Categories:
Audio (13)
Biotech (29)
Bytecode (36)
Database (77)
Framework (7)
Game (7)
General (507)
Graphics (53)
I/O (35)
IDE (2)
JAR Tools (101)
JavaBeans (21)
JDBC (121)
JDK (426)
JSP (20)
Logging (108)
Mail (58)
Messaging (8)
Network (84)
PDF (97)
Report (7)
Scripting (84)
Security (32)
Server (121)
Servlet (26)
SOAP (24)
Testing (54)
Web (15)
XML (309)
Collections:
Other Resources:
Client Certificate Authentication Example
How to write a SSL client program that use a client certificate? The SSL is asking for client certificate authentication.
✍: FYIcenter
When an SSL server program is asking for client certificate authentication,
it is usually coded as the following:
serverSocket.setNeedClientAuth(true);
In the SSL client program, you need to follow these steps to provide the client certificate:
1. Load the keystore file that contains the client certificate. Remember to specify the keystore password as shown below:
ks = KeyStore.getInstance("JKS"); ks.load(new FileInputStream("client.jks"), "fyicenter".toCharArray());
2. Create an KeyManagerFactory instance and initialize it with the keystore.
KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509"); kmf.init(ks, "fyicenter".toCharArray());
3. Create an SSLContext instance and initialize it with Key Managers:
SSLContext ctx = SSLContext.getInstance("TLS"); ctx.init(kmf.getKeyManagers(), null, null);
4. Create an SSLServerSocket instance and set it to listen mode to accept incoming client requests:
SSLServerSocketFactory ssf = ctx.getServerSocketFactory(); SSLServerSocket ss = (SSLServerSocket)ssf.createServerSocket(port); SSLSocket socket = (SSLSocket) ss.accept();
Here is the entire sample program code that takes a client certificate key store file and communicates to a SSL server that asks for client certificate:
// Copyright (c) FYIcenter.com import java.net.*; import java.io.*; import javax.net.ssl.*; import java.security.KeyStore; public class SslClientCertificateCmd { public static void main(String[] args) throws Exception { String host = "www.oracle.com"; int port = 443; String url = "http://www.oracle.com/index.html"; if (args.length < 3) { System.out.println("USAGE: java SslClientCmd host port url"); System.exit(-1); } host = args[0]; port = Integer.parseInt(args[1]); url = args[2]; KeyStore ks = KeyStore.getInstance("JKS"); ks.load(new FileInputStream("client.jks"), "fyicenter".toCharArray()); System.out.println(ks.getCertificate("client")); KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509"); kmf.init(ks, "fyicenter".toCharArray()); SSLContext ctx = SSLContext.getInstance("TLS"); ctx.init(kmf.getKeyManagers(), null, null); SSLSocketFactory factory = factory = ctx.getSocketFactory(); SSLSocket socket = (SSLSocket)factory.createSocket(host, port); socket.startHandshake(); PrintWriter out = new PrintWriter(new BufferedWriter( new OutputStreamWriter(socket.getOutputStream()))); out.println("GET "+url+" HTTP/1.1"); out.println(); out.flush(); BufferedReader in = new BufferedReader(new InputStreamReader( socket.getInputStream())); String line = in.readLine(); while (line.length()>0) { System.out.println(line); line = in.readLine(); } in.close(); out.close(); socket.close(); } }d
⇒ Key Manager Not Sending Client Certificate
⇐ Create SSL Client Certificate with "keytool"
2018-06-12, 1508🔥, 0💬
Popular Posts:
How to download and install ojdbc11.jar for Oracle 21c? ojdbc11.jar for Oracle 21c is a Java JDBC Dr...
Java Cryptography Extension 1.6 JAR File Size and Download Location: File name: jce.jar, jce-1.6.jar...
Swingx is the SwingLabs Swing Component Extensions. JAR File Size and Download Location: File name: ...
HttpComponents Client Source Code Files are provided in the source package file, httpcomponents-clie...
How to download and install JDK (Java Development Kit) 1.4? If you want to write Java applications, ...