Connect to an HTTPS Server

Discussion in 'Java' started by josephjelsy@gmail.com, Apr 10, 2006.

  1. Guest

    please help me on how to connect to an HTTPS Server using Java
     
    , Apr 10, 2006
    #1
    1. Advertising

  2. Tomek Guest

    Hi
    Create the client as usual ( just like a regular http connection ) and
    run this clien with parameters :
    java -Djavax.net.ssl.trustStore=myCertStore.jks
    -Djavax.net.ssl.trustStorePassword=myKeyStorePassword -jar
    MyClient.jar
    Assuming you have the server key in you keystore.
     
    Tomek, Apr 10, 2006
    #2
    1. Advertising

  3. Roedy Green Guest

    On 10 Apr 2006 02:46:12 -0700, "Tomek" <> wrote,
    quoted or indirectly quoted someone who said :

    >Create the client as usual ( just like a regular http connection ) and
    >run this clien with parameters :
    >java -Djavax.net.ssl.trustStore=myCertStore.jks
    >-Djavax.net.ssl.trustStorePassword=myKeyStorePassword -jar
    >MyClient.jar
    >Assuming you have the server key in you keystore.


    Is this the way you set up a server or client? I thought you did not
    need any sort of cert to be the client.
    --
    Canadian Mind Products, Roedy Green.
    http://mindprod.com Java custom programming, consulting and coaching.
     
    Roedy Green, Apr 10, 2006
    #3
  4. Juha Laiho Guest

    Roedy Green <> said:
    >On 10 Apr 2006 02:46:12 -0700, "Tomek" <> wrote,
    >quoted or indirectly quoted someone who said :
    >
    >>Create the client as usual ( just like a regular http connection ) and
    >>run this clien with parameters :
    >>java -Djavax.net.ssl.trustStore=myCertStore.jks
    >>-Djavax.net.ssl.trustStorePassword=myKeyStorePassword -jar
    >>MyClient.jar
    >>Assuming you have the server key in you keystore.

    >
    >Is this the way you set up a server or client? I thought you did not
    >need any sort of cert to be the client.


    The client needs to have CA certificates to verify the authenticity of
    the server certificate - thus the trustStore. Similarly regular browsers
    have quite a pile of preinstalled CA certificates; otherwise there would
    be no protection against site spoofing; there would only be protection
    against traffic eavesdropping.
    --
    Wolf a.k.a. Juha Laiho Espoo, Finland
    (GC 3.0) GIT d- s+: a C++ ULSH++++$ P++@ L+++ E- W+$@ N++ !K w !O !M V
    PS(+) PE Y+ PGP(+) t- 5 !X R !tv b+ !DI D G e+ h---- r+++ y++++
    "...cancel my subscription to the resurrection!" (Jim Morrison)
     
    Juha Laiho, Apr 10, 2006
    #4
  5. Roedy Green Guest

    On Mon, 10 Apr 2006 18:43:27 +0000 (UTC), Juha Laiho
    <> wrote, quoted or indirectly quoted someone who
    said :

    >The client needs to have CA certificates to verify the authenticity of
    >the server certificate - thus the trustStore. Similarly regular browsers
    >have quite a pile of preinstalled CA certificates; otherwise there would
    >be no protection against site spoofing; there would only be protection
    >against traffic eavesdropping.


    slightly off topic, but I downloaded Opera 8.54 and it seems finally
    to have its SSL act together, and least enough to work with my credit
    union finally.
    --
    Canadian Mind Products, Roedy Green.
    http://mindprod.com Java custom programming, consulting and coaching.
     
    Roedy Green, Apr 10, 2006
    #5
  6. Roedy Green wrote:
    snip
    >>Create the client as usual ( just like a regular http connection ) and
    >>run this clien with parameters :
    >>java -Djavax.net.ssl.trustStore=myCertStore.jks
    >>-Djavax.net.ssl.trustStorePassword=myKeyStorePassword -jar
    >>MyClient.jar
    >>Assuming you have the server key in you keystore.

    >
    >
    > Is this the way you set up a server or client? I thought you did not
    > need any sort of cert to be the client.

    If the HTTPS server's key was signed using a valid certificate authority
    (i.e from Verisign, Thawte or whatever comes with Java) then the client
    does not need anything.
     
    Missaka Wijekoon, Apr 11, 2006
    #6
  7. Juha Laiho Guest

    Missaka Wijekoon <> said:
    >Roedy Green wrote:
    >snip
    >>>Create the client as usual ( just like a regular http connection ) and
    >>>run this clien with parameters :
    >>>java -Djavax.net.ssl.trustStore=myCertStore.jks
    >>>-Djavax.net.ssl.trustStorePassword=myKeyStorePassword -jar
    >>>MyClient.jar
    >>>Assuming you have the server key in you keystore.

    >>
    >>
    >> Is this the way you set up a server or client? I thought you did not
    >> need any sort of cert to be the client.

    >If the HTTPS server's key was signed using a valid certificate authority
    >(i.e from Verisign, Thawte or whatever comes with Java) then the client
    >does not need anything.


    .... no; the client still needs the corresponding CA certificates.
    However, a number of these are provided with the Java environment;
    f.ex. the cacerts file provided with 1.5.0_06 distribution appears to
    contain 33 CA certificate entries. If you remove those, not even
    Verisign or Thawte certificates work.
    --
    Wolf a.k.a. Juha Laiho Espoo, Finland
    (GC 3.0) GIT d- s+: a C++ ULSH++++$ P++@ L+++ E- W+$@ N++ !K w !O !M V
    PS(+) PE Y+ PGP(+) t- 5 !X R !tv b+ !DI D G e+ h---- r+++ y++++
    "...cancel my subscription to the resurrection!" (Jim Morrison)
     
    Juha Laiho, Apr 12, 2006
    #7
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Subra Mallampalli
    Replies:
    0
    Views:
    445
    Subra Mallampalli
    Oct 2, 2003
  2. Axel
    Replies:
    8
    Views:
    1,220
    Adrienne Boswell
    Apr 27, 2009
  3. jotto
    Replies:
    4
    Views:
    430
    jotto
    Oct 2, 2006
  4. Naveen Dhanuka
    Replies:
    1
    Views:
    308
  5. Replies:
    2
    Views:
    316
Loading...

Share This Page