Make Client Certificate Trusted by SSL Server
How to make a self-signed client certificate trusted by the SSL server? I want to help Key Manager to send out the client certificate and accepted by the SSL server.
There are several options to make a self-signed certificate trusted by the SSL Server:
Below is a demonstration of the last option:
1. Save the client certificate in a keystore file for the server program to use:
\fyicenter>\local\jdk-1.8.0\bin\keytool -importcert -file client.crt -alias client -keystore client_crt.jks Enter keystore password: fyicenter Re-enter new password: fyicenter Owner: CN=Frank Y. Ivy, OU=IT, O=FYIcenter, L=NA, ST=NA, C=FR Issuer: CN=Frank Y. Ivy, OU=IT, O=FYIcenter, L=NA, ST=NA, C=FR Serial number: 12414e2f Valid from: Sun Jun 25 11:29:50 until: Sat Sep 23 11:29:50 Certificate fingerprints: MD5: C3:C7:4D:06:F5:62:91:3D:C3:25:93:2C:01:BE:EF:B5 SHA1: FF:08:6F:E1:80:C2:72:8D:81:58:21:AF:31:C2:02:AA:CB:02:A8:5E SHA256: 1B:ED:2E:B5:88:0C:8E:B6:A3:29:04:9D:15:B6:B2:C6:5A:14:AF:38:0C:... Signature algorithm name: SHA1withDSA Version: 3 ... Trust this certificate? [no]: yes Certificate was added to keystore
2. Open command window and run SslServerCmd.java with javax.net.ssl.trustStore system property set to client_crt.jks on your local host:
\fyicenter>\local\jdk-1.8.0\bin\java -Djavax.net.ssl.trustStore=client_crt.jks SslServerCmd 8080 Yes USAGE: java SslServerCmd [port [clientAuth]] Listening: port=8080, clientAuth=Yes
3. Open another command window and run SslServerCmd.java on your local host:
\fyicenter>\local\jdk-1.8.0\bin\java -Djavax.net.ssl.trustStore=server_crt.jks SslClientCertificateCmd localhost 8080 /index.html HTTP/1.0 200 OK Content-Type: text/html Content-Length: 40
No more SSL errors. The client program successfully communicated with the server with all messages encrypted. And both the server and client are authenticated by their own certificates.
2018-06-12, 469👍, 0💬
Xalan-Java, Version 2.7.1, is an XSLT processor for transforming XML documents into HTML, text, or o...
How to download and install ojdbc14.jar for Oracle 10g R2? ojdbc14.jar for Oracle 10g R2 is a Java 1...
Where to find answers to frequently asked questions on Download and Installing of FOP 2.0? Here is a...
How to download and install javamail1_1_3.zip? The JavaMail API is a set of abstract APIs that model...
The JDT project provides the tool plug-ins that implement a Java IDE supporting the development of a...