I've been struggling to get this working for about 2 days now. I was able to POST a request directly from sockets, but it took me a while to see it working with HTTPClient-4.1.2. There are different variants out there in google for legacy HTTPClient and less than 4.1.x.
The key was to specify TrustManager and KeyManager while initializing SSLContext.
Step-1: First, you have to initialize SSLContext like this:
SSLContext ctx = SSLContext.getInstance("TLS");
Step-2: Getting TrustManager. Java look into its trust managers to check against authorized Certification Authorities(CA). Default trust store in Java is "jks". This is how you can get trust manager:
TrustManager[] getTrustManagers(String trustStoreType, InputStream trustStoreFile, String trustStorePassword) throws Exception {
KeyStore trustStore = KeyStore.getInstance(trustStoreType);
trustStore.load(trustStoreFile, trustStorePassword.toCharArray());
TrustManagerFactory tmfactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmfactory.init(trustStore);
return tmfactory.getTrustManagers();
}
It should be called as:
TrustManager[] trustManagers = getTrustManagers("jks", new FileInputStream(new File("/Library/Java/Home/lib/security/cacerts")), "changeit");
/Library/Java/Home/lib/security/cacerts is the default path to trust managers in Mac OSX
Step-3: Getting KeyManager: This is where your client certificates are stored. KeyManager in the code can be retrieved as :
KeyManager[] keyManagers = getKeyManagers("pkcs12", new FileInputStream(new File("clientCertificate.p12")), "password");
You have to get KeyManagers using KeyManagerFactory like this:
KeyManager[] getKeyManagers(String keyStoreType, InputStream keyStoreFile, String keyStorePassword) throws Exception {
KeyStore keyStore = KeyStore.getInstance(keyStoreType);
keyStore.load(keyStoreFile, keyStorePassword.toCharArray());
KeyManagerFactory kmfactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
kmfactory init(keyStore, keyStorePassword.toCharArray());
return kmfactory.getKeyManagers();
}
Step-4: Once you have TrustManager and KeyManager ready, pass them in SSLContext:
ctx.init(keyManagers, trustManagers, new SecureRandom());
Step-5: Now create a SSLSocketFactory object using SSLContext object:
SSLSocketFactory sf = new SSLSocketFactory(ctx, new StrictHostnameVerifier());
Step-6: Assign Scheme to the HttpClient:
DefaultHttpClient httpclient = new DefaultHttpClient();
ClientConnectionManager manager = httpclient.getConnectionManager();
manager.getSchemeRegistry().register(new Scheme("https", 443, sf));
Done !
Now use this httpclient in HttpPost, HttpGet ….
Very very helpful. You made my day!!!
ReplyDeleteNice blog post your gave for us. I heartfully thank you and i request you to add more informations like this in future.
ReplyDeleteJAVA Training in Chennai
Best JAVA Training institute in Chennai
SEO training in chennai
Python Training in Chennai
Selenium Training in Chennai
Big data training in chennai
Selenium Training in Chennai
JAVA Training in Chennai
Java Training in Anna Nagar
cazy facts brot thanks for posting about the ssl. such a awesome info bro,thanks for this post.if your looking for selenium courses or big data courses you can check out links below
ReplyDelete.Very well written article thanks for posting this amazing article with us keep growing and keep hustling
Selenium course in chennai
best selenium training institute in chennai
best selenium training in chennai
selenium training in chennai omr
selenium training in omr
big data course in chennai
big data hadoop training in chennai
big data analytics courses in chennai
Nice infromation
ReplyDeleteSelenium Training In Chennai
Selenium course in chennai
Selenium Training
Selenium Training institute In Chennai
Best Selenium Training in chennai
Selenium Training In Chennai
Rpa Training in Chennai
Rpa Course in Chennai
Rpa training institute in Chennai
Best Rpa Course in Chennai
uipath Training in Chennai
Blue prism training in Chennai
Data Science Training In Chennai
Data Science Course In Chennai
Data Science Training institute In Chennai
Best Data Science Training In Chennai
Python Training In Chennai
Python course In Chennai
Protractor Training in Chennai
jmeter training in chennai
Loadrunner training in chennai
The knowledge of technology you have been sharing thorough this post is very much helpful to develop new idea. here by i also want to share this.
ReplyDeleteBig Data Hadoop Training In Chennai | Big Data Hadoop Training In anna nagar | Big Data Hadoop Training In omr | Big Data Hadoop Training In porur | Big Data Hadoop Training In tambaram | Big Data Hadoop Training In velachery
Really an amazing post..! By reading your blog post i gained more information.
ReplyDeleteAngular JS Training in Chennai | Certification | Online Training Course | Angular JS Training in Bangalore | Certification | Online Training Course | Angular JS Training in Hyderabad | Certification | Online Training Course | Angular JS Training in Coimbatore | Certification | Online Training Course | Angular JS Training | Certification | Angular JS Online Training Course
Blog comments are for different purposes of different kind of video sites and drama sites. Thanks for sharing this kind of video.
ReplyDeleteJava Training in Chennai
Java Course in Chennai
mmorpg
ReplyDeleteinstagram takipçi satın al
tiktok jeton hilesi
Tiktok jeton hilesi
Sac ekimi antalya
İNSTAGRAM TAKİPCİ SATIN AL
İNSTAGRAM TAKİPÇİ SATIN AL
Mt2 Pvp
Instagram takipçi satin al
Fon Perde Modelleri
ReplyDeleteNumara onay
Mobil odeme bozdurma
NFT NASIL ALİNİR
ANKARA EVDEN EVE NAKLİYAT
trafik sigortasi
dedektör
web sitesi kurma
aşk kitapları