4ndrej / SSLPoke.java
Created

Embed URL

HTTPS clone URL

SSH clone URL

You can clone with HTTPS or SSH.

Download Gist

Test of java SSL / keystore / cert setup. Check the commet #1 for howto.

View SSLPoke.java
Raw
File suppressed. Click to show.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 
import javax.net.ssl.SSLSocket;

import javax.net.ssl.SSLSocketFactory;

import java.io.*;

 

/** Establish a SSL connection to a host and port, writes a byte and

 * prints the response. See

 * http://confluence.atlassian.com/display/JIRA/Connecting+to+SSL+services

 */

public class SSLPoke {

    public static void main(String[] args) {

        if (args.length != 2) {

            System.out.println("Usage: "+SSLPoke.class.getName()+" <host> <port>");

            System.exit(1);

        }

        try {

            SSLSocketFactory sslsocketfactory = (SSLSocketFactory) SSLSocketFactory.getDefault();

            SSLSocket sslsocket = (SSLSocket) sslsocketfactory.createSocket(args[0], Integer.parseInt(args[1]));

 

            InputStream in = sslsocket.getInputStream();

            OutputStream out = sslsocket.getOutputStream();

 

            // Write a test byte to get a reaction :)

            out.write(1);

 

            while (in.available() > 0) {

                System.out.print(in.read());

            }

            System.out.println("Successfully connected");

 

        } catch (Exception exception) {

            exception.printStackTrace();

        }

    }

}
Owner
4ndrej commented

Test of java SSL / keystore / cert setup. Came from https://confluence.atlassian.com/download/attachments/117455/SSLPoke.java

Usage:

  1. extract cert from server:
    openssl s_client -connect server:443

  2. negative test cert / keytool:
    java SSLPoke server 443
    you should get something like
    javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

  3. import cert into default keytool:
    keytool -import -alias alias.server.com -keystore $JAVA_HOME/jre/lib/security/cacerts

  4. positive test cert / keytool:
    java SSLPoke server 443
    you should get this:
    Successfully connected

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.