On Wed, 2007-11-28 at 20:08 -0800, Raul Acevedo wrote:
> Is there a way to do client authentication with HttpClient without
> setting javax.net.ssl.keyStore?
>
> I tried the following code after building the contrib files:
>
> HttpClient httpClient = new HttpClient();
> URL keyStoreURL = new URL("file:/home/raul/keyStore.jks");
> URL trustStoreURL = new URL("file:/home/raul/trustStore.jks");
> AuthSSLProtocolSocketFactory socketFactory =
> new AuthSSLProtocolSocketFactory(
> keyStoreURL, "keyStorePassword", trustStoreURL,
> "trustStorePassword");
> Protocol httpsProtocol = new Protocol(url.getProtocol(), socketFactory,
> url.getPort());
> httpClient.getHostConfiguration().setHost(url.getHost(), url.getPort(),
> httpsProtocol);
>
> But this fails with:
>
> java.net.SocketException: Default SSL context init failed: null
>
> Thanks,
>
> Raul Acevedo
> http://www.cantara.com
>
Paul,
(1) Keystore is optional. You can safely omit it.
(2) Implement a custom trust manager that trusts anything. This way you
will not need a truststore.
(3) Implement your own protocol socket factory that initializes the SSL
context with your own trust-anything trust manager. You can use
EasySSLProtocolSocketFactory as a starting point.
Hope this helps,
Oleg
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
