You are viewing a plain text version of this content. The canonical link for it is here.
Posted to httpclient-users@hc.apache.org by Xi...@Seagate.com on 2008/03/07 01:12:23 UTC
how to handle server auth during SSL connection through HttpClient
Hi
I'm quite satisfied with newest HttpClient (version is
httpcomponents-client-4.0-alpha3), but I encounter a difficulty now.
It supports secure connections with a custom SSL context
(refer to
http://svn.apache.org/repos/asf/httpcomponents/httpclient/trunk/module-client/src/examples/org/apache/http/examples/client/ClientCustomSSL.java
), however, I'd like to know whether it supports Server Authentication. I
mean the server asks for a client certificate during the SSL handshake. Via
latest HttpClient, may I upload a client certificate to server for
authentication? If does, what should I do?
I need some advice from you.
Thanks a lot
Thanks & Regards,
Liu Xiao
---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org
Re: how to handle server auth during SSL connection through
HttpClient
Posted by Oleg Kalnichevski <ol...@apache.org>.
On Fri, 2008-03-07 at 08:12 +0800, Xiao.L.Liu@Seagate.com wrote:
> Hi
>
> I'm quite satisfied with newest HttpClient (version is
> httpcomponents-client-4.0-alpha3), but I encounter a difficulty now.
>
> It supports secure connections with a custom SSL context
> (refer to
> http://svn.apache.org/repos/asf/httpcomponents/httpclient/trunk/module-client/src/examples/org/apache/http/examples/client/ClientCustomSSL.java
> ), however, I'd like to know whether it supports Server Authentication. I
> mean the server asks for a client certificate during the SSL handshake. Via
> latest HttpClient, may I upload a client certificate to server for
> authentication?
Yes, you may
> If does, what should I do?
>
Create a keystore containing the private key to be used for
authentication with the server and configure the SSLSocketFactory to
load the key from that keystore.
Do not confuse a keystore with a truststore.
Hope this helps
Oleg
> I need some advice from you.
>
> Thanks a lot
>
> Thanks & Regards,
> Liu Xiao
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
> For additional commands, e-mail: httpclient-users-help@hc.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org