우선 jdk5에서 tls1.2 연결을 위해서 bouncy castle를 사용해보았습니다.
TlsClientTest 소스로 테스트를 해보았지만, 결국 아래와 같은 오류를 만나고 말았습니다.
TLS client negotiated TLS 1.2
TLS client received server certificate chain of length 3
fingerprint:SHA-256 83:9E:08:A5:4F:CC:73:F7:F8:DE:2E:23:89:DB:40:E1:B5:E1:E4:9E:6C:33:4C:A8:EE:30:68:01:76:4F:ED:69 (C=KR,ST=Seoul,L=Yeongdeungpo-gu,O=GS Ho me Shopping Inc.,OU=IT Team,CN=*.gsshop.com)
fingerprint:SHA-256 9A:5E:EC:EE:9C:7D:89:8B:D8:1D:C3:BF:06:6D:AF:6A:EF:B8:DB :1C:59:67:62:06:D2:BF:DD:68:23:12:C6:F6 (C=US,O=DigiCert Inc,OU=www.digicert.com ,CN=Thawte RSA CA 2018)
fingerprint:SHA-256 43:48:A0:E9:44:4C:78:CB:26:5E:05:8D:5E:89:44:B4:D8:4F:96 :62:BD:26:DB:25:7F:89:34:A4:43:C7:01:61 (C=US,O=DigiCert Inc,OU=www.digicert.com ,CN=DigiCert Global Root CA)
TLS client raised alert: fatal(2), internal_error(80)
> Failed to read record
java.lang.NullPointerException
at java.io.Reader.<init>(Reader.java:61)
at java.io.InputStreamReader.<init>(InputStreamReader.java:55)
at TlsTestUtils.loadPemResource(TlsTestUtils.java:478)
at TlsTestUtils.loadCertificateResource(TlsTestUtils.java:368)
at TlsTestUtils.getTrustedCertPath(TlsTestUtils.java:502)
at MockTlsClient$1.notifyServerCertificate(MockTlsClient.java:128)
at org.bouncycastle.tls.TlsUtils.processServerCertificate(Unknown Source )
at org.bouncycastle.tls.TlsClientProtocol.handleServerCertificate(Unknow n Source)
at org.bouncycastle.tls.TlsClientProtocol.handleHandshakeMessage(Unknown Source)
at org.bouncycastle.tls.TlsProtocol.processHandshakeQueue(Unknown Source )
at org.bouncycastle.tls.TlsProtocol.processRecord(Unknown Source)
at org.bouncycastle.tls.RecordStream.readRecord(Unknown Source)
at org.bouncycastle.tls.TlsProtocol.safeReadRecord(Unknown Source)
at org.bouncycastle.tls.TlsProtocol.blockForHandshake(Unknown Source)
at org.bouncycastle.tls.TlsClientProtocol.connect(Unknown Source)
at TlsClientTest.openTlsConnection(TlsClientTest.java:62)
at TlsClientTest.main(TlsClientTest.java:30)
Exception in thread "main" org.bouncycastle.tls.TlsFatalAlert: internal_error(80)
at org.bouncycastle.tls.TlsProtocol.safeReadRecord(Unknown Source)
at org.bouncycastle.tls.TlsProtocol.blockForHandshake(Unknown Source)
at org.bouncycastle.tls.TlsClientProtocol.connect(Unknown Source)
at TlsClientTest.openTlsConnection(TlsClientTest.java:62)
at TlsClientTest.main(TlsClientTest.java:30)
Caused by: java.lang.NullPointerException
at java.io.Reader.<init>(Reader.java:61)
at java.io.InputStreamReader.<init>(InputStreamReader.java:55)
at TlsTestUtils.loadPemResource(TlsTestUtils.java:478)
at TlsTestUtils.loadCertificateResource(TlsTestUtils.java:368)
at TlsTestUtils.getTrustedCertPath(TlsTestUtils.java:502)
at MockTlsClient$1.notifyServerCertificate(MockTlsClient.java:128)
at org.bouncycastle.tls.TlsUtils.processServerCertificate(Unknown Source)
at org.bouncycastle.tls.TlsClientProtocol.handleServerCertificate(Unknown Source)
at org.bouncycastle.tls.TlsClientProtocol.handleHandshakeMessage(Unknown Source)
at org.bouncycastle.tls.TlsProtocol.processHandshakeQueue(Unknown Source)
at org.bouncycastle.tls.TlsProtocol.processRecord(Unknown Source)
at org.bouncycastle.tls.RecordStream.readRecord(Unknown Source)
... 5 more
많은 삽질을 하며 시간을 보내다가,
다시 원점으로 돌아가서 왜와 환경에 대하여 고민하였습니다.
꼭 jdk5 에서 접근해야 할까? Linux환경이라면 curl이라는 훌륭한 툴을 이용하면 어떨까?
결국 Curl을 Java에서 Command Line으로 실행하는 코드를 만들었습니다.
import java.lang.Process;
import java.lang.Runtime;
import java.io.InputStreamReader;
import java.io.BufferedReader;
import java.io.IOException;
public class CurlJavaTest {
public static void main(String[] args) throws java.lang.InterruptedException {
String output = "";
String command = "curl -k http://gsshop.com";
try {
Process p = Runtime.getRuntime().exec(command);
p.waitFor();
BufferedReader reader = new BufferedReader(new InputStreamReader(p.getInputStream()));
String line = "";
while ((line = reader.readLine()) != null) {
output = output.concat(line + "\n");
}
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
System.out.println(output);
}
}
생각의 관점을 바꾸어서 시도해보면 좋은 결과가 나오기도 하네요.
'JAVA > LIBRARY' 카테고리의 다른 글
jdk5와 https tls1.2 연동 삽질 후기 (0) | 2021.07.09 |
---|---|
Srping Batch Meta 정보를 조회하는 기능입니다. (0) | 2021.06.28 |
다른 위치의 DB 테이블 복사 기능 만들기 (0) | 2017.10.27 |
[벤치 마크 라이브러리]JMH (0) | 2016.01.26 |
[Lombok]사용 설명 (0) | 2015.07.21 |
[easyExcelMaker] 쉽게 만드는 Excel (0) | 2014.07.22 |