1.生成根证书、服务端证书、客户端证书
1.1 生成CA根证书
生成跟证书私钥root_private.key
openssl genrsa -out root_private.key 1024
(私钥中包含附加信息,可推到出公钥。使用私钥生成的证书包含对应公钥)生成根证书签发请求文件root.csr
openssl req -new -key root_private.key -out root.csr -subj "/C=CN/ST=GuangDong/L=ShenZhen/O=Test company/OU=Test company/CN=Test company"生成X.509格式的CA根证书root.crt
openssl x509 -req -days 365 -in root.csr -out root.crt -signkey root_private.key根据root.crt证书生成truststore JKS文件root.truststore,输入秘钥库密码123456。
这一步只针对双向认证,单向不需要。
keytool -keystore root.truststore -import -trustcacerts -file root.crt
输入yes,信任此证书。
1.2 使用根证书签发服务端证书
(正常是先签发二级证书,由二级证书对服务端签发)
生成服务端私钥文件server_private.key
openssl genrsa -out server_private.key 1024签名请求文件server.csr
openssl req -new -key server_private.key -out server.csr -subj "/C=CN/ST=GuangDong/L=ShenZhen/O=test-server/OU=test-server/CN=test-server"使用根证书签发服务端证书server.crt
openssl x509 -req -days 365 -sha1 -CA root.crt -CAkey root_private.key -CAserial ca.srl -CAcreateserial -in server.csr -out server.crt查看证书信息
openssl x509 -in server.crt -text -noout将服务端证书转换为pkcs12格式,密码123456
openssl pkcs12 -export -in server.crt -inkey server_private.key -out server.p12生成服务端秘钥库server.keystore,秘钥库密码也为123456
keytool -importkeystore -srckeystore server.p12 -destkeystore server.keystore -srcstoretype pkcs12查看keystore
keytool -list -v -keystore server.keystore
1.3 使用根证书签发客户端证书
生成客户端私钥文件client_private.key
openssl genrsa -out client_private.key 1024签名请求文件client.csr
openssl req -new -key client_private.key -out client.csr -subj "/C=CN/ST=GuangDong/L=ShenZhen/O=test-client/OU=test-client/CN=test-client"使用根证书签发客户端证书client.crt
openssl x509 -req -days 365 -sha1 -CA root.crt -CAkey root_private.key -CAserial ca.srl -CAcreateserial -in client.csr -out client.crt证书转换为pkcs12格式,密码123456
以上生成的公私钥和证书都是PEM格式的,服务端、浏览器一般使用PKCS12格式。
openssl pkcs12 -export -in client.crt -inkey client_private.key -out client.p12查看证书信息
openssl x509 -in client.crt -text -noout
openssl pkcs12 -in client.p12 -info
2.校验自签发证书:单向和双向
2.1 访问CA中心颁发证书的网站
知名CA中心的证书都会预制到系统或浏览器中,无需特别处理,会自行查询验证。例如百度使用的证书,就是CA中心颁发的,如下三行代码即可实现访问。
URL url = new URL("https://www.baidu.com");
HttpsURLConnection urlConnection = (HttpsURLConnection)url.openConnection();
InputStream in = urlConnection.getInputStream();
2.2 本机搭建tomcat服务,用于https服务端验证
- 从http://tomcat.apache.org下载压缩包解压,执行bin目录下的startup.bat
(使用tomcat7,最新tomcat9的配置有改变,资料较少) - 启动成功后,在浏览器输入http://localhost:8080出现tomcat界面表示成功
2.3 自签证书的校验:单向验证
单向验证一般指客户端校验服务端证书,服务端并不检查客户端证书。
自签证书没有在系统中预制,需要自行实现校验。
2.3.1 首先服务端搭建https服务,并配置秘钥库server.keystore
- 将根证书颁发的server.keystore复制到tomcat的的conf目录
- 修改conf目录下的server.xml,添加clientAuth="false"、keystoreFile、keystorePass
- 访问https://localhost:8443/进行验证
2.3.2 信任域名,否则域名必须跟ca证书域名内容一致
追求更要高安全性可严格校验域名,但对以后域名更换有麻烦。
HostnameVerifier hnv = new HostnameVerifier() {
@Override
public boolean verify(String hostname, SSLSession session) {
// Always return true,接受任意域名服务器
return true;
}
};
HttpsURLConnection.setDefaultHostnameVerifier(hnv);
2.3.3 加载预制的root.crt根证书
root.crt用于验证服务端发送的证书是否有效,有没有被中间人篡改。
Certificate g_ca;
