Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsWhite Papers
Discussion GroupsFirst AidDatabasesJavaBeansGUIJava 3DVirtual MachineCORBASecurityToolsGeneral
Java DirectoryOpen Source ProjectsSample Book ChaptersUser GroupsWeb Resources
Related Topics
Databases.NETMore Topics ...
Java Forum / General / January 2006

Tip: Looking for answers? Try searching our database.

Using multiple trust stores for https

Thread view: 
Enable EMail AlertsStart New Thread
Jon Skeet - 26 Jan 2006 09:27 GMT
Hi folks - long time no post.

I'm back in Java-land at the moment, and trying to sort out an SSL
problem. I need to open an https connection using a specific trust
store, but I *don't* want to use the system property of
javax.net.ssl.trustStore, as this shouldn't be an application-wide
setting. I've been poring over the docs for SSLSocketFactory etc but
I'm blowed if I can see what I should be doing.

Everything I've found using Google seems to refer to setting the system
property, apart from one post from November 2000 asking a similar
question and getting no replies.

Any suggestions?

Jon Skeet
Reply to this Message
Arnaud B. - 26 Jan 2006 12:41 GMT
Hi,

Maybe you could search for the apache tomcat implementation :

org.apache.catalina.net.SSLServerSocketFactory

This one seems to have methods to specify KeyStore stuff.

Hope it helps.

Regards,

Arnaud

> Hi folks - long time no post.
>
[quoted text clipped - 12 lines]
>
> Jon Skeet
Reply to this Message
Jon Skeet - 26 Jan 2006 13:19 GMT
> Maybe you could search for the apache tomcat implementation :
>
> org.apache.catalina.net.SSLServerSocketFactory
>
> This one seems to have methods to specify KeyStore stuff.

It's more a case of working where to plug things in. However, I believe
I'm now making progress. I'm using this within the context of Hessian,
and I *think* I've just got to create an SSLContext (which is what I'm
working on now) and then after URL.openConnection has been called, set
the SSLServerSocketFactory on the HttpsURLConnection to be one returned
by the context. I'll have a look at the Tomcat implementation if I run
into trouble though, thanks.

Jon
Reply to this Message
Jon Skeet - 26 Jan 2006 14:35 GMT
> It's more a case of working where to plug things in. However, I believe
> I'm now making progress. I'm using this within the context of Hessian,
> and I *think* I've just got to create an SSLContext (which is what I'm
> working on now) and then after URL.openConnection has been called, set
> the SSLServerSocketFactory on the HttpsURLConnection to be one returned
> by the context.

Just to confirm - I've now done this, and it works fine. You can set up
the context once, cache the SSLSocketFactory returned by
getSocketFactory, set that as the socket factory for an
HttpsURLConnection, and everything is fine.

Jon
Reply to this Message


Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.