You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Oliver Schoenwald <ol...@FernUni-Hagen.de> on 2005/11/16 16:33:03 UTC

How to add client certificate to use in Servlets

Hello,

I'm using Tomcat 5.5.4 and have implemented a webapplication that 
connects to other
servers to look for the existence of certain URLs and to load soap-data 
using the Jakarta Axis-Library.
Now there is a remote server reachable via an https-adress, and that 
server should accept client
certificate-based authentication. And here is where I'm lost for now. I 
have a client certificate in
pem-format (but I can have any other format, too, if I need).

So far I only found information about how to add server certificates to 
a keystore-file and how
to set tomcat to use that file for its own https-connector.

Question: How do I tell Tomcat to use that client certificate when a 
servlet connects to that
remote server? What format should the client certificate have?


Thank you in advance,

Oliver Schoenwald
University of Hagen


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org

Re: How to add client certificate to use in Servlets

Posted by Markus Plail <pl...@web.de>.

Hi Oliver!

Oliver Schoenwald <ol...@FernUni-Hagen.de> writes:
> I'm using Tomcat 5.5.4 and have implemented a webapplication that
> connects to other servers to look for the existence of certain URLs
> and to load soap-data using the Jakarta Axis-Library.  Now there is a
> remote server reachable via an https-adress, and that server should
> accept client certificate-based authentication. And here is where I'm
> lost for now. I have a client certificate in pem-format (but I can
> have any other format, too, if I need).
>
> So far I only found information about how to add server certificates
> to a keystore-file and how to set tomcat to use that file for its own
> https-connector.
>
> Question: How do I tell Tomcat to use that client certificate when a
> servlet connects to that remote server? What format should the client
> certificate have?

Do you want to use a webservice on the remote server or download a file
via https? In the latter case I can't help, but in the former case it's
as simple as that:

System.setProperty("javax.net.ssl.trustStore", trustStore.getAbsolutePath());
System.setProperty("javax.net.ssl.keyStore", keyStore.getAbsolutePath());
System.setProperty("javax.net.ssl.keyStoreType", "PKCS12");
System.setProperty("javax.net.ssl.keyStorePassword", keyStorePassword);

The truststore contains the certificates of servers you trust and the
keystore contains your certificate that is trusted by the server.

regards
Markus


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org