hc-httpclient-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Oleg Kalnichevski <o...@ok2consulting.com>
Subject Re: SSL connection
Date Thu, 28 Nov 2013 21:12:11 GMT
On Thu, 2013-11-28 at 20:11 +0100, Joan Balagueró wrote:
> Hello Oleg,
> 
> Thanks. I've been seeing some HttpClient samples. Some of them set the trustStore/keyStore
directly to the SSLSocketFactory.

SSLSocketFactory constructors internally create an SSLContext instance
and initialize it with the trust / key material passed as parameters. 

>  And others create an SSLContext with them and then set this SSLContext to the SSLSocketFactory.
Any advantage from one respect to the other?
> 

No, not really. Simply a matter of convenience.

> Furthermore, when using SSLContext we need to create an instance using the secure socket
protocol. Is there any way to accept all secure protocols?
> 

I am not sure what you mean by that. Exactly wha

> Thanks,
> 
> Joan.
> 
> -----Mensaje original-----
> De: Oleg Kalnichevski [mailto:olegk@apache.org] 
> Enviado el: jueves, 28 de noviembre de 2013 10:24
> Para: HttpClient User Discussion
> Asunto: Re: SSL connection
> 
> On Wed, 2013-11-27 at 19:24 +0100, Joan Balagueró wrote:
> > Hello,
> > 
> >  
> > 
> > I have an application (servlet running on tomcat) that must send a 
> > https request to a server that requires client authentication.
> > 
> >  
> > 
> > Tomcat has correctly installed the truststore and keystore. But I 
> > understand that when our app sends the https request, I have to attach 
> > the client authentication required by the server.
> > 
> >  
> > 
> > Can anyone address to any doc where I can see how to do this?
> > 
> >  
> > 
> > Thanks,
> > 
> >  
> > 
> > J. 
> > 
> 
> There is enough good material on SSL fundamentals on the web. Just google it out. 
> 
> As far as HC APIs are concerned SSLContextBuilder should help you set up the correct
SSL context for your application. Most likely you will need to load the private key and add
it to the context using this method [1].
> 
> Oleg 
> 
> [1]
> http://hc.apache.org/httpcomponents-client-4.3.x/httpclient/apidocs/org/apache/http/conn/ssl/SSLContextBuilder.html#loadKeyMaterial%28java.security.KeyStore,%20char[],%20org.apache.http.conn.ssl.PrivateKeyStrategy%29
> 
> >  
> > 
> > 
> > 
> > 
> > 
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
> For additional commands, e-mail: httpclient-users-help@hc.apache.org
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
> For additional commands, e-mail: httpclient-users-help@hc.apache.org
> 



---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org


Mime
View raw message