hc-httpclient-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mitchell Stevenson <mitchell.stevenson...@gmail.com>
Subject SSL related question on trust- and keymaterial
Date Wed, 11 Oct 2017 15:27:49 GMT
I use httpcore 4.4.4 together with mutual ssl.

I load the key material in that way:

KeyStore trustStore = ...;
sslContextBuilder.loadTrustMaterial(trustStore, null);

Question is: If there are more than one aliases with different trusted
certs in the keystore would then all of them be trusted or just the
first one? Can not find this info in the docs. It also seems not to be
possible to specify a single alias.

The keymaterial for mutual ssl is loaded like:

sslContextBuilder.loadKeyMaterial(keystore, keyPassword, new
PrivateKeyStrategy() {
    public String chooseAlias(Map<String, PrivateKeyDetails> aliases,
Socket socket) {
        if(aliases == null || aliases.isEmpty()) {
            return kAlias;
         if(kAlias == null || kAlias.isEmpty()) {
             return aliases.keySet().iterator().next();
          return kAlias;

Here i like to load only keymatrial for one specific alias (kAlias) or
the first one if not given. I don't know if the code above is really
correct. I am also wondering whats the default if PrivateKeyStrategy
is not given.


To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org

View raw message