This week's giveaway is in the Android forum.
We're giving away four copies of Android Security Essentials Live Lessons and have Godfrey Nolan on-line!
See this thread for details.
The moose likes Sockets and Internet Protocols and the fly likes in SSL Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Java » Sockets and Internet Protocols
Bookmark " in SSL" Watch " in SSL" New topic
Author in SSL

Nimish Patel
Ranch Hand

Joined: Jun 29, 2005
Posts: 84

I am download online certificates (SSL -https) though code.code is given below.Its only working for "".for other https site I am getting UnknownHostException.Might be It is proxy problem.

Could you please suggest me How to set proxy in this code ?


public class AddServerCert {
public AddServerCert() {

public static void main(String[] args) throws Exception {
AddServerCert s = new AddServerCert();

// Define the connection for the Server we want
// to retrieve the certificates for
String site = "";
int port = 443;



// Configure our KeyStore/TrustManager/Certificate file
String keyStore = "d:/nim/LexmarkCertificates";
String keyStorePasswd = "";
String keyStoreAlias = "keystorealias";

// Without this we get
// " untrusted server cert chain"
// Creates a TrustManager that will allow us to
// connect to the site so we can download the
// Server's certificate

// Get the Server's certificate chain[] xc =
s.getServerCert(site, port);

// Add the server's certificate chain to our
// certificate file
for (int i=0; i < xc.length; i++) {
keyStore, (keyStorePasswd).toCharArray(),
keyStoreAlias, xc[i]);

/** This will create a TrustManager that will trust
* ALL certificates and install it as the default
* SSLSocketFactory TrustManager.
* <p>Use this function to replace the default
* TrustManager when you are connecting to an SSL
* site that the certificate is not trusted.
public void createTrustALLManager() {
try {
SSLContext sc = SSLContext.getInstance("SSL");
} catch (Exception e) {

/** The trust ALL TrustManager. Used by createALLTrustManager()
* to replace the default SSLSocketFactory TrustManager.
private TrustManager[] trustAllCerts = new TrustManager[] {
new X509TrustManager() {
getAcceptedIssuers() {
return null;
public boolean isClientTrusted([] certs) {
return true;
public boolean isServerTrusted([] certs) {
return true;

public[] getServerCert(
String hostname, int port) {[] serverCerts = null;
try {
// Create client socket
SSLSocketFactory factory =

SSLSocket socket =

// Without doing the handshake first we get
// "
// peer not authenticated"
// Connect to the server

// Retrieve the server's certificate chain
serverCerts = socket.getSession().getPeerCertificateChain();

// Close the socket
} catch (Exception e) {
System.out.println("getServerCert(): Exception: "
+ e.toString() + "\n" + e.getMessage());
return serverCerts;

public boolean addToKeyStore(
String keystoreFile, char [] keystorePassword,
String alias, cert) {
try {
// Create an empty keystore keystore =;

// Read in existing keystore data. This is need
// to initialize the KeyStore.
FileInputStream in = new FileInputStream(keystoreFile);
keystore.load(in, null);

ByteArrayInputStream bais =
new ByteArrayInputStream(cert.getEncoded()); cf =
"X.509"); certP = null;
while (bais.available() > 0) {
certP = cf.generateCertificate(bais);

alias, certP);

// Save the new keystore contents
FileOutputStream out =
new FileOutputStream(keystoreFile);, keystorePassword);
} catch (Exception e) {
System.out.println("addToKeyStore(): Exception: "
+ e.toString() + "\n" + e.getMessage());
return false;
return true;

subject: in SSL
Similar Threads
This Weeks Giveaway
Want to access a secure site data with the use of URL class.
Problem with Intial Context with t3s protocal
about HTTPS connection
https -- connects fine on windows / error on unix