I've tried the tutorial at
http://tvilda.stilius.net/java/java_ssl.php
and can't get it to work. Is there something wrong with tutorial or am
I making a simple mistake?
It's out of date and very incomplete.
Firstly, you don't need the
-Djava.protocol.handler.pkgs=com.sun.net.ssl.internal.
www.protocol part
unless you are running JDK 1.3.
Secondly, after you do the keytool -genkey command you should also do a
keytool -selfcert command using the same alias. See the Javadoc for
details about this.
Thirdly, unless this is just for testing purposes, you need to export
the certificate you just created from the server's keystore and import
it into the client's truststore. Just copying the same keystore file
around is highly insecure. If you have a real certificate resulting from
a keygen followed by an externally satisfied CSR (see the Javadoc/Guide
to Features/JSSE Reference for details), you should import the signed
cert into the server's keystore and the client's truststore.
*Then* it should work and be deployable.
