需要关于自签名SSL和Java的建议
有几次有关如何使用Java处理自签名证书的问题,往往会提供实现。但是,我不确定这些实现会给我我正在寻找的安全/信任。
Issues have been asked many times about how to handle self-signed certificates with Java and implementations are often provided. However, I'm not sure that these implementations will give me the security/trust I am looking for.
我的情况如下:我有一个客户端程序连接到我们的服务器应用这两个都是我们完全控制的。我们的客户邮件是一个使用https到我们服务器上的URL的流,服务器响应。目前(这是我正在修复的)服务器有一个自签名证书。 Java不喜欢这个和只有测试,我们几乎完全忽略证书,通过信任任何证书。
My circumstance is as follows: I have a client program connecting to our server application. Both of these we have complete control over. Our client post's a stream using https to a URL at our server, and the server responds. Currently (and this is what I'm trying to fix) the server has a self signed certificate. Java doesn't like this and FOR TESTING ONLY, we are pretty much ignoring the certificate altogether by trusting any certificate.
我对SSL知之甚少我的老板说,我们可以使用我们的自签名证书,只要我们不做我们的隐私,这将是安全的。关键公众。这听起来对我来说是正确的,但很多帖子表示,自签名证书自动容易受到中间人的攻击。这是否意味着SSL发送地址。密钥以及证书?
I have little knowledge of SSL. My boss says we can use our self-signed certificate and it will be secure as long we don't make our crypt. key public. This sounds correct to me, but a lot of posts say self-signed cert's are automatically vulnerable to man-in-the-middle attacks. Does this mean SSL sends the crypt. key along with the certificate?
由于我们控制了两端,我们应该使用密钥加密我们的数据,并使用我们的密钥对其进行解密?还是有理由使用SSL?
Since we have control over both ends, should we just encrypt our data ourselves with a secret key, and decrypt it at the end using our key? Or is there reason to use SSL?
而不是盲目信任任何证书(这将使连接容易受到MITM攻击) ,配置您的Java客户端信任该特定的证书。自签名证书本身并不会使SSL / TLS连接容易受到MITM攻击的攻击,它们只是使其分发和对这种特定部署更具体的信任评估(即必须手动配置)。
Instead of trusting any certificate blindly (which would make the connection vulnerable to MITM attacks), configure your Java client to trust that particular certificate. Self-signed certificates do not inherently make SSL/TLS connections vulnerable to MITM attacks, they just make their distribution and the evaluation of trust more specific to this particular deployment (i.e. you have to configure it manually).
您可以至少3种方式(为您选择最简单的方法,我建议点号#2):
You can do this in at least 3 ways (pick the easiest one for you, I'd suggest bullet point #2):
- 将您的服务器证书导入客户端的全局信任存储(您的JRE目录中的
lib / security / cacerts)。这将使所有的应用程序与此JRE信任该证书一起运行。 - 将服务器证书导入到另一个信任库(可能是本地副本
lib / security / cacerts),并使此特定应用程序使用此信任库。这可以使用javax.net.ssl.trustStore系统属性来完成。 - 使您的客户端应用程序使用
SSLContext用X509TrustManager初始化,配置为信任该证书:手动写入的东西或来自TrustManagerFactory的信任管理器通过加载包含该特定证书的本地密钥库(如以前的方法)初始化。
- Import the server certificate into your client's global trust store (
lib/security/cacertsin your JRE directory). This will make all applications run with this JRE trust this certificate. - Import the server certificate into another truststore (possibly a local copy of
lib/security/cacerts) and make this particular application use this truststore. This can be done using thejavax.net.ssl.trustStoresystem properties. - Make your client application use an
SSLContextinitialised with anX509TrustManagerconfigured to trust that certificate: either something written manually or a trust manager coming fromTrustManagerFactoryinitialised by loading a local keystore that contains that particular certificate (as in the previous method).
您将在 JSSE参考指南。
(此答案为类似的问题应该给你提供一切正常的细节,特别是 keytool -import ... 。)
(This answer to a similar question should give you the details for doing all this properly, in particular keytool -import ....)