Skip to Main Content
Forums

Java Security

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Mutual Auth problems

843811Aug 9 2004 — edited Dec 2 2004
I am working on a program that requires mutual certificate authentication for server to server communication. I have written a JSP page that you call from your client with a XML string input. the JSP page passes the data to another server using SSL. My problem is my certificate is not being passed in the ssl request. I used IBM's keyman to import the certificate and it is the only one in the jks file. Am I missing something where I am not passing the certificate or is there a way to make sure it is pulling the certificate from the jks file correctly? Any help would be appreciated.
We are using WebSphere 5.1 and ISS 5/Windows 2000.

String keyStorePath = "D:\\WebSphere\\AppServer\\bin\\ssl.jks";
String keyStorePwd = "pwd";
System.setProperty("javax.net.ssl.keyStore", keyStorePath);
System.setProperty("javax.net.ssl.keyStorePassword", keyStorePwd);
System.setProperty("javax.net.ssl.trustStore", keyStorePath);
System.setProperty("javax.net.ssl.trustStorePassword", keyStorePwd);
System.setProperty("java.protocol.handler.pkgs", "com.ibm.net.ssl.internal.www.protocol");
Security.addProvider(new com.ibm.jsse.JSSEProvider());

TrustManager[] trustAllCerts = new TrustManager[]{
new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) {
}
public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) {
}
}
};
SSLContext sc = SSLContext.getInstance("SSL");
KeyStore keystore = KeyStore.getInstance("JKS");
keystore.load(new FileInputStream(keyStorePath), keyStorePwd.toCharArray());
KeyManagerFactory kmf = KeyManagerFactory.getInstance("IbmX509");
kmf.init(keystore, keyStorePwd.toCharArray());
sc.init(kmf.getKeyManagers(), trustAllCerts, new java.security.SecureRandom());
// Create the socket connection and open it to the secure remote web server
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();


Mike Cummins
Comments
Locked Post
New comments cannot be posted to this locked post.
Post Details
Locked on Dec 30 2004
Added on Aug 9 2004
#java-secure-socket-extension-jsse
2 comments
170 views