Connect to an HTTPS Server

Thread view:

Enable EMail Alerts

Start New Thread

josephjelsy@gmail.com - 10 Apr 2006 06:44 GMT

please help me on how to connect to an HTTPS Server using Java

Reply to this Message

Tomek - 10 Apr 2006 10:46 GMT

Hi
Create the client as usual ( just like a regular http connection ) and
run this clien with parameters :
java -Djavax.net.ssl.trustStore=myCertStore.jks
-Djavax.net.ssl.trustStorePassword=myKeyStorePassword -jar
MyClient.jar
Assuming you have the server key in you keystore.

Reply to this Message

Roedy Green - 10 Apr 2006 18:02 GMT

>Create the client as usual ( just like a regular http connection ) and
>run this clien with parameters :
>java -Djavax.net.ssl.trustStore=myCertStore.jks
>-Djavax.net.ssl.trustStorePassword=myKeyStorePassword -jar
>MyClient.jar
>Assuming you have the server key in you keystore.

Is this the way you set up a server or client? I thought you did not
need any sort of cert to be the client.

Signature

Canadian Mind Products, Roedy Green.
http://mindprod.com Java custom programming, consulting and coaching.

Reply to this Message

Juha Laiho - 10 Apr 2006 19:43 GMT

Roedy Green <my_email_is_posted_on_my_website@munged.invalid> said:

>>Create the client as usual ( just like a regular http connection ) and
>>run this clien with parameters :
[quoted text clipped - 5 lines]
>Is this the way you set up a server or client? I thought you did not
>need any sort of cert to be the client.

The client needs to have CA certificates to verify the authenticity of
the server certificate - thus the trustStore. Similarly regular browsers
have quite a pile of preinstalled CA certificates; otherwise there would
be no protection against site spoofing; there would only be protection
against traffic eavesdropping.

Signature

Wolf a.k.a. Juha Laiho Espoo, Finland
(GC 3.0) GIT d- s+: a C++ ULSH++++$ P++@ L+++ E- W+$@ N++ !K w !O !M V
PS(+) PE Y+ PGP(+) t- 5 !X R !tv b+ !DI D G e+ h---- r+++ y++++
"...cancel my subscription to the resurrection!" (Jim Morrison)

Reply to this Message

Roedy Green - 10 Apr 2006 23:20 GMT

On Mon, 10 Apr 2006 18:43:27 +0000 (UTC), Juha Laiho
<Juha.Laiho@iki.fi> wrote, quoted or indirectly quoted someone who
said :

>The client needs to have CA certificates to verify the authenticity of
>the server certificate - thus the trustStore. Similarly regular browsers
>have quite a pile of preinstalled CA certificates; otherwise there would
>be no protection against site spoofing; there would only be protection
>against traffic eavesdropping.

slightly off topic, but I downloaded Opera 8.54 and it seems finally
to have its SSL act together, and least enough to work with my credit
union finally.

Signature

Canadian Mind Products, Roedy Green.
http://mindprod.com Java custom programming, consulting and coaching.

Reply to this Message

Missaka Wijekoon - 11 Apr 2006 07:47 GMT

snip

>>Create the client as usual ( just like a regular http connection ) and
>>run this clien with parameters :
[quoted text clipped - 5 lines]
> Is this the way you set up a server or client? I thought you did not
> need any sort of cert to be the client.

If the HTTPS server's key was signed using a valid certificate authority
(i.e from Verisign, Thawte or whatever comes with Java) then the client
does not need anything.

Reply to this Message

Juha Laiho - 12 Apr 2006 20:55 GMT

Missaka Wijekoon <nntp@wijekoon.com> said:

>snip
>>>Create the client as usual ( just like a regular http connection ) and
[quoted text clipped - 9 lines]
>(i.e from Verisign, Thawte or whatever comes with Java) then the client
>does not need anything.

... no; the client still needs the corresponding CA certificates.
However, a number of these are provided with the Java environment;
f.ex. the cacerts file provided with 1.5.0_06 distribution appears to
contain 33 CA certificate entries. If you remove those, not even
Verisign or Thawte certificates work.

Signature

Reply to this Message

Connect to an HTTPS Server

Free Magazines