|
SSL - HTTPS
Part:
1
2
3
4
(Continued from previous part...)
To test HttpsHello.java, I wrote a simple HTTPS client program,
HttpsClient.java:
/**
* HttpsClient.java
* Copyright (c) 2005 by Dr. Herong Yang
*/
import java.io.*;
import java.net.*;
import javax.net.ssl.*;
public class HttpsClient {
public static void main(String[] args) {
PrintStream out = System.out;
// Getting the default SSL socket factory
SSLSocketFactory f =
(SSLSocketFactory) SSLSocketFactory.getDefault();
out.println("The default SSL socket factory class: "
+f.getClass());
try {
// Getting the default SSL socket factory
SSLSocket c =
(SSLSocket) f.createSocket("localhost", 8888);
printSocketInfo(c);
c.startHandshake();
BufferedWriter w = new BufferedWriter(new OutputStreamWriter(
c.getOutputStream()));
BufferedReader r = new BufferedReader(new InputStreamReader(
c.getInputStream()));
w.write("GET / HTTP/1.0");
w.newLine();
w.newLine(); // end of HTTP request
w.flush();
String m = null;
while ((m=r.readLine())!= null) {
out.println(m);
}
w.close();
r.close();
c.close();
} catch (IOException e) {
System.err.println(e.toString());
}
}
private static void printSocketInfo(SSLSocket s) {
System.out.println("Socket class: "+s.getClass());
System.out.println(" Remote address = "
+s.getInetAddress().toString());
System.out.println(" Remote port = "+s.getPort());
System.out.println(" Local socket address = "
+s.getLocalSocketAddress().toString());
System.out.println(" Local address = "
+s.getLocalAddress().toString());
System.out.println(" Local port = "+s.getLocalPort());
System.out.println(" Need client authentication = "
+s.getNeedClientAuth());
SSLSession ss = s.getSession();
System.out.println(" Cipher suite = "+ss.getCipherSuite());
System.out.println(" Protocol = "+ss.getProtocol());
}
}
Of course, we have to run HttpsClient.java with the server's certificate
in a trusted key store file:
>\jdk\bin\java -cp . "-Djavax.net.ssl.trustStore=public.jks"
HttpsClient
The default SSL socket factory class:
class com.sun.net.ssl.internal.ssl.SSLSocketFactoryImpl
Socket class: class com.sun.net.ssl.internal.ssl.SSLSocketImpl
Remote address = localhost/127.0.0.1
Remote port = 8888
Local socket address = /127.0.0.1:2408
Local address = /127.0.0.1
Local port = 2408
Need client authentication = false
Cipher suite = TLS_DHE_DSS_WITH_AES_128_CBC_SHA
Protocol = TLSv1
HTTP/1.0 200 OK
Content-Type: text/html
<html><body>Hello world!</body></html>
The result matches the expectation perfectly.
Connecting HttpsHello.java with Internet Explorer
Now let's use Internet Explorer (IE) to connect to HttpsHello.java.
First run HttpsHello.java again.
>\jdk\bin\java -cp . HttpsHello
Server started:
Server socket class:
class com.sun.net.ssl.internal.ssl.SSLServerSocketImpl
Socker address = 0.0.0.0/0.0.0.0
Socker port = 8888
Need client authentication = false
Want client authentication = false
Use client mode = false
Then run IE with https://localhost:8080,
the browser will give a security alert saying that you are about
to enter a secure web page. Click "OK" on the alert dialog box, you
will see that the HttpsHello program prints more message, and
ends with an exception:
java.net.SocketException: Connection closed by remote host
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.checkWrite(U...
at com.sun.net.ssl.internal.ssl.AppOutputStream.write(Unkn...
at sun.nio.cs.StreamEncoder$CharsetSE.writeBytes(Unknown S...
at sun.nio.cs.StreamEncoder$CharsetSE.implFlushBuffer(Unkn...
at sun.nio.cs.StreamEncoder$CharsetSE.implFlush(Unknown So...
at sun.nio.cs.StreamEncoder.flush(Unknown Source)
at java.io.OutputStreamWriter.flush(Unknown Source)
at java.io.BufferedWriter.flush(Unknown Source)
at HttpsHello.main(HttpsHello.java:42)
At the same time, IE displays another security alert saying there is
a problem with the security certificate. The issuer is not a trusted
company and the certificate name does not match the server name.
If you click "Yes" to continue to view the page, you will
get a page-not-available error message. Because HttpsHello has
already ended.
(Continued on next part...)
Part:
1
2
3
4
| 