You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@hc.apache.org by Marc Boorshtein <ma...@octetstring.com> on 2004/06/07 14:43:41 UTC
Retrieving server side certificate durring handshake?
Hello,
I have the http libraries working with SSL, but I need to be able to
retrieve the server's certificate on connection. I looked at the easy
ssl protocol handler, but I didn't see anything that let me do this.
Am I missing something, or is this handled at the JSSE level?
Thanks
------------------------------------------------------------------------
--------------------------
Marc Boorshtein
Sr. Software Engineer, Octet String
marc.boorshtein@octetstring.com
---------------------------------------------------------------------
To unsubscribe, e-mail: commons-httpclient-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: commons-httpclient-dev-help@jakarta.apache.org
Re: Retrieving server side certificate durring handshake?
Posted by Marc Boorshtein <ma...@octetstring.com>.
great! Basically I want to implement "browser" style functionality
where if a cert isn't signed by someone in the trust store, then it can
either be imported and accepted or rejected. I already have code for
managing the keystore side of things and am looking at how to use an
SSL Factory to accomplish this. From the looks of it it seems I can
implement my own TrustStore that can be used as a pass through between
HttpClient and the user's keystore.
------------------------------------------------------------------------
--------------------------
Marc Boorshtein
Sr. Software Engineer, Octet String
marc.boorshtein@octetstring.com
On Jun 7, 2004, at 7:50 AM, Roland Weber wrote:
> Hello Marc,
>
> the latter is the case. For the HTTP protocol, the certificate
> doesn't matter. Once the secure connection is established,
> HttpClient just uses it. Whether any certificates were involved
> when the factory established the connection is of no interest
> to HttpClient. You may have to implement your own protocol
> factory. Whether it will be possible to determine the factory
> level information for a connection, I cannot tell. If not, let us
> know and we'll discuss what hooks should be added.
>
> cheers,
> Roland
>
>
>
>
>
>
> Marc Boorshtein <ma...@octetstring.com>
> 07.06.2004 14:43
> Please respond to "Commons HttpClient Project"
>
> To: commons-httpclient-dev@jakarta.apache.org
> cc:
> Subject: Retrieving server side certificate durring
> handshake?
>
>
> Hello,
>
> I have the http libraries working with SSL, but I need to be able to
> retrieve the server's certificate on connection. I looked at the easy
> ssl protocol handler, but I didn't see anything that let me do this.
> Am I missing something, or is this handled at the JSSE level?
>
> Thanks
>
> -----------------------------------------------------------------------
> -
> --------------------------
> Marc Boorshtein
> Sr. Software Engineer, Octet String
> marc.boorshtein@octetstring.com
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail:
> commons-httpclient-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail:
> commons-httpclient-dev-help@jakarta.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: commons-httpclient-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: commons-httpclient-dev-help@jakarta.apache.org
Re: Retrieving server side certificate durring handshake?
Posted by Roland Weber <RO...@de.ibm.com>.
Hello Marc,
the latter is the case. For the HTTP protocol, the certificate
doesn't matter. Once the secure connection is established,
HttpClient just uses it. Whether any certificates were involved
when the factory established the connection is of no interest
to HttpClient. You may have to implement your own protocol
factory. Whether it will be possible to determine the factory
level information for a connection, I cannot tell. If not, let us
know and we'll discuss what hooks should be added.
cheers,
Roland
Marc Boorshtein <ma...@octetstring.com>
07.06.2004 14:43
Please respond to "Commons HttpClient Project"
To: commons-httpclient-dev@jakarta.apache.org
cc:
Subject: Retrieving server side certificate durring
handshake?
Hello,
I have the http libraries working with SSL, but I need to be able to
retrieve the server's certificate on connection. I looked at the easy
ssl protocol handler, but I didn't see anything that let me do this.
Am I missing something, or is this handled at the JSSE level?
Thanks
------------------------------------------------------------------------
--------------------------
Marc Boorshtein
Sr. Software Engineer, Octet String
marc.boorshtein@octetstring.com
---------------------------------------------------------------------
To unsubscribe, e-mail:
commons-httpclient-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail:
commons-httpclient-dev-help@jakarta.apache.org