Hi All,
I'm trying to implement a Https Asynchronous server. I am using the example
- Asynchronous HTTP server.
It is not a requirement that I implement certificate validation, I just need
to be able to accept files on port 443.
Do I need to still provide the following code?
ClassLoader cl = NHttpServer.class.getClassLoader();
URL url = cl.getResource("my.keystore");
if (url == null) {
System.out.println("Keystore not found");
System.exit(1);
}
KeyStore keystore = KeyStore.getInstance("jks");
keystore.load(url.openStream(), "secret".toCharArray());
KeyManagerFactory kmfactory = KeyManagerFactory.getInstance(
KeyManagerFactory.getDefaultAlgorithm());
kmfactory.init(keystore, "secret".toCharArray());
KeyManager[] keymanagers = kmfactory.getKeyManagers();
If I initialise my SSLContext without using the keymanagers, I am not able
to connect using curl.
SSLContext sslcontext = SSLContext.getInstance("TLS");
sslcontext.init(null, null, null);
connFactory = new SSLNHttpServerConnectionFactory(sslcontext,
null, ConnectionConfig.DEFAULT);
[root@localhost ~]# curl -v -i -k https://<ip>:443/getStatus
* About to connect() to <ip> port 443 (#0)
* Trying <ip>... connected
* Connected to <ip> (<ip>) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* warning: ignoring value of ssl.verifyhost
* NSS error -5938
* Closing connection #0
* SSL connect error
What is the best way to do this?
Thanks, Jax.
--
View this message in context:
http://httpcomponents.10934.n7.nabble.com/Https-server-tp23868.html
Sent from the HttpClient-User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