CertificateFactory cf = CertificateFactory.getInstance("X.509");
InputStream caInput = new BufferedInputStream(
new FileInputStream("C:\\xxx\\root-ca\\root.crt"));
g_ca = cf.generateCertificate(caInput);
2.3.4 自实现X509TrustManager的checkServerTrusted()
自签证书验证,需要自行实现X509TrustManager中的checkServerTrusted()回调函数,即下文的myTrustManager。
URL url = new URL("https://localhost:8443");
HttpsURLConnection urlConnection = (HttpsURLConnection)url.openConnection();
//添加自定义证书校验myTrustManager
SSLContext sslcontext = SSLContext.getInstance("TLS");
TrustManager[] tm = { new myTrustManager() };
sslcontext.init(null, tm, null);
urlConnection.setSSLSocketFactory(sslcontext.getSocketFactory());
InputStream in = urlConnection.getInputStream();
- 检查证书是否过期
- 使用root.crt校验服务器发送的证书
class myTrustManager implements X509TrustManager {
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
}
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
Exception error = null;
if (null == chain || 0 == chain.length)
{
error = new CertificateException("Certificate chain is invalid.");
}
else if (null == authType || 0 == authType.length())
{
error = new CertificateException("Authentication type is invalid.");
}
else
{
try
{
/* 自签名,服务端只发一个证书,可以不用检查证书链 */
// 检查证书是否过期
chain[0].checkValidity();
// 验证是否使用了指定公钥相对应的私钥签署了此证书
chain[0].verify(g_ca.getPublicKey());
} catch (NoSuchAlgorithmException e) {
error = e;
} catch (NoSuchProviderException e) {
error = e;
} catch (SignatureException e) {
error = e;
} catch (InvalidKeyException e) {
e.printStackTrace();
}
}
if (null != error)
{
throw new CertificateException(error);
}
}
@Override
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}
}
2.4 自签证书的校验:双向验证
在单向的基础上,服务器端新增配置root.truststore,客户端新增client.p12证书。
2.4.1 服务端:添加客户端ca的根证书
- 将root.truststore复制到tomcat的的conf目录
- 修改conf目录下的server.xml,添加https服务,配置clientAuth="true"、root.truststore和密码
- 访问https://localhost:8443/进行验证
这时直接用浏览器就无法访问了,没有客户端证书返回给服务器,只能自己用代码实现访问。
2.4.2 客户端:添加PKCS12格式秘钥库
在单向验证的基础上添加PKCS12秘钥库,SSLContext初始化时将KeyManagerFactory设置进去。
URL url = new URL("https://localhost:8443");
HttpsURLConnection urlConnection = (HttpsURLConnection) url.openConnection();
//添加PKCS12格式秘钥库,用于客户端发送证书给服务端
KeyStore keyStore = KeyStore.getInstance("PKCS12");
keyStore.load(
new FileInputStream("C:\\xxx\\client-ca\\client.p12"),
"123456".toCharArray());// 密钥库的密码
String tmfAlgorithm = KeyManagerFactory.getDefaultAlgorithm();
KeyManagerFactory kmf = KeyManagerFactory.getInstance(tmfAlgorithm);
kmf.init(keyStore, "123456".toCharArray());// 密钥库的密码
//添加自定义证书校验myTrustManager
SSLContext sslcontext = SSLContext.getInstance("TLS");
TrustManager[] tm = { new myTrustManager() };
sslcontext.init(kmf.getKeyManagers(), tm, null);
urlConnection.setSSLSocketFactory(sslcontext.getSocketFactory());
InputStream in = urlConnection.getInputStream();
2.5 证书校验异常汇总
2.5.1 单向认证:证书验证fail
假如被中间人攻击,服务端传过来的证书不是root ca签发的,那么会引发Signature does not match异常:
javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: java.security.SignatureException: Signature does not match.
