Last active
March 11, 2025 11:10
-
Star
(277)
You must be signed in to star a gist -
Fork
(106)
You must be signed in to fork a gist
-
-
Save 4ndrej/4547029 to your computer and use it in GitHub Desktop.
Test of java SSL / keystore / cert setup. Check the comment #1 for howto.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import javax.net.ssl.SSLParameters; | |
| import javax.net.ssl.SSLSocket; | |
| import javax.net.ssl.SSLSocketFactory; | |
| import java.io.*; | |
| /** Establish a SSL connection to a host and port, writes a byte and | |
| * prints the response. See | |
| * http://confluence.atlassian.com/display/JIRA/Connecting+to+SSL+services | |
| */ | |
| public class SSLPoke { | |
| public static void main(String[] args) { | |
| if (args.length != 2) { | |
| System.out.println("Usage: "+SSLPoke.class.getName()+" <host> <port>"); | |
| System.exit(1); | |
| } | |
| try { | |
| SSLSocketFactory sslsocketfactory = (SSLSocketFactory) SSLSocketFactory.getDefault(); | |
| SSLSocket sslsocket = (SSLSocket) sslsocketfactory.createSocket(args[0], Integer.parseInt(args[1])); | |
| SSLParameters sslparams = new SSLParameters(); | |
| sslparams.setEndpointIdentificationAlgorithm("HTTPS"); | |
| sslsocket.setSSLParameters(sslparams); | |
| InputStream in = sslsocket.getInputStream(); | |
| OutputStream out = sslsocket.getOutputStream(); | |
| // Write a test byte to get a reaction :) | |
| out.write(1); | |
| while (in.available() > 0) { | |
| System.out.print(in.read()); | |
| } | |
| System.out.println("Successfully connected"); | |
| } catch (Exception exception) { | |
| exception.printStackTrace(); | |
| System.exit(1); | |
| } | |
| } | |
| } |
fyi, I use this with this CLI:
java -Djavax.net.ssl.trustStore=/path/to/store/LdapSSLKeyStore.jks -Djavax.net.ssl.trustStorePassword=123 -Djavax.net.ssl.trustStoreType=jks SSLPoke myserver.local 443
#or with debug and force certain protocol
java -Djavax.net.ssl.trustStore=/path/to/store/LdapSSLKeyStore.jks -Djavax.net.ssl.trustStorePassword=123 -Djavax.net.ssl.trustStoreType=jks -Djavax.net.debug=ssl:handshake:verbose -Djdk.tls.client.protocols=TLSv1 -Dhttps.protocols=TLSv1 SSLPoke myserver.local 443java -Djavax.net.ssl.trustStore=/path/to/store/LdapSSLKeyStore.jks -Djavax.net.ssl.trustStorePassword=123 -Djavax.net.ssl.trustStoreType=jks SSLPoke
Very cool. Exactly what I was looking for. Thanks!
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Been a while since I looked at Java, like about a year after it came out... Thanks for the assistance, turns out I solved the problem without using this tool