import java.io.File; import java.io.IOException; import java.io.InputStream; import java.io.OutputStream; import java.net.ServerSocket; import java.net.Socket; import java.util.Hashtable; import javax.naming.Context; import javax.naming.NamingException; import javax.naming.directory.DirContext; import javax.naming.directory.InitialDirContext; import javax.net.ssl.SSLHandshakeException; import javax.net.ssl.SSLServerSocketFactory; import javax.net.ServerSocketFactory; import java.util.Hashtable; import javax.naming.Context; import javax.naming.InitialContext; import javax.naming.NamingEnumeration; import javax.naming.NamingException; import javax.naming.directory.SearchControls; import javax.naming.directory.SearchResult; import javax.naming.ldap.InitialLdapContext; import javax.naming.ldap.LdapContext; public class SSLHandshakeFailure { private static String url; public static void main(String args[]) throws Exception { // Set the keystores setKeyStrore(); // start the test server first. TestServer server = new TestServer(); server.start(); url = "ldaps://localhost:" + server.getPortNumber(); test(); // throw new Exception("test failed"); } private static void test() throws Exception { Hashtable env = new Hashtable<>(11); env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); env.put(Context.PROVIDER_URL, url); env.put("java.naming.ldap.version", "3"); // String socketFactory= CustomSocketFactory.class.getName(); // env.put("java.naming.ldap.factory.socket", CustomSocketFactory.class.getName()); // env.put("com.sun.jndi.ldap.read.timeout", "5000"); env.put("com.sun.jndi.ldap.connect.timeout", "3000"); //env.put("com.sun.jndi.ldap.connect.pool.protocol", "ssl plain"); // env.put("com.sun.jndi.ldap.connect.pool", "true"); env.put(Context.SECURITY_AUTHENTICATION, "Simple"); env.put(Context.SECURITY_PRINCIPAL, "cn=orcladmin"); env.put(Context.SECURITY_CREDENTIALS, "password1"); System.setProperty("com.sun.jndi.ldap.connect.pool.debug", "all"); LdapContext ctx = new InitialLdapContext(env, null); ctx.close(); } private static void setKeyStrore() { String fileName = "/Users/weibxiao/dev/java-core-library/core-lib-test/out/production/core-lib-test/ldap/ksWithSAN"; System.setProperty("javax.net.ssl.keyStore", fileName); System.setProperty("javax.net.ssl.keyStorePassword", "welcome1"); System.setProperty("javax.net.ssl.trustStore", fileName); System.setProperty("javax.net.ssl.trustStorePassword", "welcome1"); } static class TestServer extends Thread implements AutoCloseable { private final ServerSocket serverSocket; private final int PORT; private volatile boolean exceptionThrown; TestServer() throws IOException { try { SSLServerSocketFactory socketFactory = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault(); serverSocket = socketFactory.createServerSocket(0); PORT = serverSocket.getLocalPort(); } catch (IOException ex) { throw new RuntimeException(ex); } setDaemon(true); } public int getPortNumber() { return PORT; } public boolean isExceptionThrown() { return exceptionThrown; } @Override public void run() { try (Socket socket = serverSocket.accept()) { Thread.sleep(10000); try (InputStream in = socket.getInputStream()) { try (OutputStream out = socket.getOutputStream()) { byte[] bindResponse = {0x30, 0x0C, 0x02, 0x01, 0x01, 0x61, 0x07, 0x0A, 0x01, 0x00, 0x04, 0x00, 0x04, 0x00}; // read the bindRequest while (in.read() != -1) { in.skip(in.available()); break; } out.write(bindResponse); out.flush(); // ignore the further requests while (in.read() != -1) { in.skip(in.available()); } } } } catch (Exception expectedException) { if (expectedException instanceof SSLHandshakeException) { exceptionThrown = Boolean.TRUE; } } } @Override public void close() throws Exception { if (serverSocket != null) { serverSocket.close(); } } } }