Categories:
Audio (13)
Biotech (29)
Bytecode (36)
Database (77)
Framework (7)
Game (7)
General (507)
Graphics (53)
I/O (35)
IDE (2)
JAR Tools (101)
JavaBeans (21)
JDBC (121)
JDK (426)
JSP (20)
Logging (108)
Mail (58)
Messaging (8)
Network (84)
PDF (97)
Report (7)
Scripting (84)
Security (32)
Server (121)
Servlet (26)
SOAP (24)
Testing (54)
Web (15)
XML (309)
Collections:
Other Resources:
Client Certificate Authentication Example
How to write a SSL client program that use a client certificate? The SSL is asking for client certificate authentication.
✍: FYIcenter
When an SSL server program is asking for client certificate authentication, it is usually coded as the following:
serverSocket.setNeedClientAuth(true);
In the SSL client program, you need to follow these steps to provide the client certificate:
1. Load the keystore file that contains the client certificate. Remember to specify the keystore password as shown below:
ks = KeyStore.getInstance("JKS"); ks.load(new FileInputStream("client.jks"), "fyicenter".toCharArray());
2. Create an KeyManagerFactory instance and initialize it with the keystore.
KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509"); kmf.init(ks, "fyicenter".toCharArray());
3. Create an SSLContext instance and initialize it with Key Managers:
SSLContext ctx = SSLContext.getInstance("TLS"); ctx.init(kmf.getKeyManagers(), null, null);
4. Create an SSLServerSocket instance and set it to listen mode to accept incoming client requests:
SSLServerSocketFactory ssf = ctx.getServerSocketFactory(); SSLServerSocket ss = (SSLServerSocket)ssf.createServerSocket(port); SSLSocket socket = (SSLSocket) ss.accept();
Here is the entire sample program code that takes a client certificate key store file and communicates to a SSL server that asks for client certificate:
// Copyright (c) FYIcenter.com import java.net.*; import java.io.*; import javax.net.ssl.*; import java.security.KeyStore; public class SslClientCertificateCmd { public static void main(String[] args) throws Exception { String host = "www.oracle.com"; int port = 443; String url = "http://www.oracle.com/index.html"; if (args.length < 3) { System.out.println("USAGE: java SslClientCmd host port url"); System.exit(-1); } host = args[0]; port = Integer.parseInt(args[1]); url = args[2]; KeyStore ks = KeyStore.getInstance("JKS"); ks.load(new FileInputStream("client.jks"), "fyicenter".toCharArray()); System.out.println(ks.getCertificate("client")); KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509"); kmf.init(ks, "fyicenter".toCharArray()); SSLContext ctx = SSLContext.getInstance("TLS"); ctx.init(kmf.getKeyManagers(), null, null); SSLSocketFactory factory = factory = ctx.getSocketFactory(); SSLSocket socket = (SSLSocket)factory.createSocket(host, port); socket.startHandshake(); PrintWriter out = new PrintWriter(new BufferedWriter( new OutputStreamWriter(socket.getOutputStream()))); out.println("GET "+url+" HTTP/1.1"); out.println(); out.flush(); BufferedReader in = new BufferedReader(new InputStreamReader( socket.getInputStream())); String line = in.readLine(); while (line.length()>0) { System.out.println(line); line = in.readLine(); } in.close(); out.close(); socket.close(); } }d
⇒ Key Manager Not Sending Client Certificate
⇐ Create SSL Client Certificate with "keytool"
2018-06-12, 1467🔥, 0💬
Popular Posts:
What Is log4j-1.2.15.jar? I got the JAR file from apache-log4j-1.2.15.zip. log4j-1.2.15.jar is the v...
commons-collections4-4.4 -sources.jaris the source JAR file for Apache Commons Collections 4.2, whic...
JDOM provides a solution for using XML from Java that is as simple as Java itself. There is no compe...
How to merge two JAR files with "jar" commands? I am tired of specifying multiple JAR files in the c...
The Web Services Description Language for Java Toolkit (WSDL4J), Release 1.6.2, allows the creation,...