JDK Tutorials - Herong's Tutorial Examples - Version 6.02, by Dr. Herong Yang
Test Server Program for Client Authentication
This section provides a tutorial example on how to write a test program as the SSL socket communication server with both server and client authentications.
To perform both server and client authentications, I have revised my sample program SslReverseEchoer.java:
/* SslReverseEchoerRevised.java - Copyright (c) 2014, HerongYang.com, All Rights Reserved. */ import java.io.*; import java.net.*; import java.security.*; import javax.net.ssl.*; public class SslReverseEchoerRevised { public static void main(String[] args) { if (args.length<3) { System.out.println("Usage:"); System.out.println( " java SslReverseEchoerRevised ksName ksPass ctPass"); return; } String ksName = args[0]; char[] ksPass = args[1].toCharArray(); char[] ctPass = args[2].toCharArray(); System.setProperty("javax.net.ssl.trustStore", args[0]); System.setProperty("javax.net.ssl.trustStorePassword", args[1]); try { KeyStore ks = KeyStore.getInstance("JKS"); ks.load(new FileInputStream(ksName), ksPass); KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509"); kmf.init(ks, ctPass); SSLContext sc = SSLContext.getInstance("SSL"); sc.init(kmf.getKeyManagers(), null, null); SSLServerSocketFactory ssf = sc.getServerSocketFactory(); SSLServerSocket s = (SSLServerSocket) ssf.createServerSocket(8888); s.setNeedClientAuth(true); printServerSocketInfo(s); SSLSocket c = (SSLSocket) s.accept(); printSocketInfo(c); BufferedWriter w = new BufferedWriter(new OutputStreamWriter( c.getOutputStream())); BufferedReader r = new BufferedReader(new InputStreamReader( c.getInputStream())); String m = "Welcome to SSL Reverse Echo Server."+ " Please type in some words."; w.write(m,0,m.length()); w.newLine(); w.flush(); while ((m=r.readLine())!= null) { if (m.equals(".")) break; char[] a = m.toCharArray(); int n = a.length; for (int i=0; i<n/2; i++) { char t = a[i]; a[i] = a[n-1-i]; a[n-i-1] = t; } w.write(a,0,n); w.newLine(); w.flush(); } w.close(); r.close(); c.close(); s.close(); } catch (Exception e) { System.err.println(e.toString()); } } private static void printSocketInfo(SSLSocket s) { System.out.println("Socket class: "+s.getClass()); System.out.println(" Remote address = " +s.getInetAddress().toString()); System.out.println(" Remote port = "+s.getPort()); System.out.println(" Local socket address = " +s.getLocalSocketAddress().toString()); System.out.println(" Local address = " +s.getLocalAddress().toString()); System.out.println(" Local port = "+s.getLocalPort()); System.out.println(" Need client authentication = " +s.getNeedClientAuth()); SSLSession ss = s.getSession(); try { System.out.println("Session class: "+ss.getClass()); System.out.println(" Cipher suite = " +ss.getCipherSuite()); System.out.println(" Protocol = "+ss.getProtocol()); System.out.println(" PeerPrincipal = " +ss.getPeerPrincipal().getName()); System.out.println(" LocalPrincipal = " +ss.getLocalPrincipal().getName()); } catch (Exception e) { System.err.println(e.toString()); } } private static void printServerSocketInfo(SSLServerSocket s) { System.out.println("Server socket class: "+s.getClass()); System.out.println(" Socket address = " +s.getInetAddress().toString()); System.out.println(" Socket port = " +s.getLocalPort()); System.out.println(" Need client authentication = " +s.getNeedClientAuth()); System.out.println(" Want client authentication = " +s.getWantClientAuth()); System.out.println(" Use client mode = " +s.getUseClientMode()); } }
The changes are minor:
Last update: 2014.
Table of Contents
Downloading and Installing JDK 1.8.0 on Windows
Downloading and Installing JDK 1.7.0 on Windows
Downloading and Installing JDK 1.6.2 on Windows
Date, Time and Calendar Classes
Date and Time Object and String Conversion
Number Object and Numeric String Conversion
Locales, Localization Methods and Resource Bundles
Calling and Importing Classes Defined in Unnamed Packages
HashSet, Vector, HashMap and Collection Classes
Character Set Encoding Classes and Methods
Encoding Conversion Programs for Encoded Text Files
Datagram Network Communication
DOM (Document Object Model) - API for XML Files
DTD (Document Type Definition) - XML Validation
XSD (XML Schema Definition) - XML Validation
XSL (Extensible Stylesheet Language)
Message Digest Algorithm Implementations in JDK
Private key and Public Key Pair Generation
PKCS#8/X.509 Private/Public Encoding Standards
Digital Signature Algorithm and Sample Program
"keytool" Commands and "keystore" Files
KeyStore and Certificate Classes
Secret Key Generation and Management
Cipher - Secret Key Encryption and Decryption
The SSL (Secure Socket Layer) Protocol
SSL Socket Communication Testing Programs
What Is SSL Client Authentication?
Preparing Certificates for Client Authentication
►Test Server Program for Client Authentication
Test Client Program for Client Authentication
SSL Client Authentication Test Result