R
Rogan Dawes
Hi folks,
SSL is a fairly complicated topic, and although there is a wealth of
material out on the internet, it can be quite difficult to pull it all
together into an understandable whole.
I have posted a Java class on my site
<http://dawes.za.net/rogan/PKCS11Test.java> that demonstrates a number
of the fundamentals:
* Adding a new security Provider
* Using Sun's new (in 1.5) PKCS11 support (only tested with a soft token)
* Using an "in memory" config file for the above, using an undocumented
constructor (not that any "proper" documentation for the above class is
available)
* Selecting a specific key/certificate alias from a keystore, rather
than letting the provided KeyManager select the "best" one for you.
* Configuring SSL client certificates
* Instructing the HTTPSUrlConnector class not to complain if the server
cert is self-signed
* Instructing the HTTPUrlConnector class not to complain if the URL
hostname does not match the certificate details.
Hope someone finds this helpful. I know I would have!
Rogan
SSL is a fairly complicated topic, and although there is a wealth of
material out on the internet, it can be quite difficult to pull it all
together into an understandable whole.
I have posted a Java class on my site
<http://dawes.za.net/rogan/PKCS11Test.java> that demonstrates a number
of the fundamentals:
* Adding a new security Provider
* Using Sun's new (in 1.5) PKCS11 support (only tested with a soft token)
* Using an "in memory" config file for the above, using an undocumented
constructor (not that any "proper" documentation for the above class is
available)
* Selecting a specific key/certificate alias from a keystore, rather
than letting the provided KeyManager select the "best" one for you.
* Configuring SSL client certificates
* Instructing the HTTPSUrlConnector class not to complain if the server
cert is self-signed
* Instructing the HTTPUrlConnector class not to complain if the URL
hostname does not match the certificate details.
Hope someone finds this helpful. I know I would have!
Rogan