一、给JDK加上BouncyCaslet库

1.       把bcprov-jdk16-146.jar放到jdk1.6.xx\jre\lib\ext目录下

2.       给jdk1.6.xx\jre\lib\security目录中的java.security文件增加提供者：security.provider.n=org.bouncycastle.jce.provider.BouncyCastleProvider

n为优先级数字，顺着原来的数字往下些，可调整顺序但不可隔空跳过数字。

 

二、Server端模拟：

1.       生成server密钥

Keytool –genkey –alias serverkey –keystore kserver.keystore

 

2.       server端代码：

 

public class SSLServer {

 

    private static final int SERVER_PORT = 4444;

    private static final String SERVER_KEY_PASSWORD = "123456";

    private static final String SERVER_AGREEMENT = "TLS";// 使用协议

    private static final String SERVER_KEY_MANAGER = "SunX509";// 密钥管理器

    private static final String SERVER_KEY_KEYSTORE = "JKS";// 密库，这里用的是Java自带密库

    private static final String SERVER_KEYSTORE_PATH = "data/kserver.keystore";// 密库路径

    private SSLServerSocket serverSocket;

 

    public static void main(String[] args) {

       SSLServer server = new SSLServer();

       server.init();

       server.start();

    }

 

    // 由于该程序不是演示Socket监听，所以简单采用单线程形式，并且仅仅接受客户端的消息，并且返回客户端指定消息

    public void start() {

       if (serverSocket == null) {

           System.out.println("ERROR");

           return;

       }

      

       int i = 0;

       while (true) {

           i++;

           try {

              System.out.println("Server Side......");

              Socket s = serverSocket.accept();

              System.out.println("Server accepted --" + i + "-- times. \n");

               InputStream input = s.getInputStream();

              OutputStream output = s.getOutputStream();

 

              BufferedInputStream bis = new BufferedInputStream(input);

              BufferedOutputStream bos = new BufferedOutputStream(output);

 

              bos.write("This is Server".getBytes());

              bos.flush();

 

              s.close();

           } catch (Exception e) {

              System.out.println(e);

           }

       }

    }

 

    public void init() {

       try {

           // 取得SSLContext

           SSLContext ctx = SSLContext.getInstance(SERVER_AGREEMENT);

           // 取得SunX509私钥管理器

           KeyManagerFactory kmf = KeyManagerFactory

                  .getInstance(SERVER_KEY_MANAGER);

           // 取得JKS密库实例

           KeyStore ks = KeyStore.getInstance(SERVER_KEY_KEYSTORE);

           // 加载服务端私钥

           ks.load(new FileInputStream(SERVER_KEYSTORE_PATH),

                  SERVER_KEY_PASSWORD.toCharArray());

           // 初始化

           kmf.init(ks, SERVER_KEY_PASSWORD.toCharArray());

           // 初始化SSLContext

           ctx.init(kmf.getKeyManagers(), null, null);

           // 通过SSLContext取得ServerSocketFactory，创建ServerSocket

           serverSocket = (SSLServerSocket) ctx.getServerSocketFactory()

                  .createServerSocket(SERVER_PORT);

       } catch (Exception e) {

           System.out.println(e);

       }

    }

 

}