 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
Java Forum / General / September 2006SSL Client certificate
Hi. I must connect to an ssl Server using a client certificate. Of course, if I ask you for help, it's that it didn't work. So, here is how I done. Could somebody point me on the wrong step ? Thanks in advance ... 1/ First, I created a key : keytool -genkey -keyalg rsa -keystore storefile -storepass storepass -alias mykey 2/ I created a certificate request keytool -certreq -keystore storefile -storepass storepass -alias mykey -file mykey.csr 3/ I send the generated file wich contains -----BEGIN NEW CERTIFICATE REQUEST----- MIIBiDCB8gIBADBJMQswCQYDVQQGEwJGUjEKMAgGA1UECBMBRTEKMAgGA1UEBxMBRDEKMAgGA1UE ChMBQzEKMAgGA1UECxMBQjEKMAgGA1UEAxMBQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA qfU4WrHE1QuUCR2yvAnzNEDUWqJgWxwpKjR1gkTA/D1tL4ftAmkzQ1YIdVwCp1u8sjhR2mkjnOIt rp9jsuJ2/skqRjjv9GwUxrR3KBhxcBUeBFnypkbXbu3N9vbuIheaYfRIJdfqXO/BhVtBf9+tyito WvAJuj5WqtiAWK4hvJECAwEAAaAAMA0GCSqGSIb3DQEBBAUAA4GBAHEjlA8CVt697VlHI7uW2Cqm mnGv5IsFIi+b8gtXHuL8RnZkcUf4mlyyt/MTutHI9mL4be18J7jMWL7gp/DLhf/7629sGAxlk6jK cHp1brpEygaTox1tvnooOQL0axvUWP5aMSFYS1eM9FVL7rJXj4LtywAh5ZRcPCF1SlIQocRx -----END NEW CERTIFICATE REQUEST----- to the webmaster of the site I have to connect to. 4/ He send my back a crt I imported keytool -import -keystore storefile -storepass storepass -alias mykey-crt -file mykey.crt 5/ I try to connect : System.setProperty("javax.net.ssl.trustStore","~/storefile"); System.setProperty("javax.net.ssl.keyStore","~/storefile"); System.setProperty("javax.net.ssl.keyStorePassword","mykey6"); System.setProperty("javax.net.debug", "ssl,keymanager"); URL u = new URL("https://<url>"); URLConnection c = u.openConnection(); InputStream i = c.getInputStream(); BufferedReader reader = new BufferedReader(new InputStreamReader(i)); String ligne; while ((ligne = reader.readLine()) != null) { System.out.println(ligne.trim()); } i.close(); result : java.io.IOException: Server returned HTTP response code: 403 for URL: https://<url> at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1149) at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:234) at x509.Elvia.main(Elvia.java:23) I tried to separate truststore and keystore, having only the crt in keystore but nothing works. Do I use the right method ? I don't understand why I don't I don't just send a public key to the webmaster ... Mike > 5/ I try to connect : > > System.setProperty("javax.net.ssl.trustStore","~/storefile"); > System.setProperty("javax.net.ssl.keyStore","~/storefile"); Java doesn't understand "~". The keypair and the signed certificate must be in the keystore. That's a *source* of authentication certificates. The truststore is where you check *incoming* certificates. Very different functions. Apart from the above your process was OK. Free MagazinesGet these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...
|
Reply to this Message
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.