Categories:
Audio (13)
Biotech (29)
Bytecode (36)
Database (77)
Framework (7)
Game (7)
General (507)
Graphics (53)
I/O (35)
IDE (2)
JAR Tools (101)
JavaBeans (21)
JDBC (121)
JDK (426)
JSP (20)
Logging (108)
Mail (58)
Messaging (8)
Network (84)
PDF (97)
Report (7)
Scripting (84)
Security (32)
Server (121)
Servlet (26)
SOAP (24)
Testing (54)
Web (15)
XML (309)
Collections:
Other Resources:
Client Certificate Authentication Example
How to write a SSL client program that use a client certificate? The SSL is asking for client certificate authentication.
✍: FYIcenter
When an SSL server program is asking for client certificate authentication, it is usually coded as the following:
serverSocket.setNeedClientAuth(true);
In the SSL client program, you need to follow these steps to provide the client certificate:
1. Load the keystore file that contains the client certificate. Remember to specify the keystore password as shown below:
ks = KeyStore.getInstance("JKS"); ks.load(new FileInputStream("client.jks"), "fyicenter".toCharArray());
2. Create an KeyManagerFactory instance and initialize it with the keystore.
KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509"); kmf.init(ks, "fyicenter".toCharArray());
3. Create an SSLContext instance and initialize it with Key Managers:
SSLContext ctx = SSLContext.getInstance("TLS"); ctx.init(kmf.getKeyManagers(), null, null);
4. Create an SSLServerSocket instance and set it to listen mode to accept incoming client requests:
SSLServerSocketFactory ssf = ctx.getServerSocketFactory(); SSLServerSocket ss = (SSLServerSocket)ssf.createServerSocket(port); SSLSocket socket = (SSLSocket) ss.accept();
Here is the entire sample program code that takes a client certificate key store file and communicates to a SSL server that asks for client certificate:
// Copyright (c) FYIcenter.com import java.net.*; import java.io.*; import javax.net.ssl.*; import java.security.KeyStore; public class SslClientCertificateCmd { public static void main(String[] args) throws Exception { String host = "www.oracle.com"; int port = 443; String url = "http://www.oracle.com/index.html"; if (args.length < 3) { System.out.println("USAGE: java SslClientCmd host port url"); System.exit(-1); } host = args[0]; port = Integer.parseInt(args[1]); url = args[2]; KeyStore ks = KeyStore.getInstance("JKS"); ks.load(new FileInputStream("client.jks"), "fyicenter".toCharArray()); System.out.println(ks.getCertificate("client")); KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509"); kmf.init(ks, "fyicenter".toCharArray()); SSLContext ctx = SSLContext.getInstance("TLS"); ctx.init(kmf.getKeyManagers(), null, null); SSLSocketFactory factory = factory = ctx.getSocketFactory(); SSLSocket socket = (SSLSocket)factory.createSocket(host, port); socket.startHandshake(); PrintWriter out = new PrintWriter(new BufferedWriter( new OutputStreamWriter(socket.getOutputStream()))); out.println("GET "+url+" HTTP/1.1"); out.println(); out.flush(); BufferedReader in = new BufferedReader(new InputStreamReader( socket.getInputStream())); String line = in.readLine(); while (line.length()>0) { System.out.println(line); line = in.readLine(); } in.close(); out.close(); socket.close(); } }d
⇒ Key Manager Not Sending Client Certificate
⇐ Create SSL Client Certificate with "keytool"
2018-06-12, 1339🔥, 0💬
Popular Posts:
Old version of xml-apis.jar. JAR File Size and Download Location: File name: xmlParserAPIs.jar File ...
JDK 6 tools.jar is the JAR file for JDK 6 tools. It contains Java classes to support different JDK t...
ASM is an all purpose Java bytecode manipulation and analysis framework. It can be used to modify ex...
What Is jaxb-impl-2.1.12.jar? Java Architecture for XML Binding (JAXB) is a Java API that allows Jav...
What JAR files are required to run dom\Counter.java provided in the Apache Xerces package? You can f...