I am developing an application that must connect to an http server using ssl (https). During testing without packaging the application as a jar file everything works fine. As I am using the following code to specify the keystore file: System.setProperty("javax.net.ssl.trustStore", "/absolute/file/location/java/application/keystore"); But when the code gets put into a jar file and tranfered to another machine with a different file system layout... how do I set the system property in a machine independant way? Please someone help me on this one, as I've been banging my head way too long...
Welcome to JavaRanch, adrian! This is probably a little bit above the concerns of a typical Java greenhorn. I'm moving this to the intermediate forum...
Unfortunately the javax.net.ssl.trustStore property cannot read the data from classpath but expect it to be a file path. So it means there is no machine independent way to specify the path.
Best way is to take the below line,
out of your code base and specify property using command line while starting the JVM as below.
The general question is how to find the location of a file on a new/different system. 1) If you know the filename, you could search all possible paths. 2) Ask someone where it is when you install the program and save it's location somewhere. Does Preferences do this?
The thing is that I won't know the exact location because the keystore is inside a jar file for a web-start application. I could force the users of the application to install a certificate on their local vm, but this is not very user-friendly.
However, I tried something like this code, but it doesn't work. Am I on to something here?
@Nils Lasgard:
Your code above works for me. I'm not sure why it didn't work for you.
You can also use:
SSLContext sc = SSLContext.getInstance("TLS");
instead of:
SSLContext sc = SSLContext.getInstance("SSL");
I'm not sure if that makes any difference (it works for me either way).
And you can also use:
SSLContext.setDefault(sc);
instead of:
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
to use the specified trust store for all SSL connections rather than just HttpsURLConnections.
no, but there are many other guys who search the internet to solve the same problem and are glad to get as much as information that are necessary. in other words: every post might be helpfull and the date of postings doesn't matter in these cases.
best regards
PAX
"Wenn man irgendwann mal von allen akzeptiert wird, dann weiß man, dass man irgendwas falsch gemacht hat." Excerpt by: Mr. Weidner
If you look at the link I posted many years ago, you will see we have changed our tune: we now recognised the potential usefulness of old posts and how they can be rediscovered ten years later and still provide valuable information.
So I left, I came home, and I ate some pie. And then I read this tiny ad: