1.生成根证书、服务端证书、客户端证书

1.1 生成CA根证书

1. 生成跟证书私钥root_private.key
   openssl genrsa -out root_private.key 1024
   (私钥中包含附加信息，可推到出公钥。使用私钥生成的证书包含对应公钥)

2. 生成根证书签发请求文件root.csr
   openssl req -new -key root_private.key -out root.csr -subj "/C=CN/ST=GuangDong/L=ShenZhen/O=Test company/OU=Test company/CN=Test company"

3. 生成X.509格式的CA根证书root.crt
   openssl x509 -req -days 365 -in root.csr -out root.crt -signkey root_private.key

4. 根据root.crt证书生成truststore JKS文件root.truststore，输入秘钥库密码123456。
   这一步只针对双向认证，单向不需要。
   keytool -keystore root.truststore -import -trustcacerts -file root.crt
   输入yes,信任此证书。

1.2 使用根证书签发服务端证书

(正常是先签发二级证书，由二级证书对服务端签发)

1. 生成服务端私钥文件server_private.key
   openssl genrsa -out server_private.key 1024

2. 签名请求文件server.csr
   openssl req -new -key server_private.key -out server.csr -subj "/C=CN/ST=GuangDong/L=ShenZhen/O=test-server/OU=test-server/CN=test-server"

3. 使用根证书签发服务端证书server.crt
   openssl x509 -req -days 365 -sha1 -CA root.crt -CAkey root_private.key -CAserial ca.srl -CAcreateserial -in server.csr -out server.crt

4. 查看证书信息
   openssl x509 -in server.crt -text -noout

5. 将服务端证书转换为pkcs12格式，密码123456
   openssl pkcs12 -export -in server.crt -inkey server_private.key -out server.p12

6. 生成服务端秘钥库server.keystore，秘钥库密码也为123456
   keytool -importkeystore -srckeystore server.p12 -destkeystore server.keystore -srcstoretype pkcs12

7. 查看keystore
   keytool -list -v -keystore server.keystore

1.3 使用根证书签发客户端证书

• 生成客户端私钥文件client_private.key
  openssl genrsa -out client_private.key 1024

• 签名请求文件client.csr
  openssl req -new -key client_private.key -out client.csr -subj "/C=CN/ST=GuangDong/L=ShenZhen/O=test-client/OU=test-client/CN=test-client"

• 使用根证书签发客户端证书client.crt
  openssl x509 -req -days 365 -sha1 -CA root.crt -CAkey root_private.key -CAserial ca.srl -CAcreateserial -in client.csr -out client.crt

• 证书转换为pkcs12格式，密码123456
  以上生成的公私钥和证书都是PEM格式的，服务端、浏览器一般使用PKCS12格式。
  openssl pkcs12 -export -in client.crt -inkey client_private.key -out client.p12

• 查看证书信息
  openssl x509 -in client.crt -text -noout
  openssl pkcs12 -in client.p12 -info

2.校验自签发证书：单向和双向

2.1 访问CA中心颁发证书的网站

知名CA中心的证书都会预制到系统或浏览器中，无需特别处理，会自行查询验证。例如百度使用的证书，就是CA中心颁发的，如下三行代码即可实现访问。

URL url = new URL("https://www.baidu.com");
HttpsURLConnection urlConnection = (HttpsURLConnection)url.openConnection();
InputStream in = urlConnection.getInputStream();

2.2 本机搭建tomcat服务，用于https服务端验证

1. 从http://tomcat.apache.org下载压缩包解压，执行bin目录下的startup.bat
   (使用tomcat7，最新tomcat9的配置有改变，资料较少)
2. 启动成功后，在浏览器输入http://localhost:8080出现tomcat界面表示成功

2.3 自签证书的校验：单向验证

单向验证一般指客户端校验服务端证书，服务端并不检查客户端证书。

自签证书没有在系统中预制，需要自行实现校验。

2.3.1 首先服务端搭建https服务，并配置秘钥库server.keystore

• 将根证书颁发的server.keystore复制到tomcat的的conf目录
• 修改conf目录下的server.xml，添加clientAuth="false"、keystoreFile、keystorePass

<Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol"
            maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
            keystoreFile="conf/server.keystore"
            keystorePass="123456"
            clientAuth="false" sslProtocol="TLS" />

