1. 首页
  2. 问答
  3. 收到致命警报,bad_certificate

收到致命警报,bad_certificate

2017-02-21 312 views
2

我正在尝试使SSL连接到服务器。我创建了一个Truststore并将服务器的证书以及我的信任条目导入到Keystore中。服务器人员也将我的证书导入到他们的密钥库中。但是,当我尝试连接,我得到这个错误:收到致命警报,bad_certificate

Received fatal alert: bad_certificate

在服务器上,他们获得这个错误:

javax.net.ssl.SSLHandshakeException: null cert chain

我应该怎么做来可能是做错了什么?我该如何解决这个错误?我现在一直在和这个问题长期斗争。

我的客户端代码

import java.io.*; 
import java.net.*; 
import java.security.*; 


import java.util.Enumeration; 
import javax.net.ssl.*; 

public class SSLConnect { 

public String MakeSSlCall(String meternum) { 
    String message = ""; 
    FileWriter file = null; 
    try { 
     file = new FileWriter("C:\\SSLCERT\\ClientJavalog.txt"); 

    } catch (Exception ee) { 
     message = ee.getMessage(); 

    } 
    //writer = new BufferedWriter(file); 
    try { 
     file.write("KeyStore Generated\r\n"); 
     KeyStore keystore = KeyStore.getInstance("JKS"); 
     keystore.load(new FileInputStream("C:\\SSLCERT\\newclientkeystore"), "client".toCharArray()); 
     file.write("KeyStore Generated\r\n"); 
     Enumeration enumeration = keystore.aliases(); 
     while (enumeration.hasMoreElements()) { 
      String alias = (String) enumeration.nextElement(); 
      file.write("alias name: " + alias + "\r\n"); 
      keystore.getCertificate(alias); 
      file.write(keystore.getCertificate(alias).toString() + "\r\n"); 
     } 
     TrustManagerFactory tmf =TrustManagerFactory.getInstance("SunX509"); 
     tmf.init(keystore); 
     file.write("KeyStore Stored\r\n"); 
     SSLContext context = SSLContext.getInstance("SSL"); 
     TrustManager[] trustManagers = tmf.getTrustManagers(); 
     context.init(null, trustManagers, null); 

     SSLSocketFactory f = context.getSocketFactory(); 
     file.write("About to Connect to Ontech\r\n"); 
     SSLSocket c = (SSLSocket) f.createSocket("192.168.1.16", 4447); 
     file.write("Connection Established to 196.14.30.33 Port: 8462\r\n"); 
     file.write("About to Start Handshake\r\n"); 
     c.startHandshake(); 

     file.write("Handshake Established\r\n"); 
     file.flush(); 
     file.close(); 
     return "Connection Established"; 
    } catch (Exception e) { 
     try { 
      file.write("An Error Occured\r\n"); 
      file.write(e.getMessage() + "\r\n"); 
      file.flush(); 
      file.close(); 
     } catch (Exception eee) { 
      message = eee.getMessage(); 
     } 
     return "Connection Failed"; 
    } 
} 
}

使用Keytool创建我的信任

的keytool -import -alias -file客户-keystore client.cer -storepass MyKeystore的MyStore

的keytool -import -alias命令服务器文件server.cer -keystore MyKeystore -storepass mystore

而且我还将两个证书添加到我的cacerts密钥库

来源

2017-02-21 Obafemi Tayo

+0

您应该在此处编写用于连接的代码,用于创建信任库和导入证书。顺便说一句,你确定你已经导入了你需要的服务器证书吗? – Gangnus

+0

@Gangnus我已经添加了我的代码和我的keytool命令来存储我的证书。有什么我在这里做错了吗? –

+0

我被邀请来判断你的问题可能结束。要小心,大多数没有代码的问题被认为是无用的。在你的情况下,它确实如此。我很高兴我的投票结果被你的快速版支持。我还建议标记代码失败的地方。套接字创建或握手?另外,你应该在这里放置你从异常中获得的堆栈跟踪。也许,在失败之前和之后,套接字'c'的内容。至于你的风格,我会建议使用记录器,而不是那个'文件',只是为了将来。而'c'这个名字也不太明显。 – Gangnus

回答

0

已经有一段时间了,但我不得不面对类似的问题。以下是我的工作代码:

Properties systemProps = System.getProperties(); 
    systemProps.put("javax.net.debug","ssl"); 
    systemProps.put("javax.net.ssl.trustStore","<path to trustore>"); 
    systemProps.put("javax.net.ssl.trustStorePassword","password"); 
    System.setProperties(systemProps); 

    SSLContext sslcontext; 
    KeyStore keyStore; 
    final char[] JKS_PASSWORD = "password".toCharArray(); 
    final char[] KEY_PASSWORD = "password".toCharArray(); 

    try { 
     final InputStream is = new FileInputStream("<path_to_keystore.pkcs12>"); 
     keyStore = KeyStore.getInstance("pkcs12"); 
     keyStore.load(is, JKS_PASSWORD); 
     final KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); 
     kmf.init(keyStore, KEY_PASSWORD); 

     sslcontext=SSLContext.getInstance("TLS"); 
     sslcontext.init(kmf.getKeyManagers(), null, new java.security.SecureRandom()); 
    } catch (Exception ex) { 
     throw new IllegalStateException("Failure initializing default SSL context", ex); 
    } 

    SSLSocketFactory sslsocketfactory = sslcontext.getSocketFactory(); 
    DataOutputStream os = null; 

    try { 
     SSLSocket sslsocket = (SSLSocket) sslsocketfactory.createSocket(); 
     sslsocket.connect(new InetSocketAddress(host, port), connectTimeout); 
     sslsocket.startHandshake(); 

     os = new DataOutputStream(sslsocket.getOutputStream()); 
     // log.info("Sending echo packet"); 
     String toSend = "{\"echo\":\"echo\"}"; 
     os.writeBytes(toSend); 
    } catch (UnknownHostException e) { 
     // TODO Auto-generated catch block 
     e.printStackTrace(); 
    } catch (IOException e) { 
     // TODO Auto-generated catch block 
     e.printStackTrace(); 
    } catch (InterruptedException e) { 
     // TODO Auto-generated catch block 
     e.printStackTrace(); 
    }

来源

2017-10-11 05:48:29 Tomasz

相关问题

 相关问题