Thanks very much! cheers, md
> -----Original Message----- > From: Todd Allen [mailto:[EMAIL PROTECTED] > Sent: Wednesday, July 11, 2007 10:14 AM > To: [email protected]; [email protected] > Subject: RE: issues with https? > > > There is a way to trust any CA in the Java client code. See below. > > First, create inner class: > > /* > * TrustManager inner class to allow access to all web sites > */ > public class TrustingManager implements > javax.net.ssl.X509TrustManager > { > > public java.security.cert.X509Certificate[] > getAcceptedIssuers() > { > return null; > } > > public void > checkClientTrusted(java.security.cert.X509Certificate[] c, > String authType) throws CertificateException > { > // do nothing, accept by default > } > > public void > checkServerTrusted(java.security.cert.X509Certificate[] c, > String authType) throws CertificateException > { > // do nothing, accept by default > } > } // TrustingManager inner class > > Then call method to disable SSL checking: > > private void disableSSLChecking() throws IOException { > > // Inspired by John Cho > try { > javax.net.ssl.TrustManager[] trusty = new > javax.net.ssl.TrustManager[] { new TrustingManager() }; > > javax.net.ssl.SSLContext sc = > javax.net.ssl.SSLContext.getInstance("SSL"); > > sc.init(null, trusty, new java.security.SecureRandom()); > SSLSocketFactory sslFactory = (SSLSocketFactory) > sc.getSocketFactory(); > > HttpsURLConnection.setDefaultSSLSocketFactory(sslFactory); > } > catch (Exception e) { > throw (new IOException("SSLFactory: " + e.getMessage())); > } > } // disableSSLChecking() > > I hope that helps. Try that and let me know if it works for you. > > T > > > At 09:27 AM 7/11/2007, [EMAIL PROTECTED] wrote: > >Thanks! > > > >In our case, I can be certain that it will not be a well known > >certificate. Is there any way to enable the connection without > >having a keystore in the file system, for example having the > >certificate bytes available in a class or something? > > > >The issue is this: the organization hosting the client application > >doesn't allow me access to their server, and coordinating with them > >to set up a keystore and a system property is problematic. > > > >cheers, > >md > > > > > > > -----Original Message----- > > > From: Dimuthu [mailto:[EMAIL PROTECTED] > > > Sent: Wednesday, July 11, 2007 12:48 AM > > > To: [email protected] > > > Subject: Re: issues with https? > > > > > > > > > Hi, > > > > > > When you give the HTTPS url and it should work. > > > > > > If it is doesn't work, most probably it is not a well known root > > > certificate. In this case add the following properties to the > > > System in > > > client code. > > > System.setProperty("javax.net.ssl.trustStore","path to keystore" ) > > > System.setProperty("javax.net.ssl.trustStorePassword","apache") > > > > > > > > > Cheers, > > > Dimuthu > > > > > > On Tue, 2007-07-10 at 14:38 -0400, > [EMAIL PROTECTED] > > > wrote: > > > > Hi, > > > > > > > > If I deploy a service using https, then is there anything > > > special I need to do on the client side, or does the built-in > > > http library take care of the certificate stuff? > > > > > > > > thanks > > > > Michael Davis > > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
