wood burning stoves 2.0*
The moose likes Java in General and the fly likes Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Java in General
Bookmark ""javax.net.ssl.keyStore" system property inside a jar package" Watch ""javax.net.ssl.keyStore" system property inside a jar package" New topic
Author

"javax.net.ssl.keyStore" system property inside a jar package

adrian wardell
Greenhorn

Joined: Dec 09, 2003
Posts: 1
I am developing an application that must connect to an http server using ssl (https). During testing without packaging the application as a jar file everything works fine. As I am using the following code to specify the keystore file:
System.setProperty("javax.net.ssl.trustStore", "/absolute/file/location/java/application/keystore");
But when the code gets put into a jar file and tranfered to another machine with a different file system layout... how do I set the system property in a machine independant way?
Please someone help me on this one, as I've been banging my head way too long...
Dirk Schreckmann
Sheriff

Joined: Dec 10, 2001
Posts: 7023
Welcome to JavaRanch, adrian!
This is probably a little bit above the concerns of a typical Java greenhorn. I'm moving this to the intermediate forum...


[How To Ask Good Questions] [JavaRanch FAQ Wiki] [JavaRanch Radio]
Nils Larsgard
Greenhorn

Joined: Jul 08, 2008
Posts: 5
I have the same problem as the thread starter. Is there a clean way of doing this?
Santhosh Kumar
Ranch Hand

Joined: Nov 07, 2000
Posts: 242
Unfortunately the javax.net.ssl.trustStore property cannot read the data from classpath but expect it to be a file path. So it means there is no machine independent way to specify the path.

Best way is to take the below line,



out of your code base and specify property using command line while starting the JVM as below.

Norm Radder
Ranch Hand

Joined: Aug 10, 2005
Posts: 685
The general question is how to find the location of a file on a new/different system.
1) If you know the filename, you could search all possible paths.
2) Ask someone where it is when you install the program and save it's location somewhere. Does Preferences do this?
Nils Larsgard
Greenhorn

Joined: Jul 08, 2008
Posts: 5
The thing is that I won't know the exact location because the keystore is inside a jar file for a web-start application. I could force the users of the application to install a certificate on their local vm, but this is not very user-friendly.

However, I tried something like this code, but it doesn't work. Am I on to something here?
Nils Larsgard
Greenhorn

Joined: Jul 08, 2008
Posts: 5
Ok. I gave up this strategy. Instead, this made it work:


  • read the keystore file as a resource stream :MyClass.class.getClassLoader().getResourceAsStream(jarCertFile);
  • write it to localhost
  • set truststore property to local file, System.setProperty("javax.net.ssl.trustStore",trustStore);


  • [ July 09, 2008: Message edited by: Nils Magnus Larsg�rd ]
    Paul Donohue
    Greenhorn

    Joined: Oct 20, 2009
    Posts: 1
    @Nils Lasgard:
    Your code above works for me. I'm not sure why it didn't work for you.

    You can also use:
    SSLContext sc = SSLContext.getInstance("TLS");
    instead of:
    SSLContext sc = SSLContext.getInstance("SSL");
    I'm not sure if that makes any difference (it works for me either way).

    And you can also use:
    SSLContext.setDefault(sc);
    instead of:
    HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
    to use the specified trust store for all SSL connections rather than just HttpsURLConnections.
    Campbell Ritchie
    Sheriff

    Joined: Oct 13, 2005
    Posts: 38489
        
      23
    Welcome to JavaRanch

    Are you sure he is still reading after 15 months? Look at this FAQ.
    Andreas Pax Lück
    Greenhorn

    Joined: Nov 04, 2009
    Posts: 18
    @Campbell Ritchie:

    no, but there are many other guys who search the internet to solve the same problem and are glad to get as much as information that are necessary. in other words: every post might be helpfull and the date of postings doesn't matter in these cases.

    best regards

    PAX


    "Wenn man irgendwann mal von allen akzeptiert wird, dann weiß man, dass man irgendwas falsch gemacht hat."
    Excerpt by: Mr. Weidner
    Campbell Ritchie
    Sheriff

    Joined: Oct 13, 2005
    Posts: 38489
        
      23
    Point taken, and welcome to JavaRanch
    b hoff
    Greenhorn

    Joined: Nov 01, 2011
    Posts: 1
    Larsgard's code snippet helped me out a lot (and was very clever). To get it working I had to make a few small changes. Here's my revision:

    Campbell Ritchie
    Sheriff

    Joined: Oct 13, 2005
    Posts: 38489
        
      23
    Welcome to the Ranch
    It shows how useful old posts can be.
    H Paul
    Ranch Hand

    Joined: Jul 26, 2011
    Posts: 417
        
        4
    Campbell Ritchie wrote:Welcome to the Ranch
    It shows how useful old posts can be.


    Resurrection.
     
    I agree. Here's the link: http://aspose.com/file-tools
     
    subject: "javax.net.ssl.keyStore" system property inside a jar package