HTTPS Java

HTTPS server on Windows

1. download "Win32 Binary including OpenSSL 0.9.8r"

2. create certificate => http://www.neilstuff.com/apache/apache2-ssl-windows.htm

(file.key = private key, file.cert = self signed certificate + public key)

3. re-config https, restart apache and verify

HTTPS client by Java

1. Since java truststore does not use the same format, then we have to convert self-signed certificate from server using this command

c:\> keytool -import -file file.cert -storepass $PASS -keystore server.keystore

2. Error:

Exception in thread "main" javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative names present

3. Add anonymous class :

con.setHostnameVerifier(new HostnameVerifier() {

@Override

public boolean verify(String hostname, SSLSession session) {

return true;

}

});

----- java code for https client -----

import java.net.*;
import java.io.*;
import javax.net.ssl.*;

public class HttpsClient {

 public static void main(String[] args) throws Exception {
     System.setProperty("javax.net.ssl.trustStore", "server.keystore");
     String httpsURL = "https://147.127.xxx.xx/serverCertificate";
     URL myurl = new URL(httpsURL);

  
     HttpsURLConnection con = (HttpsURLConnection) myurl.openConnection();    
     con.setHostnameVerifier(new HostnameVerifier() {
         @Override
         public boolean verify(String hostname, SSLSession session) {
             return true;
         }
     });    
     con.connect();
     InputStream ins = con.getInputStream();
     InputStreamReader isr = new InputStreamReader(ins);
     BufferedReader in = new BufferedReader(isr);
     String inputLine;

     while ((inputLine = in.readLine()) != null) {
         System.out.println(inputLine);
     }

     in.close();
 }
}

Note: Just use for testing, it is not suitable for real deployment.

Event Java

My Simple example with 4 classes for understanding how event and eventListener work together.

------------------------------
package myevents;
import java.util.EventObject;

public class MyEvent extends EventObject {

private static final long serialVersionUID = 5736098458773344230L;
private Object data;

public MyEvent(Object source, Object _data)    {
 super(source);
 data = _data;
}

public Object getData()    {
 return data;
}
}
-------------------------------
package myevents;
import java.util.EventListener;

public interface MyEventListener extends EventListener    {
public void myEventHappend(MyEvent e);
}
------------------------------
package myevents;
public class PracticalInterface implements MyEventListener    {

@Override
public void myEventHappend(MyEvent e) {
  System.out.println((String) e.getData());
}
}
------------------------------
package myevents;

import java.awt.FlowLayout;
import java.awt.event.ActionEvent;
import java.awt.event.ActionListener;
import java.util.Vector;
import javax.swing.JButton;
import javax.swing.JFrame;
import javax.swing.JTextArea;

public class AppProgram extends JFrame {

private Vector listeners = new Vector();
private JTextArea _tar  = new JTextArea(22,40);
private JButton _bt1    = new JButton("Yeah");
private JButton _bt2    = new JButton("Yoo");

public AppProgram()    {
super("Application");
setLayout(new FlowLayout());
_bt1.addActionListener(new ActionListener() {
public void actionPerformed(ActionEvent arg0) {
shootEvent("Yeah !!");
}
});
_bt2.addActionListener(new ActionListener() {
public void actionPerformed(ActionEvent arg0) {
shootEvent("Yoo !?");
}
});
this.add(_tar);
this.add(_bt1);
this.add(_bt2);
}

public void addListener(MyEventListener l)    {
listeners.add(l);
}

public void removeListener(MyEventListener l)    {
listeners.remove(l);
}

public void shootEvent(String text)    {
MyEvent me = new MyEvent(this, text);
if (listeners.size() > 0)    {
((MyEventListener)listeners.firstElement()).myEventHappend(me);
}
}

public static void main(String[] args) {
AppProgram app = new AppProgram();
PracticalInterface lis = new PracticalInterface();
app.addListener(lis);
app.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE);
app.setSize(400,600);
app.setVisible(true);
}

}

จาก 

http://windygallery.wordpress.com/2010/02/18/events-and-eventlistener/

Keystore for TLS/SSL

create keystore (public/private key):

keytool -genkeypair -alias certificatekey -keyalg RSA -validity 7 -keystore keystore.jks




verify keystore:

keytool -list -v -keystore keystore.jks

create self signed certificate:

keytool -export -alias certificatekey -keystore keystore.jks -rfc -file selfsignedcert.cer

import certificate to trust store (public key):

keytool -import -alias certificatekey -file selfsignedcert.cer -keystore truststore.jks

verify trust store:

keytool -list -v -keystore truststore.jks

ตัวอย่าง code TLS/SSL Java

http://stilius.net/java/java_ssl.php

java -Djavax.net.ssl.keyStore=mySrvKeystore -Djavax.net.ssl.keyStorePassword=123456 EchoServer

เราสามารถใช้ option -Djavax.net.ssl.keyStore=... ใน netbeans ได้ โดยกำหนดที่ Run parameter และ ป้อนค่า options นี้ ลงไปใน VM options (ไม่ใช่ใน arguments อันนี้ สำหรับ args[] ของฟังก์ชัน main) จากนั้น ให้เก็บ file keyStore ใน project folder (parent ของ src)