Java TLS#
Eine bestehende Socket-Verbindung auf SSL umstellen.
Lösung: STARTTLS senden.
Nur muss man den Socket (von Plain auf SSL umstellen)
// ich erlaube mal einfach alles
TrustManager[] trustAllCerts = new TrustManager[] {
new X509TrustManager() {
public X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkClientTrusted(X509Certificate[] certs, String authType) {
}
public void checkServerTrusted(X509Certificate[] certs, String authType) {
}
}
};
SSLContext sc;
sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new SecureRandom());
SSLSocketFactory factory = sc.getSocketFactory();
SSLSocket cmdSocket = (SSLSocket) factory.createSocket(gw, server, 25, false);
System.out.println("Enabling all available cipher suites...");
String[] suites = cmdSocket.getSupportedCipherSuites();
cmdSocket.setEnabledCipherSuites(suites);
System.out.println("Registering a handshake listener...");
cmdSocket.addHandshakeCompletedListener(new HandshakeCompletedListener() {
@Override
public void handshakeCompleted(HandshakeCompletedEvent e) {
System.out.println("ALL IS DONE GA");
System.out.println("Using cipher suite: " + e.getCipherSuite());
}
});
cmdSocket.startHandshake();
Links#
- http://juliusdavies.ca/commons-ssl/ssl.html
- http://www.java2s.com/Code/JavaAPI/javax.net.ssl/SSLSocketstartHandshake.htm
- http://qmail.jms1.net/test-auth.shtml
- Erläuterungen zu Certificate-Dateiformaten
- JavaMail enthält auch noch ein paar Tips zum Umgang mit Zertifikaten in Java
Add new attachment
Only authorized users are allowed to upload new attachments.