Java client certificates over HTTPS/SSL

by

Finally solved it ;). Got a strong hint here (Gandalfs answer touched a bit on it as well). The missing links was (mostly) the first of the parameters below, and to some extent that I overlooked the difference between keystores and truststores.

The self-signed server certificate must be imported into a truststore:

keytool -import -alias gridserver -file gridserver.crt -storepass $PASS -keystore gridserver.keystore

These properties need to be set (either on the commandline, or in code):

-Djavax.net.ssl.keyStoreType=pkcs12
-Djavax.net.ssl.trustStoreType=jks
-Djavax.net.ssl.keyStore=clientcertificate.p12
-Djavax.net.ssl.trustStore=gridserver.keystore
-Djavax.net.debug=ssl # very verbose debug
-Djavax.net.ssl.keyStorePassword=$PASS
-Djavax.net.ssl.trustStorePassword=$PASS

Working example code:

SSLSocketFactory sslsocketfactory = (SSLSocketFactory) SSLSocketFactory.getDefault();
URL url = new URL("https://gridserver:3049/cgi-bin/ls.py");
HttpsURLConnection conn = (HttpsURLConnection)url.openConnection();
conn.setSSLSocketFactory(sslsocketfactory);
InputStream inputstream = conn.getInputStream();
InputStreamReader inputstreamreader = new InputStreamReader(inputstream);
BufferedReader bufferedreader = new BufferedReader(inputstreamreader);

String string = null;
while ((string = bufferedreader.readLine()) != null) {
    System.out.println("Received " + string);
}

More Related Contents:

  1. How can I use different certificates on specific connections?
  2. Received fatal alert: handshake_failure through SSLHandshakeException
  3. Java SSLHandshakeException “no cipher suites in common”
  4. javax.net.ssl.SSLException: Received fatal alert: protocol_version
  5. Registering multiple keystores in JVM [duplicate]
  6. java – path to trustStore – set property doesn’t work?
  7. Keystore type: which one to use?
  8. Problems connecting via HTTPS/SSL through own Java client
  9. Why does Java’s SSLSocket send a version 2 client hello?
  10. SSLHandshakeException while connecting to a https site
  11. How to override the cipherlist sent to the server by Android when using HttpsURLConnection?
  12. SSLContext initialization
  13. How to make Java 6, which fails SSL connection with “SSL peer shut down incorrectly”, succeed like Java 7?
  14. Setting multiple truststore on the same JVM
  15. Https Connection Android
  16. How to import an existing X.509 certificate and private key in Java keystore to use in SSL?
  17. why doesn’t java send the client certificate during SSL handshake?
  18. Which Cipher Suites to enable for SSL Socket?
  19. How to fix the “java.security.cert.CertificateException: No subject alternative names present” error?
  20. Using client/server certificates for two way authentication SSL socket on Android
  21. SSL peer shut down incorrectly in Java
  22. How to ignore PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException?
  23. PKIX path building failed in Java application
  24. Enabling specific SSL protocols with Android WebViewClient
  25. Using HTTPS with REST in Java
  26. javax.net.ssl.SSLException: SSL handshake aborted Connection reset by peer while calling webservice Android
  27. How Can I Access an SSL Connection Through Android?
  28. SSLSocket ignores domain mismatch
  29. Java Keytool error after importing certificate , “keytool error: java.io.FileNotFoundException & Access Denied”
  30. Can we load multiple Certificates & Keys in a Key Store?

Leave a Comment