Exchange of certificate between Server and Client
Hi, I am working on an application that requires Server and Client to communicate using SSL. I have managed to get the codes to create the link. Now I have one problem. As both the Server and Clients requires each other's certificate for authentication, how can I have the application to automatically send/receive the certificates and add it to their own respective keystore? without the intervention of a human.
[421 byte] By [
hayamia] at [2007-11-27 4:19:27]
# 2
i had seen that article earlier already and noticed bout this para.
Updating the keyStore Dynamically
You can enhance MyX509TrustManager to handle dynamic keystore updates. When a checkClientTrusted or checkServerTrusted test fails and does not establish a trusted certificate chain, you can add the required trusted certificate to the keystore. You need to create a new sunX509TrustManager from the TrustManagerFactory initialized with the updated keystore. When you establish a new connection (using the previously initialized SSLContext), the newly added certificate will be called to make the trust decisions.
but nothing much is said unless i had misunderstood it. also, it is mentioned that the updating can be done using the customized trustmanager, so is the dynamic update applicable to the default trustmanager?
also, is the dynamic update activated already or i need to add codes to activate it?
