You are viewing a plain text version of this content. The canonical link for it is here.
Posted to httpclient-users@hc.apache.org by da...@gmx.net on 2006/09/07 11:14:23 UTC
read certificate from pkcs#12 and bind to a SSL socket
hi,
I read the documentation about the SSL in HttpClient.
I am not sure, but I think I have to create a
MySSLSocketFactory <object> if I want to
authentificate with a certificate at a server.
My problem is how to read a certificate from a
PKCS#12 file and bind it to this <object>.
I found something at the Sun pages to read this kind
of file with the keytool and export the certificate.
There was also something how to create a truststore
with the keytool, and how to import the root
certificate from the server.
Is there a way HttpClient supports me by creating
or reading this kind of files ?
The handling with the keytool looks not that nice :)
bastian
----
subquestion :
hopefully the subquestion will not look to silly on me,
but is there a way to search the whole mailing list?
--
"Feel free" – 10 GB Mailbox, 100 FreeSMS/Monat ...
Jetzt GMX TopMail testen: http://www.gmx.net/de/go/topmail
---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpclient-user-help@jakarta.apache.org
Re: read certificate from pkcs#12 and bind to a SSL socket
Posted by Oleg Kalnichevski <ol...@apache.org>.
On Thu, 2006-09-07 at 11:30 +0200, Roland Weber wrote:
> Hello Bastian,
>
> > I am not sure, but I think I have to create a
> > MySSLSocketFactory <object> if I want to
> > authentificate with a certificate at a server.
>
> No. You have to implement _your_own_ SSLSocketFactory.
> Rename MySSLSocketFactory to a name of your choice
> and add any code you need there.
>
> > My problem is how to read a certificate from a
> > PKCS#12 file and bind it to this <object>.
> >
> > I found something at the Sun pages to read this kind
> > of file with the keytool and export the certificate.
>
> Then add that code to your SSLSocketFactory.
>
> > There was also something how to create a truststore
> > with the keytool, and how to import the root
> > certificate from the server.
> >
> > Is there a way HttpClient supports me by creating
> > or reading this kind of files ?
>
> No. HttpClient is for HTTP, not for PKCS or SSL.
> The scope of HttpClient is also explained in the primer:
> http://wiki.apache.org/jakarta-httpclient/ForAbsoluteBeginners#head-e5df784207b3082d88f0c254a0b656275c2b2855
>
Bastian,
There is a set of SSL components developed by Julius Davies, which you
may find useful
http://juliusdavies.ca/commons-ssl/
Oleg
> cheers,
> Roland
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: httpclient-user-help@jakarta.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpclient-user-help@jakarta.apache.org
Re: read certificate from pkcs#12 and bind to a SSL socket
Posted by Roland Weber <RO...@de.ibm.com>.
Hello Bastian,
> I am not sure, but I think I have to create a
> MySSLSocketFactory <object> if I want to
> authentificate with a certificate at a server.
No. You have to implement _your_own_ SSLSocketFactory.
Rename MySSLSocketFactory to a name of your choice
and add any code you need there.
> My problem is how to read a certificate from a
> PKCS#12 file and bind it to this <object>.
>
> I found something at the Sun pages to read this kind
> of file with the keytool and export the certificate.
Then add that code to your SSLSocketFactory.
> There was also something how to create a truststore
> with the keytool, and how to import the root
> certificate from the server.
>
> Is there a way HttpClient supports me by creating
> or reading this kind of files ?
No. HttpClient is for HTTP, not for PKCS or SSL.
The scope of HttpClient is also explained in the primer:
http://wiki.apache.org/jakarta-httpclient/ForAbsoluteBeginners#head-e5df784207b3082d88f0c254a0b656275c2b2855
cheers,
Roland
---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpclient-user-help@jakarta.apache.org