RE: Client certificate authentication

Tue, 20 Mar 2007 06:19:49 -0800 

Hi Erwin, 
   
  Thanks for your response.
   
  Why do you have to implement the registerMyHostnameVerifier() method ?
   
  TIA
  

Erwin Reinhoud <[EMAIL PROTECTED]> wrote:
      This is what i do before making the call to the web service:
   
          String pwd =props.getProperty("clientkeystorepassword").trim();
         clientKeystoreLocation = 
props.getProperty("clientkeystorelocation").trim();
         clientkeystoreType = props.getProperty("clientkeystoretype").trim();
         String tpwd =props.getProperty("truststorepassword").trim();
         truststoreLocation = props.getProperty("truststorelocation").trim();
         truststoreType = props.getProperty("truststoretype").trim();
         System.setProperty("javax.net.ssl.keyStoreType",clientkeystoreType);
         System.setProperty("javax.net.ssl.keyStore", clientKeystoreLocation);
         System.setProperty("javax.net.ssl.keyStorePassword", pwd);      
         System.setProperty("javax.net.ssl.trustStore", truststoreLocation);
         System.setProperty("javax.net.ssl.trustStorePassword", tpwd);
         System.setProperty("javax.net.ssl.trustStoreType",truststoreType);
         System.setProperty("java.protocol.handler.pkgs",
                          "com.sun.net.ssl.internal.www.protocol");
         System.setProperty("javax.net.debug","all");
         System.setProperty("java.security.debug","all");
         Security.addProvider( new com.sun.net.ssl.internal.ssl.Provider() );
   
   
  If you are using your own certs that dont have correct url you als need to 
disable this check (NOT FOR PRODUCTION):
   
   
  private void registerMyHostnameVerifier()
    {
     javax.net.ssl.HostnameVerifier myHv = new javax.net.ssl.HostnameVerifier()
     {
      public boolean verify(String hostName,javax.net.ssl.SSLSession session)
       {
       return true;
       }
     };
     HttpsURLConnection.setDefaultHostnameVerifier(myHv);
    }
   
   
  Greetings,
   
  Erwin
    -----Oor spronkelijk bericht-----
Van: Shimpa Mithal [mailto:[EMAIL PROTECTED]
Verzonden: dinsdag 20 maart 2007 5:13
Aan: [email protected]
Onderwerp: Client certificate authentication


  I am trying to authenticate my client to an AXIS web service. I have a valid 
certificate to the service ... I want to know how do I attach the certificate 
to this standalone JAVA client so that the service will recognize it.

The service is running on Tomcat. The standalone JAVA (along with the cert 
)will be distributed to specific users.
   
  Thanks
  Shimpa 
    
---------------------------------
  Don't be flakey. Get Yahoo! Mail for Mobile and 
always stay connected to friends.

 
---------------------------------
Never miss an email again!
Yahoo! Toolbar alerts you the instant new Mail arrives. Check it out.

Reply via email to