hc-httpclient-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Oleg Kalnichevski <ol...@apache.org>
Subject Re: Use a unique instance of httpclient with some differents sets of trust certificates
Date Tue, 29 May 2012 19:51:53 GMT
On Tue, 2012-05-29 at 16:17 +0200, Jose Escobar wrote:
> Hi there,
> 
> First of all let me say English is not my native language; please
> excuse typing errors.
> 
> I'm using Httpclient 4.2 on a Spring project to send Http Post
> requests. It's working correctly with a singleton DefaultHttpClient
> bean managed by a PoolingClientConnectionManager. This
> PoolingClientConnectionManager has two schemas, http default port 80
> and https default port 443 with default jsse trust certificates and a
> key to authenticate the client to remote servers. As I say it works
> great but now I have to validate some remote servers with given
> certificates and they are not signed by default jsse trust
> certificates. I don't want to simply add this new certificates to the
> trusted certificates keystore because I only want to use them against
> specific Urls for security reasons (I don't know how are they managing
> their private keys).
> 
> Is it possible to add these certificates to a singleton httpclient and
> remove them after execute a HttpPost without affect others parallel
> working threads that are using the same httpClient or may I should
> create a new HttpClient instance with the apropiate trust
> certificates?
> 
> 

Possibly a better option might be a custom socket factory that can
create SSL connections with different SSL contexts using different trust
and key material based on the hostname of the target server.

Hope this helps

Oleg

> 
> I can send some code if you needed. Sorry for my english again...
> 
> Thanks in advance.
> 
> Jose E.
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
> For additional commands, e-mail: httpclient-users-help@hc.apache.org
> 



---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org


Mime
View raw message