hc-httpclient-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Oleg Kalnichevski <ol...@apache.org>
Subject Re: SSL
Date Tue, 26 Apr 2005 12:58:31 GMT
How about this?

HttpClient httpclient = new HttpClient();

KeyStore ksTrustStore = KeyStore.getInstance("JKS");
FileInputStream fis = new
FileInputStream("C:/jdk1.5.0_01/jre/lib/security/cacerts.jks");
ksTrustStore.load(fis, "changeit".toCharArray());
fis.close();

Protocol myhttps = new Protocol("https",
  new ManualSSLProtocolSocketFactory(ksTrustStore, null, ""),
  443);
      
HostConfiguration verisign = new HostConfiguration();
hostconf.setHost("www.verisign.com", 443, myhttps);

// NOTE: Must be a relative URI
GetMethod httpget = new GetMethod("/");  
httpclient.executeMethod(verisign, httpget);
      
Oleg



On Tue, Apr 26, 2005 at 02:04:54PM +0200, Milan Tomic wrote:
> 
> I have again expirienced problems with SSL. :(
> 
> I've been using this code:
> 
> HttpClient httpclient = new HttpClient();
> GetMethod httpget = new GetMethod("https://www.verisign.com/");
> 
> {
>   KeyStore ksTrustStore = KeyStore.getInstance("JKS");
>   FileInputStream fis = new
> FileInputStream("C:/jdk1.5.0_01/jre/lib/security/cacerts.jks");
>   ksTrustStore.load(fis, "changeit".toCharArray());
>   fis.close();
> 
>   Protocol myhttps = new Protocol("https",
>                                       new
> ManualSSLProtocolSocketFactory(ksTrustStore,
>  
> null,
>  
> ""),
>                                      443);
>   Protocol.registerProtocol("https", myhttps);
>  
> //httpclient.getHostConfiguration().setHost("https://www.verisign.com/",
> 443, myhttps);
> }
> 
> httpclient.executeMethod(httpget);
> 
> To avoid using this code (which also worked fine):
> 
> System.setProperty("javax.net.ssl.keyStorePassword", "p");
> System.setProperty("javax.net.ssl.keyStore", "keyStore.jks");
> System.setProperty("javax.net.ssl.trustStorePassword", "p");
> System.setProperty("javax.net.ssl.trustStore", "cacerts.jks");
> 
> The problem is that I can't use neither peace of code, because they are
> not thread safe in my case. In my case, I have several cacerts.jks and
> each thread use different key/trust store pair. If I use
> System.setProperty() or (static method) Protocol.registerProtocol(),
> then each thread will use same key/trust store. :(
> 
> Is there a hope?
> 
> Thank you very very much.
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: httpclient-user-help@jakarta.apache.org
> 

---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpclient-user-help@jakarta.apache.org


Mime
View raw message