使用com.sun.net.httpserver.HttpsServer-如何指定協議？

Question

我正在嘗試用Java實現HTTPS（SSL）服務器，我想利用com.sun.net.httpserver.HttpsServer。

我已經能夠將來自不同地方的一些代碼拼湊在一起，但是我希望能夠指定HTTPS服務器願意支持的協議，例如SSLv3，TLSv！等。無法弄清楚該怎么做。

我正在發布到目前為止的代碼，並且想知道是否有人可以告訴我如何添加指定協議的功能？

import java.io.FileInputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.net.InetSocketAddress;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.util.ArrayList;
import java.util.Arrays;

import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLParameters;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;

import com.sun.net.httpserver.HttpExchange;
import com.sun.net.httpserver.HttpHandler;
import com.sun.net.httpserver.HttpServer;
import com.sun.net.httpserver.HttpsServer;
import com.sun.net.httpserver.HttpsConfigurator;
import com.sun.net.httpserver.HttpsParameters;

public class Test {

    static private String PROGVERSION = "V1.00";
    static private String keystoreFile = "";
    static private int listenPort = 0;

    public static void main(String[] args) throws Exception {


    System.out.println("JavaHttpsServer " + PROGVERSION);

    keystoreFile = args[0];
    listenPort = Integer.parseInt(args[1]);
    System.out.println("keystoreFile=[" + keystoreFile + "]");
    System.out.println("listenPort=[" + listenPort + "]");


    SSLContext ssl =  SSLContext.getInstance("SSLv3");

    KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); 
    KeyStore store = KeyStore.getInstance(KeyStore.getDefaultType());


    //Load the JKS file (located, in this case, at D:\keystore.jks, with password 'test'
    //store.load(new FileInputStream("C:\\Users\\Eclipse-workspaces\\Test\\keystore.jks"), "changeit".toCharArray()); 
    store.load(new FileInputStream(keystoreFile), "changeit".toCharArray()); 

    //init the key store, along with the password 'changeit'
    kmf.init(store, "changeit".toCharArray());
    KeyManager[] keyManagers = new KeyManager[1];
    keyManagers = kmf.getKeyManagers();



    // Init the trust manager factory
    TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());

    // It will reference the same key store as the key managers
    tmf.init(store);

    TrustManager[] trustManagers = tmf.getTrustManagers();
    ssl.init(keyManagers, trustManagers, new SecureRandom());

    // Init a configuration with our SSL context
    HttpsConfigurator configurator = new HttpsConfigurator(ssl);
    //configurator.configure(hparams);

    // Create a new HTTPS Server instance, listening on port 8000
    HttpsServer server = HttpsServer.create(new InetSocketAddress(listenPort), 0);

    server.setHttpsConfigurator(configurator);

    server.createContext("/test", new MyHandler());
    server.setExecutor(null); // creates a default executor
    server.start();
    }

    static class MyHandler implements HttpHandler {
        @Override
        public void handle(HttpExchange t) throws IOException {
            String x = t.getRemoteAddress().getHostString();
            System.out.println("In handle: Request from (getHostString) = [" + x + "]");

            x = t.getRequestURI().toASCIIString();
            System.out.println("In handle: getRequestURI = [" + x + "]");

            if (x.equalsIgnoreCase("/test?stop")) {
                System.out.println("In handle: Received request to exit, so will exit now...");
                System.exit(0);
            }

            System.out.println("In handle: About to send response...");
            String response = "This is the response";
            t.sendResponseHeaders(200, response.length());
            OutputStream os = t.getResponseBody();
            os.write(response.getBytes());
            System.out.println("In handle: Finished sending response...");
            os.close();
        }
    }

}

Answer 1

我不確定我是否正確理解了這個問題，因為您的代碼已經顯示了如何設置協議。 您可以在SSLContext的getInstance（）方法中提供協議。 在您的示例中，您將使用SSLv3初始化SSLContext。 您可以使用此處描述的字符串之一： https : //docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html#SSLContext

要驗證服務器使用哪種協議，可以使用OpenSSL的“ s_client”命令： openssl s_client -connect localhost:8443