!!!Java TLS

Eine bestehende Socket-Verbindung auf SSL umstellen.

Lösung: STARTTLS senden.

Nur muss man den Socket (von Plain auf  SSL umstellen) 

{{{
    // ich erlaube mal einfach alles 
    TrustManager[] trustAllCerts = new TrustManager[] {
        new X509TrustManager() {
            public X509Certificate[] getAcceptedIssuers() {
                return null;
            }
            public void checkClientTrusted(X509Certificate[] certs, String authType) {
            }
            public void checkServerTrusted(X509Certificate[] certs, String authType) {
            }
        }
    };
    SSLContext sc;
    sc = SSLContext.getInstance("SSL");
    sc.init(null, trustAllCerts, new SecureRandom());
    SSLSocketFactory factory = sc.getSocketFactory();
    SSLSocket cmdSocket = (SSLSocket) factory.createSocket(gw, server, 25, false);
    System.out.println("Enabling all available cipher suites...");
    String[] suites = cmdSocket.getSupportedCipherSuites();
    cmdSocket.setEnabledCipherSuites(suites);
    System.out.println("Registering a handshake listener...");
    cmdSocket.addHandshakeCompletedListener(new HandshakeCompletedListener() {
        @Override
        public void handshakeCompleted(HandshakeCompletedEvent e) {
            System.out.println("ALL IS DONE GA");
            System.out.println("Using cipher suite: " + e.getCipherSuite());
        }
    });
    cmdSocket.startHandshake();
}}}

!!Links
* http://juliusdavies.ca/commons-ssl/ssl.html
* http://www.java2s.com/Code/JavaAPI/javax.net.ssl/SSLSocketstartHandshake.htm
* http://qmail.jms1.net/test-auth.shtml
* [Erläuterungen zu Certificate-Dateiformaten|http://serverfault.com/questions/9708/what-is-a-pem-file-and-how-does-it-differ-from-other-openssl-generated-key-file]
* JavaMail enthält auch noch ein paar Tips zum Umgang mit Zertifikaten in Java

\\
[{Tag Java Crypto SSL}]