On Wed, 2007-11-28 at 20:08 -0800, Raul Acevedo wrote: > Is there a way to do client authentication with HttpClient without > setting javax.net.ssl.keyStore? > > I tried the following code after building the contrib files: > > HttpClient httpClient = new HttpClient(); > URL keyStoreURL = new URL("file:/home/raul/keyStore.jks"); > URL trustStoreURL = new URL("file:/home/raul/trustStore.jks"); > AuthSSLProtocolSocketFactory socketFactory = > new AuthSSLProtocolSocketFactory( > keyStoreURL, "keyStorePassword", trustStoreURL, > "trustStorePassword"); > Protocol httpsProtocol = new Protocol(url.getProtocol(), socketFactory, > url.getPort()); > httpClient.getHostConfiguration().setHost(url.getHost(), url.getPort(), > httpsProtocol); > > But this fails with: > > java.net.SocketException: Default SSL context init failed: null > > Thanks, > > Raul Acevedo > http://www.cantara.com >
Paul, (1) Keystore is optional. You can safely omit it. (2) Implement a custom trust manager that trusts anything. This way you will not need a truststore. (3) Implement your own protocol socket factory that initializes the SSL context with your own trust-anything trust manager. You can use EasySSLProtocolSocketFactory as a starting point. Hope this helps, Oleg > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]