T
Tim Ward
Scenario: Java application distributed as a single jar file. It now needs to
make SSL connections where it used to make TCP connections. So it needs a
truststore so as to be able to validate the certificate presented by the
server.
I've got all that working fine with the truststore in a separate disk file,
but that's no use for distributing the application. So, if I include the
truststore in the jar file (along with the images and other resource files)
how do I make the Java SSL system use it?
(The only suggestion I've found is to include it as a resource, then write
some code to copy this to a disk file before setting the system property.
This is nonsense, mostly because it is obviously utterly silly but also
because it's less than obvious that you can guarantee to find somewhere to
put the file safely and reliably.)
make SSL connections where it used to make TCP connections. So it needs a
truststore so as to be able to validate the certificate presented by the
server.
I've got all that working fine with the truststore in a separate disk file,
but that's no use for distributing the application. So, if I include the
truststore in the jar file (along with the images and other resource files)
how do I make the Java SSL system use it?
(The only suggestion I've found is to include it as a resource, then write
some code to copy this to a disk file before setting the system property.
This is nonsense, mostly because it is obviously utterly silly but also
because it's less than obvious that you can guarantee to find somewhere to
put the file safely and reliably.)