Multiple client authentication certificates

Our application interfaces with several vendors using HTTPS. One vendor issued us a certificate to authenticate us and we have successfully implemented the interface by setting the keyStore, keyStoreType and keyStorePassword System properties to use the pkcs12 file. How do you handle a situation when you have two different interfaces that each require a client certificate? Changing the System properties online to use different keystore values is not thread safe. What is the best way to handle this?

Thanks,

Steve

[536 byte] By [scole250a] at [2007-10-3 2:34:20]

«« static, field, variable
»» Binary I/O: Changing a String inside a Binary File

# 1

This is where you have to get into the nightmare of using two SSLContexts, or a smart KeystoreManager. Have a good look at http://java.sun.com/j2se/1.5.0/docs/guide/security/jsse/JSSERefGuide.html

ejpa at 2007-7-14 19:33:19 >

top of Java-index,Security,Other Security APIs, Tools, and Issues...

Java programming resources: FAQs, tutorials, compiler and browser download sites, documentation, books lists, IDEs, etc.

Multiple client authentication certificates

Security New Topic

Security Hot Topic

Security

All Classified