Negotiate certificates from my servlet?
Hi
I need to know how I can send to a server a client certificate.
I磎 trying to access an API of Telefonica (in which I have to send an xml file and telefonica server response with another xml file), I can do it via web with Internet Explorer in which I have installed a certificate (it磗 a verisign certificate associates to my mail address). However, I have to do from a servlet, not do it directley from my web browser and I don磘 know how I can sen this certificate:
I have this code:
//Send xml request to Telefonica API
System.setProperty("java.protocol.handler.pkgs",
"com.sun.net.ssl.internal.www.protocol");
Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider
());
trustAllHttpsCertificates();
HttpsURLConnection.setDefaultHostnameVerifier(hv);
URL url = new URL("https://195.235.160.165/GPP/WLServer?gpprequest");
HttpURLConnection conn = (HttpURLConnection)
url.openConnection();
conn.setDoOutput(true);
conn.setRequestMethod("POST");
conn.setRequestProperty("Content-type", "application/xml");
String gpprequest =
("<?xml version=\"1.0\" encoding=\"UTF-8\"?>" +
"<GPPR>" +
"<FUNCION type=\"INSERT\">createGroupS</FUNCION>"+
"<AUTENTIFICATION>"+
"<CLIENT>"+client+"</CLIENT>"+
"<CLI_PASSWD>"+cli_passwd+"</CLI_PASSWD>"+
"<USER_lOGIN>"+user_login+"</USER_lOGIN>"+
"<USER_PASSWD>"+user_passwd+"</USER_PASSWD>"+
"</AUTENTIFICATION>"+
"<PARAMETERS identype=\"MSISDN\">"+
"<ATRIBUTE name=\"GROUP\" param=\"Y\">"+
"<OBJECT>"+
"<CLASS>GROUP</CLASS>"+
"<CONTENTS>"+
"<ATRIBUTE name=\"PARENTGROUPID\">"+
"<INT val=\"0\"/>"+
"</ATRIBUTE>"+
"<ATRIBUTE name=\"USERID\">"+
"<STRING val=\"666\"/>"+
"</ATRIBUTE>"+
"<ATRIBUTE name=\"NAME\">"+
"<STRING val=\""+group_name+"\"/>"+
"</ATRIBUTE>"+
"</CONTENTS>"+
"</OBJECT>"+
"</ATRIBUTE>"+
"</PARAMETERS>"+
"</GPPR>");
//Esto no me queda claro, hay que especificar la variable
gpprequest con
//la petici髇 deseada en formato XML (Creo que el fallo puede
venir de aqu?
conn.setRequestProperty("gpprequest", gpprequest);
OutputStream out = conn.getOutputStream();
out.write(gpprequest.getBytes());
out.flush();
out.close();
BufferedReader in = new BufferedReader(
new InputStreamReader(
conn.getInputStream()));
String inputLine;
String fichero_in = "";
while ((inputLine = in.readLine()) != null){
if(inputLine.length()!=0){
if(inputLine.substring(0,5).equals("<?xml")){
fichero_in = inputLine;
}
}
}
in.close();
//Sets the Content-Type header
response.setContentType("application/xml; charset=utf-8");
//Creates a writer with the encoding parameter as "UTF-8"
Writer out_ = new OutputStreamWriter(response.getOutputStream
(),
"UTF-8");
//Sends the response XML to the client
//out_.write(gpprequest); //--> Con esto me muestra en
pantlla
la petic髇 que le env韔 a telef髇ica
out_.write(fichero_in);
out_.flush();
response.sendRedirect(response.encodeRedirectURL("out_"));
****************************************************************************
*******************
private static void trustAllHttpsCertificates() throws Exception
{
// Create a trust manager that does not validate certificate
chains:
javax.net.ssl.TrustManager[] trustAllCerts =
new javax.net.ssl.TrustManager[1];
javax.net.ssl.TrustManager tm = new miTM();
trustAllCerts[0] = tm;
javax.net.ssl.SSLContext sc =
javax.net.ssl.SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, null);
javax.net.ssl.HttpsURLConnection.setDefaultSSLSocketFactory(
sc.getSocketFactory());
}
public static class miTM implements javax.net.ssl.TrustManager,
javax.net.ssl.X509TrustManager
{
public java.security.cert.X509Certificate[] getAcceptedIssuers()
{
return null;
}
public boolean isServerTrusted(
java.security.cert.X509Certificate[] certs)
{
return true;
}
public boolean isClientTrusted(
java.security.cert.X509Certificate[] certs)
{
return true;
}
public void checkServerTrusted(
java.security.cert.X509Certificate[] certs, String
authType)
throws java.security.cert.CertificateException
{
return;
}
public void checkClientTrusted(
java.security.cert.X509Certificate[] certs, String
authType)
throws java.security.cert.CertificateException
{
return;
}
}
**********************************
Error:
[ProvisioningServlet] Exception getting and processing route:
java.io.IOException: HTTPS hostname wrong: should be <195.235.160.165>
:
com.deimos.dat.servlet.ProvisioningServlet.processRequest(ProvisioningServle
t.java:218)
Thanks,
Sorry for my bad English