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1937)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1478)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:212)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:914)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1050)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1363)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1391)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1375)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1512)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1440)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254)
at app.testHttps$3.run(testHttps.java:129)
at java.lang.Thread.run(Thread.java:745)
Caused by: java.security.cert.CertificateException: java.security.SignatureException: Signature does not match.
at app.testHttps$myTrustManager.checkServerTrusted(testHttps.java:186)
at sun.security.ssl.AbstractTrustManagerWrapper.checkServerTrusted(SSLContextImpl.java:922)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1460)
... 14 more
Caused by: java.security.SignatureException: Signature does not match.
at sun.security.x509.X509CertImpl.verify(X509CertImpl.java:449)
at sun.security.x509.X509CertImpl.verify(X509CertImpl.java:392)
at app.testHttps$myTrustManager.checkServerTrusted(testHttps.java:172)
... 16 more
2.5.2 双向认证:客户端没有发送自己的证书
假如服务端开启了双向验证,避免非信任客户端连接,那么没有证书的客户端进行访问,会报recv failed异常:
java.net.SocketException: Software caused connection abort: recv failed
at java.net.SocketInputStream.socketRead0(Native Method)
at java.net.SocketInputStream.socketRead(SocketInputStream.java:116)
at java.net.SocketInputStream.read(SocketInputStream.java:170)
at java.net.SocketInputStream.read(SocketInputStream.java:141)
at sun.security.ssl.InputRecord.readFully(InputRecord.java:465)
at sun.security.ssl.InputRecord.read(InputRecord.java:503)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:961)
at sun.security.ssl.SSLSocketImpl.waitForClose(SSLSocketImpl.java:1757)
at sun.security.ssl.HandshakeOutStream.flush(HandshakeOutStream.java:124)
at sun.security.ssl.Handshaker.sendChangeCipherSpec(Handshaker.java:1083)
at sun.security.ssl.ClientHandshaker.sendChangeCipherAndFinish(ClientHandshaker.java:1191)
at sun.security.ssl.ClientHandshaker.serverHelloDone(ClientHandshaker.java:1103)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:344)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:914)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1050)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1363)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1391)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1375)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1512)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1440)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254)
at app.testHttps$1.run(testHttps.java:82)
at java.lang.Thread.run(Thread.java:745)
2.5.3 双向认证:客户端发送的证书与服务端不匹配
加入客户端发送的证书不是服务端预制root证书签发的话,会报socket write error异常:
java.net.SocketException: Software caused connection abort: socket write error
at java.net.SocketOutputStream.socketWrite0(Native Method)
at java.net.SocketOutputStream.socketWrite(SocketOutputStream.java:109)
at java.net.SocketOutputStream.write(SocketOutputStream.java:153)
at sun.security.ssl.OutputRecord.writeBuffer(OutputRecord.java:431)
at sun.security.ssl.OutputRecord.write(OutputRecord.java:417)
at sun.security.ssl.SSLSocketImpl.writeRecordInternal(SSLSocketImpl.java:864)
at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:835)
at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:705)
at sun.security.ssl.Handshaker.sendChangeCipherSpec(Handshaker.java:1077)
at sun.security.ssl.ClientHandshaker.sendChangeCipherAndFinish(ClientHandshaker.java:1191)
at sun.security.ssl.ClientHandshaker.serverHelloDone(ClientHandshaker.java:1103)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:344)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:914)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1050)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1363)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1391)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1375)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1512)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1440)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254)
at app.testHttps$3.run(testHttps.java:132)
at java.lang.Thread.run(Thread.java:745)
2.5.4 双向认证:服务端未开启双向,而客户端发送证书
这种情况不会报错,正常获取。