Win a copy of Svelte and Sapper in Action this week in the JavaScript forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Ron McLeod
  • Paul Clapham
  • Bear Bibeault
  • Junilu Lacar
Sheriffs:
  • Jeanne Boyarsky
  • Tim Cooke
  • Henry Wong
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • salvin francis
  • Frits Walraven
Bartenders:
  • Scott Selikoff
  • Piet Souris
  • Carey Brown

Basic auth + ssl on client side

 
Ranch Hand
Posts: 491
5
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Basic, I need to set up basic auth + ssl on client side:

Thru GOOGLE, I got below code works for ssl part.

Basically, trustStore has the server public cerficate/key imported.

Am a beginnger in this area

1. is there any other way doing the same?
2. what is the prefer way by your experience?

1M Thanks.
 
Ranch Hand
Posts: 34
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
If your objective is to establish an SSL ClientAuth session between a web-site and a program you've written in Java, then no, there is no other way to do this.

What you're seeing is just half the equation for the SSL protocol - ServerAuth - where the client program determines which Certificate Authority (CA)'s certificates it will trust to establish an SSL session with on the remote side.

You will also need a keystore with a private-key and digital certificate for your application client, and configure the remote web-server to REQUIRE client-authentication on the SSL/TLS port. Once you've done both, then you can continue to add code to your Java program that uses the client-certificate and keystore to respond to the ClientAuth part of the SSL session establishment protocol.

Hope that helps.

Arshad Noor
StrongAuth, Inc.
 
H Paul
Ranch Hand
Posts: 491
5
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
My intention is ask for ServerAuth but my wording is about ClientAuth.

Now with what you explained and clarified, I got 2 answers for 1 question.

Great teacher, you're.
 
Consider Paul's rocket mass heater.
    Bookmark Topic Watch Topic
  • New Topic