问题
I want to a program to verify to create a SSL Sockets using Oracle's SSLSocket class. In my program I want the client to pass its certificate (created using Keytool). The Server should verify the certificate and then proceed with communication. I want the server to check the certificate of each client that connects to it. Suppose that all the key's (server's and client's) are stored in the Keystore. How do I implement this?
Edit:
Forgive me if I am not able to convey my question correctly. I am new to this. I'm reading this link to get some directions. Here, while reading the keystores the server has directly hard-coded the client's key file name (viz "client.public"). However, in my program this will be specified by the client as the server can't know beforehand what the client's public key file name would be.
回答1:
You've just described exactly what already happens behind the scenes. All you have to do is create an SSLServerSocket and set needClientAuth to true, and start accepting connections from it as usual. JSSE will do the rest.
来源:https://stackoverflow.com/questions/16225051/how-to-verify-a-certificate-using-keytool