hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marc Boorshtein <marc.boorsht...@octetstring.com>
Subject Re: Retrieving server side certificate durring handshake?
Date Mon, 07 Jun 2004 23:29:25 GMT
great!  Basically I want to implement "browser" style functionality  
where if a cert isn't signed by someone in the trust store, then it can  
either be imported and accepted or rejected.  I already have code for  
managing the keystore side of things and am looking at how to use an  
SSL Factory to accomplish this.  From the looks of it it seems I can  
implement my own TrustStore that can be used as a pass through between  
HttpClient and the user's keystore.
------------------------------------------------------------------------ 
--------------------------
Marc Boorshtein
Sr. Software Engineer, Octet String
marc.boorshtein@octetstring.com
On Jun 7, 2004, at 7:50 AM, Roland Weber wrote:

> Hello Marc,
>
> the latter is the case. For the HTTP protocol, the certificate
> doesn't matter. Once the secure connection is established,
> HttpClient just uses it. Whether any certificates were involved
> when the factory established the connection is of no interest
> to HttpClient. You may have to implement your own protocol
> factory. Whether it will be possible to determine the factory
> level information for a connection, I cannot tell. If not, let us
> know and we'll discuss what hooks should be added.
>
> cheers,
>   Roland
>
>
>
>
>
>
> Marc Boorshtein <marc.boorshtein@octetstring.com>
> 07.06.2004 14:43
> Please respond to "Commons HttpClient Project"
>
>         To:     commons-httpclient-dev@jakarta.apache.org
>         cc:
>         Subject:        Retrieving server side certificate durring
> handshake?
>
>
> Hello,
>
> I have the http libraries working with SSL, but I need to be able to
> retrieve the server's certificate on connection.  I looked at the easy
> ssl protocol handler, but I didn't see anything that let me do this.
> Am I missing something, or is this handled at the JSSE level?
>
> Thanks
>
> ----------------------------------------------------------------------- 
> -
> --------------------------
> Marc Boorshtein
> Sr. Software Engineer, Octet String
> marc.boorshtein@octetstring.com
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail:
> commons-httpclient-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail:
> commons-httpclient-dev-help@jakarta.apache.org
>
>


---------------------------------------------------------------------
To unsubscribe, e-mail: commons-httpclient-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: commons-httpclient-dev-help@jakarta.apache.org


Mime
View raw message