Hi All,
I have some problems with secure connections. My jargon might not be at its best in this case coz I am relatively new to SSL and secure
java programming. Here's the situation:
I have a client certificate which I have to include in my code to get access to a secure site. They asked me to create a keystore and a truststore. I created them and stored them in my c: directory for
testing purposes and easy access. I didnt place anything in jre1.5.0_02\lib\security. My piece of code looks like this -
*************************************************************
char[] cert_passphrase = "YOUR_CERT_PASSWORD".toCharArray();
char[] store_passphrase = "YOUR_STORE_PASSWORD_or_changeit".toCharArray();
// SSLContext object, a protocol implementation that behaves as a
// factory for secure socket factories.
SSLContext ctx = SSLContext.getInstance("TLS","SunJSSE");
// Keystore object for the client certificate. Essentially an in-memory
// collection of private keys and any associated certificate chains.
// Use the path to the client (private) .pfx/.p12 certificate file and
// the certificate passphrase.
KeyStore keyStore = KeyStore.getInstance("PKCS12");
keyStore.load(new FileInputStream("C:\\certfile.pfx"), cert_passphrase);
// KeyManagerFactory object needed to associate the client certificate with
// the SSLContext object.
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509", "SunJSSE");
keyManagerFactory.init(keyStore, cert_passphrase);
// Keystore object for the store (to access trusted server certs or CAs).
// Use the path to the global JRE "cacerts" file or a local ".keystore" file
// and the store passphrase.
KeyStore trustedKeyStore = KeyStore.getInstance("JKS");
trustedKeyStore.load( new FileInputStream("C:\\castore.jks"), store_passphrase);
// TrustManagerFactory object needed to associate the root store with the
// SSLContext object
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("SunX509", "SunJSSE");
trustManagerFactory.init(trustedKeyStore);
// Associate both the client certificate and the root store with the
// SSLContext object
ctx.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);
// Create an SSLSocketFactory using the SSLContext object and use that
// factory as the default factory for HTTPS connections.
SSLSocketFactory sslSocketFactory = ctx.getSocketFactory();
HttpsURLConnection.setDefaultSSLSocketFactory(sslSocketFactory);
// Choose either the beta or production target POST URL
URL url = new URL("https://www.credcoconnect.com/CGI-BIN/CCListener.exe");
// URL url = new URL("https://beta.credcoconnect.com/CGI-BIN/CCListener.exe");
// Create a URLConnection object, enable I/O, disable caching, set the Content-Type
URLConnection c = url.openConnection();
c.setDoInput(true);
c.setDoOutput(true);
c.setUseCaches(false);
********************************************************************
now...all of the above validates fine....doesn't throw exceptions anywhere but after - when I try to get an outputStream as in
************************************************************
OutputStream out = c.getOutputStream();
************************************************************
I get the following error:
sun.security.validator.ValidatorException: No trusted certificate found
and yes I do have the certificate in my IE - internet options - content - certificates and it is valid till 2007.
Should I place the certificate in the jre? is that a must? I might be doing something really stupid here...hehee...but any help would be really appreciated.
