accessing secure web site using digital certs
Hello,
I am trying to communicate with a secure remote server and download data, and I am having trouble. The log from the remote server says "client passed no certificate". However, I have a valid digital certificate from this site. The certificate works fine in Netscape. I have exported the p12 file and imported the certificate into a trustStore using keytool. I also imported the other 3 certs necessary to complete the cert chain so that I have a complete chain of trusted certs in the trustStore file.
When I run my java client app I receive a "403 Forbidden" message. If I run the client in debug mode I see that it looks like a negotiation is occurring between the remote server and my client app.
My code is shown below; the program was pieced together from various code from the web. At this point I want to get a jsessionid from the remote server. This code returns a jsessionid when I use "https://www.sun.com" as a test site.
Anyone know why the remote server does not receive the cert info?
Thanks in advance.
usage: java httpsclient2 https://www.sun.com ""
import java.net.*;
import javax.net.*;
import javax.net.ssl.*;
import java.io.*;
import java.util.Properties;
public class HttpsClient2 {
String httpserver;
String jsppage;
public HttpsClient2(String server, String jspage) {
httpserver = server;
jsppage = jspage;
}
public void HttpsConnect() {
try {
// Let us create the factory where we can set some parameters for the connection
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, null, new java.security.SecureRandom());
String path = httpserver;
if (jsppage != null)
{
path = httpserver + "/" + jsppage;
}
// Create the socket connection and open it to the secure remote web server
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
URL url = new URL(path);
HttpsURLConnection connection = (HttpsURLConnection) url.openConnection();
connection.setHostnameVerifier(
new HostnameVerifier() {
public boolean verify(String rserver, SSLSession sses) {
if (!rserver.equals(sses.getPeerHost())){
System.out.println( "certificate <" + sses.getPeerHost() + "> does not match host <" + rserver + "> but " + "continuing anyway" );
}
return true;
}
});
System.out.println(connection.getURL());
System.out.println(connection.getHeaderFields());
} catch (java.security.NoSuchAlgorithmException nsae) {
System.err.println("\n" + "The context specified does not exist. Check for the existence of JSSE" + "\n");
System.exit(-1);
} catch (java.security.KeyManagementException kme) {
kme.printStackTrace();
System.exit(-1);
} catch (java.net.MalformedURLException mue) {
System.err.println("\n" + "URL is not exist or protocol does not exist or there is a typo in the submitted URL" + "\n");
System.exit(-1);
} catch (java.net.UnknownHostException uhe) {
System.err.println("\n" + "Remote server does not exist in DNS." + "\n");
System.exit(-1);
} catch (java.io.IOException ioe) {
System.err.println("\n" + "I/O Exception in the connection try again or contact developer." + "\n");
ioe.printStackTrace();
System.exit(-1);
}
}
public static void main(String args[]) throws Exception {
if (args.length >= 1) {
new HttpsClient2(args[0],args[1]).HttpsConnect();
} else {
String mesg = "\n" + "You must supply an argument as follows:" + "\n" + "\n";
mesg += "\t" + "java HttpsClient https://mail.yahoo.com/" + "\n";
mesg += "\t" + "java HttpsClient https://secure.server.com:7001/" + "\n";
System.out.println(mesg);
System.exit(-1);
}
}
}
