HI Tharindu, Here is code example of using custom SSL context. [1]
[1] https://github.com/wso2-dev/carbon-platform-integration/blob/master/test-automation-framework/org.wso2.carbon.automation.test.utils/src/main/java/org/wso2/carbon/automation/test/utils/generic/MutualSSLClient.java On Thu, Oct 23, 2014 at 9:39 AM, Johann Nallathamby <joh...@wso2.com> wrote: > You should be able to use SSLSocketFactory API to create a custom SSL > context. > > However you need to think about where you are going to store the key store > and trust store. For your requirement, it should default to the carbon key > store and trust store in IS by default. Only if someone wants to they can > override it with their own configuration. > > Basically you need to provide a callback to get this information. Default > callback should populate it using carbon server key store. > > Thanks, > Johann. > > On Wed, Oct 22, 2014 at 12:47 PM, Tharindu Edirisinghe <tharin...@wso2.com > > wrote: > >> Hi, >> >> I have a webapp that calls an admin service of IS through mutual ssl >> authentication. The call is done using the HttpClient. For that I am >> setting the keystore and truststore details of the client at runtime like >> below. >> >> System.setProperty("javax.net.ssl.keyStore", >> CLIENT_KEY_STORE_PATH); >> System.setProperty("javax.net.ssl.trustStore", >> CLIENT_TRUST_STORE_PATH); >> System.setProperty("javax.net.ssl.keyStorePassword", >> CLIENT_KEY_STORE_PASSWORD); >> System.setProperty("javax.net.ssl.trustStorePassword", >> CLIENT_TRUST_STORE_PASSWORD); >> >> SSLContext context = SSLContexts.createSystemDefault(); >> HttpClientBuilder builder = HttpClientBuilder.create(); >> >> Registry<ConnectionSocketFactory> registry = RegistryBuilder >> .<ConnectionSocketFactory>create() >> .register("https", new >> SSLConnectionSocketFactory(context)) >> .build(); >> >> HttpClientConnectionManager ccm = new >> BasicHttpClientConnectionManager(registry); >> >> builder.setConnectionManager(ccm); >> HttpClient client = builder.build(); >> >> Now I want to get rid of the code that sets the ssl system properties at >> runtime. Here it is assumed that those properties are already set. >> >> But System.getProperty("javax.net.ssl.keyStore") and >> System.getProperty("javax.net.ssl.keyStorePassword") return null at runtime >> and therefore the client cannot call the service properly. >> >> It seems those two properties get overwritten at runtime. TrustStore >> properties are not overwritten and they remain with the same values set >> previously. >> >> Any suggestions for setting the keyStore properties correctly (outside >> the webapp) ? >> >> -- >> >> Tharindu Edirisinghe >> Software Engineer | WSO2 Inc >> Identity Server Team >> mobile : +94 775 181586 >> >> _______________________________________________ >> Dev mailing list >> Dev@wso2.org >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> >> > > > -- > Thanks & Regards, > > *Johann Dilantha Nallathamby* > Associate Technical Lead & Product Lead of WSO2 Identity Server > Integration Technologies Team > WSO2, Inc. > lean.enterprise.middleware > > Mobile - *+94777776950* > Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>* > > _______________________________________________ > Dev mailing list > Dev@wso2.org > http://wso2.org/cgi-bin/mailman/listinfo/dev > > -- Waruna Perera Senior Software Engineer - Test Automation Mobile: +94 77 3867037 WSO2, Inc.; http://wso2.com/ lean . enterprise . middlewear.
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
