• Post Reply Bookmark Topic Watch Topic
  • New Topic

HTTPS Certificate Requests  RSS feed

Richard Grey
Posts: 25
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I've got a provider who expects the following. Is this possible, and how do I fulfil their request ?
Me (client) establishes an SSL Connection to provider (server).
Provider (server) is expecting to send me (client) a certificate request to authenticate who I am.
Provider (server) expects me to send a SERVER certificate even though I am a client.
Can they do this ? They can certainly request a client certificate.
Either way, how do I program the certificate sending ? I have all the usual working, ie. me the client verifying the server certificate presented automatically as part of the HTTPS protocol.
Here's a code extract:

import java.io.*;
import java.net.URL;
import java.security.*;
import com.sun.net.ssl.*;
import javax.net.ssl.*;
* TestME
* Test opening a page across HTTPS
public class TestME {
private static final String LOCATION = "https://securehost.com/target.html";

public static void main(String args[]) {

String site = LOCATION;
if (args.length == 1) site = args[0];
System.out.println("URL: " + site);

try {
KeyManager kma [] = null;
TrustManager tma [] = {
new S2TrustManager()
SSLContext sc = SSLContext.getInstance("SSLv3"); // or TLS or SSL or SSLv3
sc.init(null, null, null); // use default security providers
URL location = new URL(site);
HttpsURLConnection shuc = (HttpsURLConnection) location.openConnection();
BufferedReader in = new BufferedReader(new InputStreamReader(location.openStream()));
System.out.println("Reading ...");
String str;
while ((str = in.readLine()) != null) {
System.out.println("Finished Reading");
catch (IOException e) {
catch (KeyManagementException e) {
catch (NoSuchAlgorithmException e) {
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!