You are viewing a plain text version of this content. The canonical link for it is here.
Posted to httpclient-users@hc.apache.org by Jason Blumenkrantz <ja...@onlinebankingsolutions.com> on 2006/10/13 00:11:49 UTC
Downloading SSL certificate for a site
I'm trying to use HttpClient (version 3.0.1) to present my end users
with the SSL certificate for a particular website for visual inspection.
I'm plugging in the EasySSLProtocolSocketFactory and
EasyX509TrustManager in order to connect to sites using self-signed
certificates, but I haven't had any luck figuring out how to get the
certificate chain for a particular URL after executing a GetMethod on
that URL. Using the JSSE HttpsURLConnection I can call
getServerCertificates() to return the certificate chain for a site, what
would be the equivalent for HttpClient?
Thanks in advance,
Jason Blumenkrantz
jason.blumenkrantz@onlinebankingsolutions.com
---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpclient-user-help@jakarta.apache.org
Re: Downloading SSL certificate for a site
Posted by Julius Davies <ju...@gmail.com>.
Just try creating a new SSLSocket() and connecting directly to the port.
Then use SSLSocket.getSession().getPeerCertificates().
So if I wanted the certificate chain from "https://gmail.com", I would do:
SSLSocket s = new SSLSocket( "gmail.com", 443 );
Certificate[] certs = s.getSession().getPeerCertificates();
If you want to deal with self-signed certs, and other challenging SSL
situations, take a look at using other SSLSocketFactories (or writing your
own). Here are some:
http://juliusdavies.ca/commons-ssl/
But you have a point. It would be nice to extract that stuff directly from
httpclient classes.
yours,
Julius
On 10/12/06, Jason Blumenkrantz <
jason.blumenkrantz@onlinebankingsolutions.com> wrote:
>
> I'm trying to use HttpClient (version 3.0.1) to present my end users
> with the SSL certificate for a particular website for visual inspection.
> I'm plugging in the EasySSLProtocolSocketFactory and
> EasyX509TrustManager in order to connect to sites using self-signed
> certificates, but I haven't had any luck figuring out how to get the
> certificate chain for a particular URL after executing a GetMethod on
> that URL. Using the JSSE HttpsURLConnection I can call
> getServerCertificates() to return the certificate chain for a site, what
> would be the equivalent for HttpClient?
>
> Thanks in advance,
> Jason Blumenkrantz
> jason.blumenkrantz@onlinebankingsolutions.com
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: httpclient-user-help@jakarta.apache.org
>
>