• 访问https://localhost:8443/进行验证

2.3.2 信任域名，否则域名必须跟ca证书域名内容一致
追求更要高安全性可严格校验域名，但对以后域名更换有麻烦。

HostnameVerifier hnv = new HostnameVerifier() {
    @Override
    public boolean verify(String hostname, SSLSession session) {
        // Always return true，接受任意域名服务器
        return true;
    }
};
HttpsURLConnection.setDefaultHostnameVerifier(hnv);

2.3.3 加载预制的root.crt根证书
root.crt用于验证服务端发送的证书是否有效，有没有被中间人篡改。

Certificate g_ca;

CertificateFactory cf = CertificateFactory.getInstance("X.509");
InputStream caInput = new BufferedInputStream(
        new FileInputStream("C:\\xxx\\root-ca\\root.crt"));
g_ca = cf.generateCertificate(caInput);

2.3.4 自实现X509TrustManager的checkServerTrusted()
自签证书验证，需要自行实现X509TrustManager中的checkServerTrusted()回调函数，即下文的myTrustManager。

URL url = new URL("https://localhost:8443");
HttpsURLConnection urlConnection = (HttpsURLConnection)url.openConnection();

//添加自定义证书校验myTrustManager
SSLContext sslcontext = SSLContext.getInstance("TLS");
TrustManager[] tm = { new myTrustManager() };

sslcontext.init(null, tm, null);
urlConnection.setSSLSocketFactory(sslcontext.getSocketFactory());

InputStream in = urlConnection.getInputStream();

• 检查证书是否过期
• 使用root.crt校验服务器发送的证书

class myTrustManager implements X509TrustManager {

    @Override
    public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
    }

    @Override
    public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
        Exception error = null;

        if (null == chain || 0 == chain.length)
        {
            error = new CertificateException("Certificate chain is invalid.");
        }
        else if (null == authType || 0 == authType.length())
        {
            error = new CertificateException("Authentication type is invalid.");
        }
        else
        {
            try
            {
                /* 自签名，服务端只发一个证书，可以不用检查证书链 */

                // 检查证书是否过期
                chain[0].checkValidity();

                // 验证是否使用了指定公钥相对应的私钥签署了此证书
                chain[0].verify(g_ca.getPublicKey());

            } catch (NoSuchAlgorithmException e) {
                error = e;
            } catch (NoSuchProviderException e) {
                error = e;
            } catch (SignatureException e) {
                error = e;
            } catch (InvalidKeyException e) {
                e.printStackTrace();
            }
        }
        if (null != error)
        {
            throw new CertificateException(error);
        }
    }

    @Override
    public X509Certificate[] getAcceptedIssuers() {
        return new X509Certificate[0];
    }
}

2.4 自签证书的校验：双向验证

在单向的基础上，服务器端新增配置root.truststore，客户端新增client.p12证书。

2.4.1 服务端：添加客户端ca的根证书

• 将root.truststore复制到tomcat的的conf目录
• 修改conf目录下的server.xml，添加https服务，配置clientAuth="true"、root.truststore和密码

<Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol"
            maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
            keystoreFile="conf/server.keystore"
            keystorePass="123456"
            truststoreFile="conf/root.truststore"
            truststorePass="123456"
            clientAuth="true" sslProtocol="TLS" />

• 访问https://localhost:8443/进行验证
  这时直接用浏览器就无法访问了，没有客户端证书返回给服务器，只能自己用代码实现访问。

2.4.2 客户端：添加PKCS12格式秘钥库
在单向验证的基础上添加PKCS12秘钥库，SSLContext初始化时将KeyManagerFactory设置进去。

URL url = new URL("https://localhost:8443");
HttpsURLConnection urlConnection = (HttpsURLConnection) url.openConnection();

//添加PKCS12格式秘钥库，用于客户端发送证书给服务端
KeyStore keyStore = KeyStore.getInstance("PKCS12");
keyStore.load(
        new FileInputStream("C:\\xxx\\client-ca\\client.p12"),
        "123456".toCharArray());// 密钥库的密码
String tmfAlgorithm = KeyManagerFactory.getDefaultAlgorithm();
KeyManagerFactory kmf = KeyManagerFactory.getInstance(tmfAlgorithm);
kmf.init(keyStore, "123456".toCharArray());// 密钥库的密码

//添加自定义证书校验myTrustManager
SSLContext sslcontext = SSLContext.getInstance("TLS");
TrustManager[] tm = { new myTrustManager() };


sslcontext.init(kmf.getKeyManagers(), tm, null);
urlConnection.setSSLSocketFactory(sslcontext.getSocketFactory());

InputStream in = urlConnection.getInputStream();

