Win a copy of The Way of the Web Tester: A Beginner's Guide to Automating Tests this week in the Testing forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Client SSL certificates without keystores

Don Henderson
Posts: 2
Chrome Eclipse IDE Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
posted Today 15:03:33
Hi all - new here!
I know this is a can of worms, but I'm implementing an API in an android app, which needs client authentication using a certificate.
I really don't want to use keystores and truststores and bouncy castle etc as it only adds complexity - this needs to be run at startup, and should be as quick and painless as possible. I don't want to depend on a whole JAR just for that functionality.

So, in any other language (thinking Ruby and C in particular), I can just read the .pem from a file, or even hard-code it in.
I've read about the Certificate, X509Certificate and SSLSocketFactory in java/android, but there doesn't seem to be an easy way to just present this to a client and say "go for it".

Has anyone done this, either in "android java" or even normal java who could give me some pointers or a code snippet. Eternal love and appreciation will go the way of anyone who can.

  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic