Programmatically specify client cert as part of web service call

Thread view:

Tom - 01 Jan 2004 20:41 GMT

I have several client certs in my certstore/cacert files and would
like to programmatically specify which should be included in a WS
call. I would like to do this independent of the server requiring
SSL.

This is possible in .NET using the ClientCertificates collection of
the SoapHttpClientProtocol class. I haven't found the java
equivalent.

Reply to this Message

Tom - 11 Jan 2004 08:11 GMT

> I have several client certs in my certstore/cacert files and would
> like to programmatically specify which should be included in a WS
[quoted text clipped - 4 lines]
> the SoapHttpClientProtocol class. I haven't found the java
> equivalent.

Ok, forget about selecting a specific cert to use; I can't even a
single cert to work. Here's what I have so far:

<codeSnippet>
TrustManager[] trustManagers = <uses .pks file>
KeyManager[] keyManagers = <used .p12 file>

try
{
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(keyManagers, trustManagers, new java.security.SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
}
catch (Exception ex) { ... }
</codeSnippet>

I have confirmed that the TrustManager is using the certs in the .pks
for the SSL handshake. However, no local cert is being sent.

Reply to this Message

Michael Amling - 11 Jan 2004 13:31 GMT

>>I have several client certs in my certstore/cacert files and would
>>like to programmatically specify which should be included in a WS
[quoted text clipped - 11 lines]
> TrustManager[] trustManagers = <uses .pks file>
> KeyManager[] keyManagers = <used .p12 file>

"used"? or "uses"?

>
> try
[quoted text clipped - 8 lines]
> I have confirmed that the TrustManager is using the certs in the .pks
> for the SSL handshake. However, no local cert is being sent.

--Mike Amling

Reply to this Message

Programmatically specify client cert as part of web service call

Free Magazines