This week's book giveaway is in the OCAJP 8 forum. We're giving away four copies of OCA Java SE 8 Programmer I Study Guide and have Edward Finegan & Robert Liguori on-line! See this thread for details.
I am developing an application that must connect to an http server using ssl (https). During testing without packaging the application as a jar file everything works fine. As I am using the following code to specify the keystore file: System.setProperty("javax.net.ssl.trustStore", "/absolute/file/location/java/application/keystore"); But when the code gets put into a jar file and tranfered to another machine with a different file system layout... how do I set the system property in a machine independant way? Please someone help me on this one, as I've been banging my head way too long...
The general question is how to find the location of a file on a new/different system. 1) If you know the filename, you could search all possible paths. 2) Ask someone where it is when you install the program and save it's location somewhere. Does Preferences do this?
Joined: Jul 08, 2008
The thing is that I won't know the exact location because the keystore is inside a jar file for a web-start application. I could force the users of the application to install a certificate on their local vm, but this is not very user-friendly.
However, I tried something like this code, but it doesn't work. Am I on to something here?
Joined: Jul 08, 2008
Ok. I gave up this strategy. Instead, this made it work:
read the keystore file as a resource stream :MyClass.class.getClassLoader().getResourceAsStream(jarCertFile);
write it to localhost
set truststore property to local file, System.setProperty("javax.net.ssl.trustStore",trustStore);
[ July 09, 2008: Message edited by: Nils Magnus Larsg�rd ]
Your code above works for me. I'm not sure why it didn't work for you.
You can also use:
SSLContext sc = SSLContext.getInstance("TLS");
SSLContext sc = SSLContext.getInstance("SSL");
I'm not sure if that makes any difference (it works for me either way).
And you can also use:
to use the specified trust store for all SSL connections rather than just HttpsURLConnections.
no, but there are many other guys who search the internet to solve the same problem and are glad to get as much as information that are necessary. in other words: every post might be helpfull and the date of postings doesn't matter in these cases.
"Wenn man irgendwann mal von allen akzeptiert wird, dann weiß man, dass man irgendwas falsch gemacht hat." Excerpt by: Mr. Weidner
For me too this was extremely useful.
That's 7 years since @Nils Larsgard's post
(I registered just to leave this post!)
Joined: Oct 13, 2005
Welcome to the Ranch
If you look at the link I posted many years ago, you will see we have changed our tune: we now recognised the potential usefulness of old posts and how they can be rediscovered ten years later and still provide valuable information.