For Programmers: Free Programming Magazines  


Home > Archive > Java Security > January 2006 > Java and SSL/HTTPS, some advanced usages in one place









You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

 

Author Java and SSL/HTTPS, some advanced usages in one place
Rogan Dawes

2006-01-13, 7:58 am

Hi folks,

SSL is a fairly complicated topic, and although there is a wealth of
material out on the internet, it can be quite difficult to pull it all
together into an understandable whole.

I have posted a Java class on my site
<http://dawes.za.net/rogan/PKCS11Test.java> that demonstrates a number
of the fundamentals:

* Adding a new security Provider
* Using Sun's new (in 1.5) PKCS11 support (only tested with a soft token)
* Using an "in memory" config file for the above, using an undocumented
constructor (not that any "proper" documentation for the above class is
available)
* Selecting a specific key/certificate alias from a keystore, rather
than letting the provided KeyManager select the "best" one for you.
* Configuring SSL client certificates
* Instructing the HTTPSUrlConnector class not to complain if the server
cert is self-signed
* Instructing the HTTPUrlConnector class not to complain if the URL
hostname does not match the certificate details.

Hope someone finds this helpful. I know I would have!

Rogan
Sponsored Links







Also available: Server administration forum archive | Web Design forum archive | Software forum archive | Hardware reviews archive

Copyright 2008 codecomments.com