2.5 证书校验异常汇总

2.5.1 单向认证：证书验证fail
假如被中间人攻击，服务端传过来的证书不是root ca签发的，那么会引发Signature does not match异常：

javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: java.security.SignatureException: Signature does not match.
        at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
        at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1937)
        at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302)
        at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296)
        at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1478)
        at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:212)
        at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979)
        at sun.security.ssl.Handshaker.process_record(Handshaker.java:914)
        at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1050)
        at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1363)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1391)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1375)
        at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563)
        at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
        at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1512)
        at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1440)
        at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254)
        at app.testHttps$3.run(testHttps.java:129)
        at java.lang.Thread.run(Thread.java:745)
Caused by: java.security.cert.CertificateException: java.security.SignatureException: Signature does not match.
        at app.testHttps$myTrustManager.checkServerTrusted(testHttps.java:186)
        at sun.security.ssl.AbstractTrustManagerWrapper.checkServerTrusted(SSLContextImpl.java:922)
        at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1460)
        ... 14 more
Caused by: java.security.SignatureException: Signature does not match.
        at sun.security.x509.X509CertImpl.verify(X509CertImpl.java:449)
        at sun.security.x509.X509CertImpl.verify(X509CertImpl.java:392)
        at app.testHttps$myTrustManager.checkServerTrusted(testHttps.java:172)
        ... 16 more

2.5.2 双向认证：客户端没有发送自己的证书
假如服务端开启了双向验证，避免非信任客户端连接，那么没有证书的客户端进行访问，会报recv failed异常：

java.net.SocketException: Software caused connection abort: recv failed
        at java.net.SocketInputStream.socketRead0(Native Method)
        at java.net.SocketInputStream.socketRead(SocketInputStream.java:116)
        at java.net.SocketInputStream.read(SocketInputStream.java:170)
        at java.net.SocketInputStream.read(SocketInputStream.java:141)
        at sun.security.ssl.InputRecord.readFully(InputRecord.java:465)
        at sun.security.ssl.InputRecord.read(InputRecord.java:503)
        at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:961)
        at sun.security.ssl.SSLSocketImpl.waitForClose(SSLSocketImpl.java:1757)
        at sun.security.ssl.HandshakeOutStream.flush(HandshakeOutStream.java:124)
        at sun.security.ssl.Handshaker.sendChangeCipherSpec(Handshaker.java:1083)
        at sun.security.ssl.ClientHandshaker.sendChangeCipherAndFinish(ClientHandshaker.java:1191)
        at sun.security.ssl.ClientHandshaker.serverHelloDone(ClientHandshaker.java:1103)
        at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:344)
        at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979)
        at sun.security.ssl.Handshaker.process_record(Handshaker.java:914)
        at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1050)
        at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1363)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1391)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1375)
        at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563)
        at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
        at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1512)
        at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1440)
        at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254)
        at app.testHttps$1.run(testHttps.java:82)
        at java.lang.Thread.run(Thread.java:745)

2.5.3 双向认证：客户端发送的证书与服务端不匹配
加入客户端发送的证书不是服务端预制root证书签发的话，会报socket write error异常：

java.net.SocketException: Software caused connection abort: socket write error
        at java.net.SocketOutputStream.socketWrite0(Native Method)
        at java.net.SocketOutputStream.socketWrite(SocketOutputStream.java:109)
        at java.net.SocketOutputStream.write(SocketOutputStream.java:153)
        at sun.security.ssl.OutputRecord.writeBuffer(OutputRecord.java:431)
        at sun.security.ssl.OutputRecord.write(OutputRecord.java:417)
        at sun.security.ssl.SSLSocketImpl.writeRecordInternal(SSLSocketImpl.java:864)
        at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:835)
        at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:705)
        at sun.security.ssl.Handshaker.sendChangeCipherSpec(Handshaker.java:1077)
        at sun.security.ssl.ClientHandshaker.sendChangeCipherAndFinish(ClientHandshaker.java:1191)
        at sun.security.ssl.ClientHandshaker.serverHelloDone(ClientHandshaker.java:1103)
        at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:344)
        at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979)
        at sun.security.ssl.Handshaker.process_record(Handshaker.java:914)
        at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1050)
        at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1363)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1391)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1375)
        at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563)
        at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
        at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1512)
        at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1440)
        at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254)
        at app.testHttps$3.run(testHttps.java:132)
        at java.lang.Thread.run(Thread.java:745)

2.5.4 双向认证：服务端未开启双向，而客户端发送证书
这种情况不会报错，正常获取。