基於SSL的RMI：握手失敗

Question

嗨，我剛開始使用SSL，我想提出一個非常簡單的例子，這裏是代碼：

接口。

package tpfinal; 

import java.rmi.Remote; 
import java.rmi.RemoteException; 

public interface CentralTimeService extends Remote { 

    int PORT = 8844; 

    long getTime() throws RemoteException; 

} 

客戶：

package tpfinal; 

import java.rmi.AccessException; 
import java.rmi.NotBoundException; 
import java.rmi.RemoteException; 
import java.rmi.registry.LocateRegistry; 
import java.rmi.registry.Registry; 
import java.text.SimpleDateFormat; 
import java.util.Date; 

import javax.rmi.ssl.SslRMIClientSocketFactory; 

public class CentralTimeServiceClient { 

public static void main(String[] args) { 
try { 
      System.setProperty("javax.net.ssl.keyStore","C:\\Users\\luciano\\workspace\\Distribuida\\bin\\keystore"); 
       System.setProperty("javax.net.ssl.keyStorePassword","123456"); 
       System.setProperty("javax.net.ssl.trustStore","C:\\Users\\luciano\\workspace\\Distribuida\\bin\\truststore"); 
       System.setProperty("javax.net.ssl.trustStorePassword","123456"); 
       Registry registry = LocateRegistry.getRegistry(null, CentralTimeService.PORT, new SslRMIClientSocketFactory()); 
       CentralTimeService cts = (CentralTimeService) registry.lookup("CentralTimeService"); 
       //Invocamos llamada RMI 

long serverTime = cts.getTime(); 
System.out.println(serverTime); 

System.out.println("Central server time is: " + SimpleDateFormat.getDateInstance().format(new Date(serverTime))); 

} catch (AccessException e) { 
e.printStackTrace(); 
} catch (RemoteException e) { 
e.printStackTrace(); 
} catch (NotBoundException e) { 
e.printStackTrace(); 
} 

     } 

    } 

服務器：

包tpfinal;

import java.rmi.RemoteException; 
import java.rmi.registry.LocateRegistry; 
import java.rmi.registry.Registry; 
import java.rmi.server.UnicastRemoteObject; 

import javax.rmi.ssl.SslRMIClientSocketFactory; 
import javax.rmi.ssl.SslRMIServerSocketFactory; 

public class CentralTimeServiceImpl extends UnicastRemoteObject implements CentralTimeService { 

    protected CentralTimeServiceImpl() throws RemoteException{ 
     super(0, new SslRMIClientSocketFactory(), new SslRMIServerSocketFactory(null, null, true)); 
     System.setProperty("javax.net.ssl.keyStore","C:\\Users\\luciano\\workspace\\Distribuida\\bin\\keystore"); 
     System.setProperty("javax.net.ssl.keyStorePassword","123456"); 
     System.setProperty("javax.net.ssl.trustStore","C:\\Users\\luciano\\workspace\\Distribuida\\bin\\truststore"); 
     System.setProperty("javax.net.ssl.trustStorePassword","123456"); 
    } 

    @Override 
    public long getTime() throws RemoteException { 
     return System.currentTimeMillis(); 
    } 

    public static void main(String[] args) { 
     try { 
      Registry registry = LocateRegistry.getRegistry(null, CentralTimeService.PORT, new SslRMIClientSocketFactory()); 
      CentralTimeServiceImpl ctsi = new CentralTimeServiceImpl(); 
      registry.bind("CentralTimeService", ctsi); 

      System.out.println("Central time service bound in registry"); 
     } catch (Exception e) { 
      System.out.println("Central time error: " + e.getMessage()); 
      e.printStackTrace(); 
     } 

    } 



} 

最後的RMIREGISTRY：

package tpfinal; 

import java.rmi.registry.LocateRegistry; 

import javax.rmi.ssl.SslRMIClientSocketFactory; 
import javax.rmi.ssl.SslRMIServerSocketFactory; 

public class RmiRegistry { 

    public static void main(String[] args) throws Exception { 
     LocateRegistry.createRegistry(CentralTimeService.PORT,new SslRMIClientSocketFactory(), new SslRMIServerSocketFactory(null, null, true)); 
     System.out.println("Rmi Registry running on port " + CentralTimeService.PORT); 
     System.setProperty("javax.net.ssl.keyStore","C:\\Users\\luciano\\workspace\\Distribuida\\bin\\keystore"); 
     System.setProperty("javax.net.ssl.keyStorePassword","123456"); 
     System.setProperty("javax.net.ssl.trustStore","C:\\Users\\luciano\\workspace\\Distribuida\\bin\\truststore"); 
     System.setProperty("javax.net.ssl.trustStorePassword","123456"); 
     //Sleep 
     Thread.sleep(Long.MAX_VALUE); 
    } 

} 

當我執行註冊表工作正常，但是當我執行服務器給我這個錯誤，我想不通爲什麼。

Central time error: error during JRMP connection establishment; nested exception is: 
    javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure 
java.rmi.ConnectIOException: error during JRMP connection establishment; nested exception is: 
    javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure 
    at sun.rmi.transport.tcp.TCPChannel.createConnection(Unknown Source) 
    at sun.rmi.transport.tcp.TCPChannel.newConnection(Unknown Source) 
    at sun.rmi.server.UnicastRef.newCall(Unknown Source) 
    at sun.rmi.registry.RegistryImpl_Stub.bind(Unknown Source) 
    at tpfinal.CentralTimeServiceImpl.main(CentralTimeServiceImpl.java:31) 
Caused by: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure 
    at sun.security.ssl.Alerts.getSSLException(Unknown Source) 
    at sun.security.ssl.Alerts.getSSLException(Unknown Source) 
    at sun.security.ssl.SSLSocketImpl.recvAlert(Unknown Source) 
    at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source) 
    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source) 
    at sun.security.ssl.SSLSocketImpl.writeRecord(Unknown Source) 
    at sun.security.ssl.AppOutputStream.write(Unknown Source) 
    at java.io.BufferedOutputStream.flushBuffer(Unknown Source) 
    at java.io.BufferedOutputStream.flush(Unknown Source) 
    at java.io.DataOutputStream.flush(Unknown Source) 

任何幫助，請提前致謝。

Answer 1

1. 您需要將所有的來電System.setProperty()註冊表中的類，從而創建Registry之前執行它們。

2. 您需要將服務器中的所有System.setProperty()調用移動到main()方法，並在獲取Registry對象之前執行它們。