Win a copy of Learn Spring Security (video course) this week in the Spring forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

How To Get HTTPS?

 
hossein arabi
Greenhorn
Posts: 20
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Dear All,
I have created a self signed digital certificate (.cer ) using JCE without any keystore or management . now I import it to the browser and copy it also to the server.
I wanna have a mutual or two way ssl authentication. but It is not working no HTTPS.
Forgive me for being so new in this field, I am just a student and I am really glad to meet you all here and I really got so much help.I will be glad if some one can guide me to get HTTPS and how this is gonna happen?
 
Ulf Dittmer
Rancher
Pie
Posts: 42967
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
How to get SSL working depends a lot on which server you're using. For example, the instructions for Tomcat can be found at http://tomcat.apache.org/tomcat-5.5-doc/ssl-howto.html
 
hossein arabi
Greenhorn
Posts: 20
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Ulf Dittmer wrote:How to get SSL working depends a lot on which server you're using. For example, the instructions for Tomcat can be found at http://tomcat.apache.org/tomcat-5.5-doc/ssl-howto.html


is it really needed to have a root certificate or keystore....I am not using any TOOLS just with JAVA JCE created a digtial certificate?
is it I should have CA. I just want to make the HTTPS. so confuded now.
 
Carey Evans
Ranch Hand
Posts: 225
Debian Eclipse IDE Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
hossein arabi wrote:is it really needed to have a root certificate or keystore....I am not using any TOOLS just with JAVA JCE created a digtial certificate?

You need a KeyStore instance for the KeyManager array on your SSLContext, using a KeyManagerFactory. It doesn't need to be loaded from disk, though; you could set the private key for your certificate on a new KeyStore instance, before passing it to the KeyManagerFactory.

The Jetty code for SslSocketConnector shows how it uses a KeyStore on disk.

If you're trying to use Tomcat or Jetty for your HTTPS implementation, they will want to load the KeyStore from disk somewhere, unless you were to extend SslSocketConnector and override its createFactory() method, for example.
 
Ulf Dittmer
Rancher
Pie
Posts: 42967
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
hossein arabi wrote:I am not using any TOOLS

All you need is keytool, which comes with the JDK.
 
hossein arabi
Greenhorn
Posts: 20
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Ulf Dittmer wrote:
hossein arabi wrote:I am not using any TOOLS

All you need is keytool, which comes with the JDK.



the problem is that I am working on my final year project which I should use JAVA API to program it myself. I am so new to it that is why I am blur. is a keystore really needed to implement the HTTPS?
 
Ulf Dittmer
Rancher
Pie
Posts: 42967
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
A certificate is necessary. If you somehow manage to create and use one without using keytool or keystores, then I guess those are not necessary. But I would be surprised if you did.

but It is not working no HTTPS.

What does this mean? How have you configured the server to use the certificate, and how did you tell it which port to use for HTTPS? What happens if you try to access the server using HTTPS? TellTheDetails
 
hossein arabi
Greenhorn
Posts: 20
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I have created a Single Certificate and it is a client certificate which contains his information by using JCE and didnot use the keystore.
my question: what is the requirments to implement HTTPS? the steps...
Wish this time I could say what I want and sorry for being so new to this field...
Thanks alot.
 
Carey Evans
Ranch Hand
Posts: 225
Debian Eclipse IDE Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
hossein arabi wrote:my question: what is the requirments to implement HTTPS? the steps...

To implement a custom SSL server, you also need a server certificate which the client trusts, then you start by configuring a new SSLContext to get an SSLServerSocketFactory, then an SSLServerSocket from which you get an SSLSocket for each connection.

To implement a custom HTTPS server, you read the HTTP and URI specs, the servlet, JTA and JCA specs, and their errata, think about the ambiguities and conflicts, and give up and download Jetty or Tomcat.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic