificateByteArray(String nameOfTheRessource) throws IOException {
33 InputStream theInputStream = this.getClass().getResourceAsStream(nameOfTheRessource);
34 try {
35 referenceCertificateByteArray = new byte[theInputStream.available()];
36 theInputStream.read(referenceCertificateByteArray);
37 } catch (IOException ex) {
38 Logger.getLogger(Main.class.getName()).log(Level.SEVERE, null, ex);
39 } finally {
40 if (theInputStream != null) {
41 theInputStream.close();
42 }
43 }
44 }
45
46 public CustomX509TrustManager() {
47 defaultTrustManager = getDefaultTrustManager((KeyStore)null);
48 }
49 public CustomX509TrustManager(KeyStore keystore) {
50 defaultTrustManager = getDefaultTrustManager(keystore);
51 }
52 private X509TrustManager getDefaultTrustManager(KeyStore keystore) {
53
54 X509TrustManager ReturnValue = null;
55 try {
56
57 TrustManagerFactory trustmanagerfactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
58
59 trustmanagerfactory.init((KeyStore) keystore);
60 TrustManager[] trustmanagers = trustmanagerfactory.getTrustManagers();
61 if (trustmanagers.length != 0) {
62 ReturnValue = (X509TrustManager) trustmanagerfactory.getTrustManagers()[0];
63 }
64
65 } catch (NoSuchAlgorithmException ex) {
66 Logger.getLogger(CustomX509TrustManager.class.getName()).log(Level.SEVERE, null, ex);
67 } catch (KeyStoreException ex) {
68 Logger.getLogger(CustomX509TrustManager.class.getName()).log(Level.SEVERE, null, ex);
69 }
70 return ReturnValue;
71 }
72
73 public void checkClientTrusted(X509Certificate[] xcs, String string) throws CertificateException {
74 }
75
76 public void checkServerTrusted(X509Certificate[] xcs, String string) throws CertificateException {
77 X509Certificate[] X509Certificates = xcs;
78 boolean Success = false;
79
80 for (X509Certificate x509certificate : X509Certificates) {
81 Success = Arrays.equals(x509certificate.getEncoded(), referenceCertificateByteArray);
82 if (Success) {
83 break;
84 }
85 }
86
87 if (!Success) {
88 this.defaultTrustManager.checkServerTrusted(xcs, string);
89 }
90
91 }
92
93 public X509Certificate[] getAcceptedIssuers() {
94 return null;
95 }
96}
Ich werde es morgen mit Simon testen und gebe Dir dann auch Bescheid, ob es erfolgreich verlaufen ist.
Gruß
Hannes
RE: SSL Verbindung - Added by achristian 4 months ago
Sieht vielversprechend aus. Kanns heute leider nicht selbst testen. Bin deshalb gespannt auf dein Test-Ergebnis.
RE: SSL Verbindung - Added by Heslacher 4 months ago
Hallo Alex,
also, es funktioniert. Ich werde diese oder nächste Woche wenn es mir zeitlich reicht die veränderten Klassen hier posten.
Gruß Hannes
RE: SSL Verbindung - Added by Heslacher 4 months ago
So, da bin ich wieder.
Zuerst einmal, was man immer beachten muss, sowohl bei meiner Lösung als auch wenn die SslContextFactory aus dem de.root1.simon.ssl Namespace/package benutzt wird:
Es muss sowohl beim Server als auch beim Client beim Import der Certifikate darauf geachtet werden, dass kein Alias außer dem default Alias mykey verwendet wird.
So und nun die zwei Klassen.
Klasse CustomX509TrustManager
1import java.io.IOException;
2import java.io.InputStream;
3
4import java.security.InvalidKeyException;
5import java.security.NoSuchProviderException;
6import java.security.SignatureException;
7
8import java.util.logging.Level;
9import java.util.logging.Logger;
10
11import javax.net.ssl.TrustManager;
12import javax.net.ssl.TrustManagerFactory;
13import javax.net.ssl.X509TrustManager;
14
15import java.security.NoSuchAlgorithmException;
16import java.security.KeyStore;
17import java.security.KeyStoreException;
18import java.security.cert.CertificateException;
19import java.security.cert.CertificateFactory;
20import java.security.cert.X509Certificate;
21
22/**
23 *
24 * @author inFLOWmation
25 */
26
27public class CustomX509TrustManager implements X509TrustManager {
28
29 private X509TrustManager defaultTrustManager = null;
30 private CertificateFactory certificatefactory = null;
31 private X509Certificate x509certificate = null;
32
33 /**
34 *
35 * @param nameOfTheRessource
36 * the name including the path of the certificate inside the jar
37 *
38 * @throws IOException
39 * -if an I/O error occurs
40 *
41 * @throws CertificateException
42 * -if the Ressource does not contain a valid DER encoded
43 * (either binary or Base64 encoded)
44 * -if the requested certificate type is not available in the default provider
45 * package or any of the other provider packages that were searched
46 */
47 public CustomX509TrustManager(String nameOfTheRessource) throws CertificateException, IOException {
48 this();
49
50 certificatefactory = CertificateFactory.getInstance("X.509");
51
52 InputStream theInputStream = this.getClass().getResourceAsStream(nameOfTheRessource);
53 x509certificate = (X509Certificate) certificatefactory.generateCertificate(theInputStream);
54
55 if (theInputStream != null) {
56 theInputStream.close();
57 }
58
59 }
60
61 /**
62 * the default Constructor indicates that a certificate by a trusted
63 * Certificate Authority is used
64 */
65 public CustomX509TrustManager() {
66 this((KeyStore) null);
67 }
68
69 /**
70 *
71 * @param keystore
72 */
73 public CustomX509TrustManager(KeyStore keystore) {
74 defaultTrustManager = getDefaultTrustManager(keystore);
75 }
76
77 private X509TrustManager getDefaultTrustManager(KeyStore keystore) {
78
79 X509TrustManager ReturnValue = null;
80
81 TrustManagerFactory trustmanagerfactory = null;
82
83 try {
84
85 trustmanagerfactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
86 trustmanagerfactory.init((KeyStore) keystore);
87
88 TrustManager[] trustmanagers = trustmanagerfactory.getTrustManagers();
89
90 if (trustmanagers.length != 0) {
91 ReturnValue = (X509TrustManager) trustmanagerfactory.getTrustManagers()[0];
92 }
93
94 } catch (NoSuchAlgorithmException ex) {
95 Logger.getLogger(CustomX509TrustManager.class.getName()).log(Level.SEVERE, null, ex);
96 } catch (KeyStoreException ex) {
97 Logger.getLogger(CustomX509TrustManager.class.getName()).log(Level.SEVERE, null, ex);
98 }
99 return ReturnValue;
100 }
101
102 public void checkClientTrusted(X509Certificate[] xcs, String string) throws CertificateException {
103 }
104
105 public void checkServerTrusted(X509Certificate[] xcs, String string) throws CertificateException {
106
107 if ((x509certificate == null) || (!internalCheckServerTrusted(xcs))) {
108 this.defaultTrustManager.checkServerTrusted(xcs, string);
109 }
110
111 }
112
113 private Boolean internalCheckServerTrusted(X509Certificate[] xcs) {
114
115 boolean ReturnValue = false;
116
117 for (X509Certificate cert : xcs) {
118 try {
119 cert.verify(x509certificate.getPublicKey());
120 ReturnValue = true;
121 break;
122 } catch (CertificateException ex) {
123 } catch (NoSuchAlgorithmException ex) {
124 } catch (InvalidKeyException ex) {
125 } catch (NoSuchProviderException ex) {
126 } catch (SignatureException ex) {
127 }
128 }
129
130 return ReturnValue;
131 }
132
133 public X509Certificate[] getAcceptedIssuers() {
134 return null;
135 }
136}
Klasse SpecialSslContextFactory
1import de.root1.simon.ssl.SslContextFactory;
2
3import java.io.FileInputStream;
4import java.io.IOException;
5
6import java.security.KeyManagementException;
7import java.security.KeyStore;
8import java.security.KeyStoreException;
9import java.security.NoSuchAlgorithmException;
10import java.security.SecureRandom;
11import java.security.UnrecoverableKeyException;
12
13import java.security.cert.CertificateException;
14
15import java.util.logging.Level;
16import java.util.logging.Logger;
17
18import javax.net.ssl.KeyManager;
19import javax.net.ssl.KeyManagerFactory;
20import javax.net.ssl.SSLContext;
21import javax.net.ssl.TrustManager;
22
23/**
24 *
25 * @author inFLOWmation
26 */
27public class SpecialSslContextFactory implements SslContextFactory {
28
29 private SSLContext sslContext = null;
30 private TrustManager[] trustManagers = null;
31 private KeyManager[] keymanagers = null;
32
33 /**
34 * assumes that the Certificate from the Server is from a
35 * trusted Certificate Authority
36 *
37 * @throws NoSuchAlgorithmException
38 * - if the specified protocol is not available in the
39 * default provider package or any of the other
40 * provider packages that were searched
41 *
42 * @throws KeyManagementException
43 * - if the initialization of the SSLContext failed
44 *
45 */
46 public SpecialSslContextFactory()
47 throws NoSuchAlgorithmException, KeyManagementException {
48
49 trustManagers = new TrustManager[]{new CustomX509TrustManager()};
50
51 initilizeSSLContext(null, trustManagers, null);
52
53 }
54
55 /**
56 *
57 * @param keyStore
58 * the Key
59 * @param keyStorePass
60 *
61 * @throws NoSuchAlgorithmException
62 * - if the specified protocol is not available in the
63 * default provider package or any of the other
64 * provider packages that were searched
65 *
66 * @throws KeyManagementException
67 * - if the initialization of the SSLContext failed
68 *
69 */
70 public SpecialSslContextFactory(KeyStore keyStore, String keyStorePass)
71 throws NoSuchAlgorithmException, KeyManagementException {
72
73 trustManagers = new TrustManager[]{new CustomX509TrustManager(keyStore)};
74
75 KeyManagerFactory keyManagerFactory = getKeyManagerFactory(keyStore, keyStorePass);
76
77 keymanagers = keyManagerFactory.getKeyManagers();
78
79 initilizeSSLContext(keymanagers, trustManagers, null);
80
81 }
82
83 /**
84 *
85 * @param pathToKeystore
86 * @param keyStorePass
87 * @throws NoSuchAlgorithmException
88 * - if the specified protocol is not available in the
89 * default provider package or any of the other
90 * provider packages that were searched
91 *
92 * @throws KeyManagementException
93 * - if the initialization of the SSLContext failed
94 *
95 */
96 public SpecialSslContextFactory(String pathToKeystore, String keyStorePass)
97 throws NoSuchAlgorithmException, KeyManagementException {
98
99 KeyStore keyStore = getKeyStore(pathToKeystore, keyStorePass);
100
101 trustManagers = new TrustManager[]{new CustomX509TrustManager(keyStore)};
102
103 KeyManagerFactory keyManagerFactory = getKeyManagerFactory(keyStore, keyStorePass);
104
105 keymanagers = keyManagerFactory.getKeyManagers();
106
107 initilizeSSLContext(keymanagers, trustManagers, null);
108
109 }
110
111 /**
112 *
113 * @param nameOfTheRessource
114 * the name including the path of the certificate inside the jar
115 *
116 * @throws NoSuchAlgorithmException
117 * - if the specified protocol is not available in the
118 * default provider package or any of the other
119 * provider packages that were searched
120 *
121 * @throws KeyManagementException
122 * - if the initialization of the SSLContext failed
123 *
124 * @throws IOException
125 * -if an I/O error occurs
126 *
127 * @throws CertificateException
128 * -if the Ressource does not contain a valid DER encoded
129 * (either binary or Base64 encoded)
130 * -if the requested certificate type is not available in the default provider
131 * package or any of the other provider packages that were searched
132 *
133 */
134 public SpecialSslContextFactory(String nameOfTheRessource)
135 throws NoSuchAlgorithmException, KeyManagementException,
136 CertificateException, IOException {
137
138 trustManagers = new TrustManager[]{new CustomX509TrustManager(nameOfTheRessource)};
139
140 initilizeSSLContext(null, trustManagers, null);
141
142 }
143
144 private void initilizeSSLContext(KeyManager[] keyManagers,
