You are viewing a plain text version of this content. The canonical link for it is here.

Posted to httpclient-users@hc.apache.org by Xi...@Seagate.com on 2008/03/07 01:12:23 UTC

how to handle server auth during SSL connection through HttpClient

Hi

      I'm quite satisfied with newest HttpClient (version is
httpcomponents-client-4.0-alpha3), but I encounter a difficulty now.

      It supports secure connections with a custom SSL context
(refer to
http://svn.apache.org/repos/asf/httpcomponents/httpclient/trunk/module-client/src/examples/org/apache/http/examples/client/ClientCustomSSL.java
), however, I'd like to know whether it supports Server Authentication. I
mean the server asks for a client certificate during the SSL handshake. Via
latest HttpClient, may I upload a client certificate to server for
authentication? If does, what should I do?

      I need some advice from you.

      Thanks a lot

Thanks & Regards,
Liu Xiao


---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org

Re: how to handle server auth during SSL connection through HttpClient

Posted by Oleg Kalnichevski <ol...@apache.org>.

On Fri, 2008-03-07 at 08:12 +0800, Xiao.L.Liu@Seagate.com wrote:
> Hi
> 
>       I'm quite satisfied with newest HttpClient (version is
> httpcomponents-client-4.0-alpha3), but I encounter a difficulty now.
> 
>       It supports secure connections with a custom SSL context
> (refer to
> http://svn.apache.org/repos/asf/httpcomponents/httpclient/trunk/module-client/src/examples/org/apache/http/examples/client/ClientCustomSSL.java
> ), however, I'd like to know whether it supports Server Authentication. I
> mean the server asks for a client certificate during the SSL handshake. Via
> latest HttpClient, may I upload a client certificate to server for
> authentication?

Yes, you may

>  If does, what should I do?
> 

Create a keystore containing the private key to be used for
authentication with the server and configure the SSLSocketFactory to
load the key from that keystore. 

Do not confuse a keystore with a truststore.

Hope this helps

Oleg  


>       I need some advice from you.
> 
>       Thanks a lot
> 
> Thanks & Regards,
> Liu Xiao
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
> For additional commands, e-mail: httpclient-users-help@hc.apache.org
> 
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org