Jump to Navigation

Me on Twitter

  • The subway : probably the most insecure place to make a #ContactlessPayment http://t.co/bfQWmiN33K 10 years 35 weeks ago
  • Got my #nexus4 re-rooted after JB 4.3 update. Thanks to @WugFresh & co 10 years 37 weeks ago
  • All right. #AngryBirdsScore for Android updated to 1.0.2 : it now works with #AngryBirdsFriends. Enjoy ! http://t.co/jwjA4r4Ywb 10 years 37 weeks ago
  • Comment Bruxelles se prépare à enterrer la neutralité du Web http://t.co/ZH9gc4AuZg 10 years 38 weeks ago
  • Found #AngryBirdsFriends keys ! Stay tune for an update to #AngryBirdsScore... 10 years 38 weeks ago
  • #AngryBirdsScore app icon refreshed ! http://t.co/9QoXoKLPSv 10 years 40 weeks ago
  • Dumb but 5 stars fun game ! I highly recommend it (buy it with a bundle) #McPixel - http://t.co/49KEJf5fww 10 years 41 weeks ago
  • To play preloaded videos from #youtube #android app you have to have network until it's started. #WhatAPainInThe6ss 10 years 41 weeks ago
  • Facebook – Après l’espionnage, l’envoi de données ! C'en devient risible http://t.co/d3lQd70OXc 10 years 41 weeks ago
  • L’ARCEP publie son rapport annuel 2012 http://t.co/h8TQxPjdUd 10 years 41 weeks ago
More at Twitter...

java

java HttpClient 3.x : a portable SSL Socket Factory implementation

Submitted by nicobo on January 18, 2012 - 23:13

I was just trying to implement client and server authentication over SSL on IBM Websphere 6 (JRE 1.4.2)...

[...]

It may sound awkward in 2012, but if you wish the HTTPS server to identify your Java client (versus : only the server is identified), you will have to write your own implementation of a socket factory.

The Java Runtime Environment doesn't provide ready-to-use classes to do this. Yes : there is javax.net.ssl.SSLSocketFactory.getDefault() but it requires to set some system (therefore global) properties to point to the certificates files !!!

Even with Apache's HttpClient (at least version 3.x), you have to use a custom SSLProtocolSocketFactory.

The HttpClient SSL Guide provides sample code to implement mutual client and server authentication ; unfortunately the latest stable release of it (contrib 3.1) is bound to Sun's API with imports such as com.sun.net.ssl.KeyManagerFactory. Needless to say that this will not work on an IBM Websphere JRE...

This article contains an implementation of a SSLProtocolSocketFactory for HttpClient, to whom may be interested...

Syndicate content