日期:2014-05-16  浏览次数:20742 次

apache mina ssl配置
文章转自:Apache Mina – SSL Configuration

MINA SSL 设置:
Introduction
Quite some time back, I had wrote an article to create a simple client/server application using Apache Mina 2.0.x. In that article the transaction between the client and server is unsecured.  In order to make a secured transaction between the client and the server, SSL should be configured. In this article, Let us see how to configure Secured Socket Layer(SSL) for a sample Client/Server application using 3 easy steps,

1.Generate SSLContext
2.Server part
3.Client part
Step 1 – Generate SSLContext
SSLContext is a factory for secure socket or SSLEngine. For the sample application, A class named “SSLGenerator” is used to generate the SSLContext. To make a secured transaction, Two types of key files are needed they are “Keystore” and “Truststore” file. The Creation of these two files has been explained in the article “Step by step tutorial to create Keystore and Truststore file “. The factory classes used in the SSLContextGenerator class is,

KeyStoreFactory - This factory class is used to create and configures a new Keystore instance.

SSLContextFactory - This factory class is used to create and configures a new SSLContext.

SSLContextGenerator.java

view sourceprint?
01 package com.sample.ssl; 

02   

03 import java.io.File; 

04 import java.security.KeyStore; 

05 import javax.net.ssl.SSLContext; 

06 import org.apache.mina.filter.ssl.KeyStoreFactory; 

07 import org.apache.mina.filter.ssl.SslContextFactory; 

08   

09 /** 

10 * @author giftsam 

11 */

12 public class SSLContextGenerator 

13 { 

14 public SSLContext getSslContext() 

15 { 

16 SSLContext sslContext = null; 

17 try 

18 { 

19 File keyStoreFile = new File("/home/giftsam/Desktop/certificates/keystore"); 

20 File trustStoreFile = new File("/home/giftsam/Desktop/certificates/truststore"); 

21   

22 if (keyStoreFile.exists() && trustStoreFile.exists()) 

23 { 

24 final KeyStoreFactory keyStoreFactory = new KeyStoreFactory(); 

25 System.out.println("Url is: " + keyStoreFile.getAbsolutePath()); 

26 keyStoreFactory.setDataFile(keyStoreFile); 

27 keyStoreFactory.setPassword("techbrainwave"); 

28   

29 final KeyStoreFactory trustStoreFactory = new KeyStoreFactory(); 

30 trustStoreFactory.setDataFile(trustStoreFile); 

31 trustStoreFactory.setPassword("techbrainwave"); 

32   

33 final SslContextFactory sslContextFactory = new SslContextFactory(); 

34 final KeyStore keyStore = keyStoreFactory.newInstance(); 

35 sslContextFactory.setKeyManagerFactoryKeyStore(keyStore); 

36   

37 final KeyStore trustStore = trustStoreFactory.newInstance(); 

38 sslContextFactory.setTrustManagerFactoryKeyStore(trustStore); 

39 sslContextFactory.setKeyManagerFactoryKeyStorePassword("techbrainwave"); 

40 sslContext = sslContextFactory.newInstance(); 

41 System.out.println("SSL provider is: " + sslContext.getProvider()); 

42 } 

43 else 

44 { 

45 System.out.println("Keystore or Truststore file does not exist"); 

46 } 

47 } 

48 catch (Exception ex) 

49 {