accepting server certificate
Hi, sorry if this is double topic.
I need example of next thing.
I am using jakarta-httpclient-3.0 to communicate with server over https. (required by client).
What i need is to authenticate server with its certificate. This is used in application deployed on jboss(for inf, if there are differences).
I am curious in next:
1. when i send request to server, how do i get its certificate? i do not know format of certificate, nor is it trusted or self signed, but i now i must accept it with first request since i do not have it.
2. If and when i accept certificate how and where i can store it? i know there is way, but i haven't found example of this.
3. when certificate is stored, how do i read it from its storage on next request?
All of this must be programmed, without using keytool from command line, cause i do not know which certificate server exactly use.
Thanks in advance.
PS: would be great if example is provided. it would help a lot.
Message was edited by:
EnterSB
[1060 byte] By [
EnterSBa] at [2007-11-26 14:48:30]
# 1
Hi :
These are the following points whch might prove useful to you
1--> Download the certificate of the site which you want to access through your programme, by actually visiting the same through IE.
2--> Download the certificate in a file format (save to disk)
3--> Install the certifiacte in the JVM which your server uses on which ur application is deployed in ur case JBOSS.
4--> Once the certifiacte is properly installed on your server. Send the requests through authentication process either by post method or get method.
5--> see whether you get a response.
6-->these are the bare minimum steps which you will have to follow
Avadhoot Sawant
# 2
Tnx, but that is not what i want. I wish to take that certifikate without importing cert file to JVM with keytool.
I think this can be done, but i do not have enough time to find a way.
I solve in some way by creating my own SSLSocketFactory and within it getSSLContext method which is initialized by custom TrustManager.
This way i have SSL connection, but i do not know how to authenticate server or save certificate to JVM.
I think that client uses certificate for authentication on its own, but it is downloading it everytime it connects to server, which is not best solution.
Message was edited by:
EnterSB
Message was edited by:
EnterSB
