tags:

views:

390

answers:

2

I need to setup a really lightweight HTTPS server for a Java application. It's a simulator that's being used in our development labs to simulate the HTTPS connections accepted by a piece of equipment in the wild. Because it's purely a lightweight development tool and isn't used in production in any way at all I'm quite happy to bypass certifications and as much negotiation as I can.

I'm planning on using the HttpsServer class in Java6SE but I'm struggling to get it working. As a test client I'm using wget from the cygwin command line ('wget https://address:port') but wget reports that it was "Unable to establish SSL connection".

If I run wget with the -d option for debugging it tells me "SSL handshake failed".

I've spent 30 minutes googling this and everything seems to just point back to the fairly useless Java6 documentation that describes the methods but doesn't actually talk about how to get the darn thing talking or provide any example code at all.

Can anyone nudge me in the right direction?

+2  A: 

Maybe you need something like this one

http://www.herongyang.com/JDK/HTTPS-Server-Test-Program-HttpsHello.html

Eineki
That doesn't do quite what I'm after, but it certainly pointed me in the right direction. Thanks, Eineki.
Andrew
+1  A: 

What I eventually used was this:

        try
        {
            // setup the socket address
            InetSocketAddress address = new InetSocketAddress ( InetAddress.getLocalHost (), config.getHttpsPort () );

            // initialise the HTTPS server
            HttpsServer httpsServer = HttpsServer.create ( address, 0 );
            SSLContext sslContext = SSLContext.getInstance ( "TLS" );

            // initialise the keystore
            char[] password = "simulator".toCharArray ();
            KeyStore ks = KeyStore.getInstance ( "JKS" );
            FileInputStream fis = new FileInputStream ( "lig.keystore" );
            ks.load ( fis, password );

            // setup the key manager factory
            KeyManagerFactory kmf = KeyManagerFactory.getInstance ( "SunX509" );
            kmf.init ( ks, password );

            // setup the trust manager factory
            TrustManagerFactory tmf = TrustManagerFactory.getInstance ( "SunX509" );
            tmf.init ( ks );

            // setup the HTTPS context and parameters
            sslContext.init ( kmf.getKeyManagers (), tmf.getTrustManagers (), null );
            httpsServer.setHttpsConfigurator ( new HttpsConfigurator( sslContext )
            {
                public void configure ( HttpsParameters params )
                {
                    try
                    {
                        // initialise the SSL context
                        SSLContext c = SSLContext.getDefault ();
                        SSLEngine engine = c.createSSLEngine ();
                        params.setNeedClientAuth ( false );
                        params.setCipherSuites ( engine.getEnabledCipherSuites () );
                        params.setProtocols ( engine.getEnabledProtocols () );

                        // get the default parameters
                        SSLParameters defaultSSLParameters = c.getDefaultSSLParameters ();
                        params.setSSLParameters ( defaultSSLParameters );
                    }
                    catch ( Exception ex )
                    {
                        ILogger log = new LoggerFactory ().getLogger ();
                        log.exception ( ex );
                        log.error ( "Failed to create HTTPS port" );
                    }
                }
            } );
            LigServer server = new LigServer ( httpsServer );
            joinableThreadList.add ( server.getJoinableThread () );
        }
        catch ( Exception exception )
        {
            log.exception ( exception );
            log.error ( "Failed to create HTTPS server on port " + config.getHttpsPort () + " of localhost" );
        }
Andrew