| |
|
|
|
Step 1 - Basics
Create a file called SSLConnect.java like the following:
import java.net.*; import java.io.*; import java.security.*; import java.util.*; import ice.ssl.*; import ice.util.Defs; import ice.cert.*; public class SSLConnect { Socket sslconn; InputStream in; OutputStream out; private final static String TRUSTED_CA_FILE_NAME = "cacerts.crt"; SSLConnect(String host, int port){ ice.ssl.CertificateManager cm = new ice.ssl.CertificateManager(); ice.ssl.CertificateManager.setCertificateManager(cm); //Install the list of trusted certificate authorities. try { java.io.InputStream in = this.getClass() .getResourceAsStream(TRUSTED_CA_FILE_NAME); cm.setCAList(ServerCertificateList.restoreListFromPEM(in)); in.close(); } catch (Exception ex) { System.err.println("Could not load root certificates"); } //Make an SSL connection try{ sslconn = new ice.ssl.SSLSocket(host,port); in = sslconn.getInputStream(); out = sslconn.getOutputStream(); String header = "GET / HTTP/1.0\nConnection: close\n\n"; out.write(header.getBytes()); } catch(UnknownHostException ex){ System.err.println("No such host"); ex.printStackTrace(); }catch(IOException ex){ System.err.println("Could not connect"); ex.printStackTrace(); } //Write respond from server to screen //(until connection closed) byte[] buffer = new byte[80]; try{ int numbytes = in.read(buffer); while(numbytes != -1){ System.out.print(new String(buffer, 0, numbytes)); numbytes = in.read(buffer); } } catch(IOException ex){ System.err.println("Could not recieve data"); } } public static void main(String[] args){ String host = args[0]; int port = (new Integer(args[1])).intValue(); SSLConnect sslwin = new SSLConnect(host,port); } }The ICEssl module implementation of the SSL protocol is in the package ice.ssl, and this package must be imported. In addition, java.net.* is imported because network facilities are used, and java.io.* for printing out messages. This simple example does not use any GUI libraries.
The main method is the following:
public static void main(String[] args){ String host = args[0]; int port = (new Integer(args[1])).intValue(); SSLConnect sslwin = new SSLConnect(host,port); }This method parses the command line and creates an SSLConnect object that connects to a specific port on a host. All the functionality of this simple example takes place in the SSLConnect constructor.
In SSL it is mandatory for the server to authenticate itself. During this process the server sends a certificate and a digital signature the client must verify. This is the main purpose of the certificate manager. Before an SSL connection can take place, a certificate manager must be installed with a list of trusted root certificates from the CAs you trust. In the example directory the file cacerts.crt contains a number of PEM encoded X.509 certificates from the most common CAs.
First you install the certificate manager:
ice.ssl.CertificateManager cm = new ice.ssl.CertificateManager(); ice.ssl.CertificateManager.setCertificateManager(cm);Then add a list of server side certificates to CertificateManager:
try { java.io.InputStream in = this.getClass(). getResourceAsStream(TRUSTED_CA_FILE_NAME); cm.setCAList(ServerCertificateList.restoreListFromPEM(in)); in.close(); } catch (Exception ex) { System.err.println("Could not load root certificates"); }The SSLSocket class is a subclass of the java.net.Socket( ) class, so connecting to a server and communication with java.net.Socket( ) is done in the same way as for SSLSocket. The rest of the example code connects to a server and sends a HTTP request for the root of a Web server, and prints out the response from the server to the console.
|
Copyright 2005. ICEsoft Technologies, Inc. http://www.icesoft.com |
| |
|
|
|