java - 基于SSLSockets Java应用程序的身份验证

我正在开发Java应用程序，我需要通过安全套接字将几个字符串（用户名和密码）发送到服务器，我必须使用由受信任的CA生成的我自己的证书，但出现异常

服务器

class LoginServer {

  private static final String CORRECT_USER_NAME = "Java";

  private static final String CORRECT_PASSWORD = "HowToProgram";

  private SSLServerSocket serverSocket;

  public LoginServer() throws Exception {
    SSLServerSocketFactory socketFactory = (SSLServerSocketFactory) SSLServerSocketFactory
        .getDefault();
    serverSocket = (SSLServerSocket) socketFactory.createServerSocket(7070);

  }

  private void runServer() {
    while (true) {
      try {
        System.err.println("Waiting for connection...");
        SSLSocket socket = (SSLSocket) serverSocket.accept();
        BufferedReader input = new BufferedReader(new InputStreamReader(socket.getInputStream()));
        PrintWriter output = new PrintWriter(new OutputStreamWriter(socket.getOutputStream()));
        String userName = input.readLine();
        String password = input.readLine();

        if (userName.equals(CORRECT_USER_NAME) && password.equals(CORRECT_PASSWORD)) {
          output.println("Welcome, " + userName);
        } else {
          output.println("Login Failed.");
        }
        output.close();
        input.close();
        socket.close();

      } catch (IOException ioException) {
        ioException.printStackTrace();
      }
    }
  }

  public static void main(String args[]) throws Exception {
    LoginServer server = new LoginServer();
    server.runServer();
  }
}

客户

class LoginClient {
  public LoginClient() {
    try {
      SSLSocketFactory socketFactory = (SSLSocketFactory) SSLSocketFactory.getDefault();
      SSLSocket socket = (SSLSocket) socketFactory.createSocket("localhost", 7070);
      PrintWriter output = new PrintWriter(new OutputStreamWriter(socket.getOutputStream()));
      String userName = "MyName";
      output.println(userName);
      String password = "MyPass";
      output.println(password);
      output.flush();
      BufferedReader input = new BufferedReader(new InputStreamReader(socket.getInputStream()));
      String response = input.readLine();
      System.out.println(response);

      output.close();
      input.close();
      socket.close();
    } catch (IOException ioException) {
      ioException.printStackTrace();
    } finally {
      System.exit(0);
    }
  }

  public static void main(String args[]) {
    new LoginClient();
  }
}

这是输出窗口中的结果：

javax.net.ssl.SSLHandshakeException: no cipher suites in common
    at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
    at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1886)
    at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:276)
    at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:266)
    at sun.security.ssl.ServerHandshaker.chooseCipherSuite(ServerHandshaker.java:894)
    at sun.security.ssl.ServerHandshaker.clientHello(ServerHandshaker.java:622)
    at sun.security.ssl.ServerHandshaker.processMessage(ServerHandshaker.java:167)
    at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868)
    at sun.security.ssl.Handshaker.process_record(Handshaker.java:804)
    at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1016)
    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312)
    at sun.security.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:882)
    at sun.security.ssl.AppInputStream.read(AppInputStream.java:102)
    at sun.nio.cs.StreamDecoder.readBytes(StreamDecoder.java:283)
    at sun.nio.cs.StreamDecoder.implRead(StreamDecoder.java:325)
    at sun.nio.cs.StreamDecoder.read(StreamDecoder.java:177)
    at java.io.InputStreamReader.read(InputStreamReader.java:184)
    at java.io.BufferedReader.fill(BufferedReader.java:154)
    at java.io.BufferedReader.readLine(BufferedReader.java:317)
    at java.io.BufferedReader.readLine(BufferedReader.java:382)
    at zzzz.LoginServer.runServer(LoginServer.java:35)
    at zzzz.LoginServer.main(LoginServer.java:55)

我希望你能帮助我。

非常感谢

最佳答案

除非您没有向我们展示更多代码，否则我看不到这是怎么可能的，即，调用setEnabledCipherSuites（）。去掉它。

我也看不出为什么必须使用SSL或登录到在同一主机上运行的服务器。