妳事先有沒有正確的初始化 SSLSocketFactory 和 Trust Mananger?,或在命令行加
java -Djavax.net.ssl.trustStore=mySrvKeystore -Djavax.net.ssl.trustStorePassword=123456當我們的程序需要出示證書時(比如自己當SSL服務器或要出示客戶端證書如網銀),我們還需要 Key Manager。
java -Djavax.net.ssl.keyStore=mySrvKeystore -Djavax.net.ssl.keyStorePassword=123456//?用?IE?的?Root?存儲區的證書列表。在?JDK?6?時自帶?API,早期版本不支持這個,需要額外下載?API。try?{
KeyStore?ks?=?KeyStore.getInstance("Windows-ROOT",?"SunMSCAPI");
ks.load(null,?null);
for?(Enumeration?iter?=?ks.aliases();?iter.hasMoreElements();)?{
String?alias?=?(String)?iter.nextElement();
Certificate?cert?=?ks.getCertificate(alias);
System.out.println("Cert?:"?+?cert.getType()?+?"?/?"?+?cert.getPublicKey());
}
KeyManagerFactory?kmf?=?KeyManagerFactory.getInstance("SunX509");
kmf.init(ks,?null);
TrustManagerFactory?tmf?=?TrustManagerFactory.getInstance("X.509");
tmf.init(ks);
TrustManager[]?trustManagers?=?tmf.getTrustManagers();
SSLContext?sc?=?SSLContext.getInstance("TLS");
sc.init(null,?trustManagers,?null);
sc?=?SSLContext.getInstance("SSL");
sc.init(null,?trustManagers,?null);
}?catch?(Exception?e)?{
e.printStackTrace();
}