145 TrustManager[] trustManagers, SecureRandom secureRandom)
146 throws NoSuchAlgorithmException, KeyManagementException {
147
148 sslContext = SSLContext.getInstance("TLS");
149
150 sslContext.init(keyManagers, trustManagers, secureRandom);
151
152 }
153
154 private KeyStore getKeyStore(String keyStorePath, String keyStorePass) {
155
156 KeyStore RV = null;
157
158 try {
159
160 RV = KeyStore.getInstance(KeyStore.getDefaultType());
161 RV.load(new FileInputStream(keyStorePath), keyStorePass.toCharArray());
162
163 } catch (IOException ex) {
164 Logger.getLogger(SpecialSslContextFactory.class.getName()).log(Level.SEVERE, null, ex);
165 } catch (NoSuchAlgorithmException ex) {
166 Logger.getLogger(SpecialSslContextFactory.class.getName()).log(Level.SEVERE, null, ex);
167 } catch (CertificateException ex) {
168 Logger.getLogger(SpecialSslContextFactory.class.getName()).log(Level.SEVERE, null, ex);
169 } catch (KeyStoreException ex) {
170 Logger.getLogger(SpecialSslContextFactory.class.getName()).log(Level.SEVERE, null, ex);
171 }
172
173 return RV;
174
175 }
176
177 private KeyManagerFactory getKeyManagerFactory(KeyStore keyStore,
178 String keyStorePass) {
179
180 KeyManagerFactory RV = null;
181
182 if (keyStore != null && keyStorePass != null) {
183
184 try {
185 RV = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
186 RV.init(keyStore, keyStorePass.toCharArray());
187 } catch (KeyStoreException ex) {
188 Logger.getLogger(SpecialSslContextFactory.class.getName()).log(Level.SEVERE, null, ex);
189 } catch (UnrecoverableKeyException ex) {
190 Logger.getLogger(SpecialSslContextFactory.class.getName()).log(Level.SEVERE, null, ex);
191 } catch (NoSuchAlgorithmException ex) {
192 Logger.getLogger(SpecialSslContextFactory.class.getName()).log(Level.SEVERE, null, ex);
193 } catch (Exception ex) {
194 Logger.getLogger(SpecialSslContextFactory.class.getName()).log(Level.SEVERE, null, ex);
195 }
196
197 }
198
199 return RV;
200 }
201
202 public SSLContext getSslContext() {
203 return sslContext;
204 }
205}
So um das Beispiel vom Wiki aufzugreifen nur,dass es mindestens auf Simon 1.1.0 läuft:
Annahme: die o.g. Klassen befinden sich im gleichen Namespace/package
1
2 private static Lookup serverLookup;
3
4 public static void main(String[] args) {
5 try {
6
7 SslContextFactory sslcontextfactory = null;
8
9 // You can use either of the following ways to create the SslContextFactory
10
11 // create SslContextFactory by providing the location of the keystore in the filesystem
12 // and providing the pass of the keystore
13 sslcontextfactory = new SpecialSslContextFactory("path_to_keystore/.clientkeystore", "MyKeyStorePass");
14
15 // create SslContextFactory by providing the location of the DER encoded certificate
16 // in the Ressources of the jar
17 sslcontextfactory = new SpecialSslContextFactory("path_to_cert_in_Ressource/filename_of_cert");
18
19 // create SslContextFactory for using with certificates created by a trusted
20 // Certificate Authority
21 // This is not tested !
22 sslcontextfactory = new SpecialSslContextFactory();
23
24 serverLookup = Simon.createNameLookup("127.0.0.1", 22222);
25 serverLookup.setSslContextFactory(sslcontextfactory);
26
27 IServer server = (IServer) serverLookup.lookup("server");
28
29 // use the serverobject as it would exist on your local machine
30 server.login(clientCallbackImpl);
31 // do some more stuff
32 // ...
33
34 // and finally 'release' the serverobject to release to connection to the server
35 serverLookup.release(server);
36
37 } catch (NoSuchAlgorithmException ex) {
38 Logger.getLogger(Main.class.getName()).log(Level.SEVERE, null, ex);
39 } catch (KeyManagementException ex) {
40 Logger.getLogger(Main.class.getName()).log(Level.SEVERE, null, ex);
41 } catch (UnknownHostException ex) {
42 Logger.getLogger(Main.class.getName()).log(Level.SEVERE, null, ex);
43 } catch (LookupFailedException ex) {
44 Logger.getLogger(Main.class.getName()).log(Level.SEVERE, null, ex);
45 } catch (EstablishConnectionFailed ex) {
46 Logger.getLogger(Main.class.getName()).log(Level.SEVERE, null, ex);
47 } catch (Exception ex) {
48 Logger.getLogger(Main.class.getName()).log(Level.SEVERE, null, ex);
49 }
50
51 }
(1-11/11)