a solution for ssl client via java code

Thu, 24 Apr 2008 09:16:59 -0700 

I have worked with the developer, Julius Davies (
http://juliusdavies.ca/commons-ssl/), of the commons-ssl solution which he
currently refers to "not-yet-commons-ssl" to work out a very simple and
resuable solution to develop a java client for ssl based connetions.  This
library encapsulates all the internal ssl connections details.  I am posting
this for the benefit of those who are trying to develop a client
without spring.

1. First download the commons-ssl library from
http://juliusdavies.ca/commons-ssl/download.html and extract the .jar file,
then run the following command:
java -jar not-yet-commons-ssl-0.3.10.jar -t localhost:443 -tm
/yourPathTo/host.crt

2. Then copy the section between -----BEGIN CERTIFICATE----- and -----END
CERTIFICATE----- and put it in a Certificate.java file or whichever way you
prefer.

Then I have provided the code below:
3. Client Code:
                JaxWsProxyFactoryBean factory = new JaxWsProxyFactoryBean();
                factory.setServiceClass( HelloWorld.class );
                factory.setAddress( "https://localhost/services/HelloWorld";
);
                HelloWorld port = (HelloWorld) factory.create();

                Client client = ClientProxy.getClient( port );
                HTTPConduit httpConduit = (HTTPConduit)
client.getConduit();
                TLSClientParameters tlsParams = new TLSClientParameters();
                tlsParams.setSecureSocketProtocol("SSL");
                FiltersType filters = new FiltersType();
                filters.getInclude().add("SSL_RSA_WITH_RC4_128_MD5");
                filters.getInclude().add("SSL_RSA_WITH_RC4_128_SHA");
                tlsParams.setCipherSuitesFilter(filters);


                tlsParams.setTrustManagers( getTrustManagers() );
//<<=====================from step 4.
                httpConduit.setTlsClientParameters(tlsParams);


4. getTrustManagers function:

private TrustManager[] getTrustManagers()
                throws java.security.NoSuchAlgorithmException,
java.security.KeyStoreException, java.io.IOException,
java.security.GeneralSecurityException
        {
                byte[] pemCert = Certificates.pemCert_localhost;
//<<===========comes from your Certificate.java file where you would store
the cert content from step 2.

                TrustChain tc = new TrustChain();
                tc.addTrustMaterial( new TrustMaterial( pemCert ) );
                tc.addTrustMaterial( TrustMaterial.CACERTS );
                return ( TrustManager[] )tc.getTrustManagers();
        }

Reply via email to