Win a copy of The Java Performance Companion this week in the Performance forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

SSL connection - howto disable sending client certificate?

 
Maciej Miklas
Ranch Hand
Posts: 61
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

My java client connects to SSL Server. X500 factory accepts all server certificates. There is no keystore - I do not need it.

Now my problem: SSL connection works fine, but my SSL Cleint keeps sending client certificate - I need to disable this.

Can I configure Java in a way, that client certificate is not being send?

This is quiet normal, that clients does not send SSL certificates when connect to the server.....

Thanks,
Maciej
[ June 04, 2008: Message edited by: Maciej Miklas ]
 
Joanne Neal
Rancher
Posts: 3742
16
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The client will only send it's certificate if the server has requested it. This is something you need to configure in your server, not Java.
 
Maciej Miklas
Ranch Hand
Posts: 61
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The request goes trough firewall. The firewall asks always for the certificate. If there is no certificate request goes trough. If there is certificate it will be validated.

I need to configure my java cleint that it does not send the certificate - just to say "there is no certificate"

Such configuration is possible for browser.
 
Joanne Neal
Rancher
Posts: 3742
16
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
So the firewall is requesting a certificate but is happy to continue if the client doesn't have one, but in your original post you say that the client does have a certificate.
Your server must be requesting a certificate (otherwise the client wouldn't send it), so I don't see what the problem is. You either need to configure your server not to request a certificate or configure it to be happy if no certificate is available (if that is possible).
 
Jesper de Jong
Java Cowboy
Saloon Keeper
Posts: 15357
39
Android IntelliJ IDE Java Scala Spring
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I think this post fits better in the Sockets and Internet Protocols forum instead of the General Computing forum, so I'll move this post over there.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic