File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Android and the fly likes Client SSL Certificates without keystores Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Mobile » Android
Bookmark "Client SSL Certificates without keystores" Watch "Client SSL Certificates without keystores" New topic

Client SSL Certificates without keystores

Don Henderson

Joined: Mar 14, 2011
Posts: 2

Hi all - new here!
I know this is a can of worms, but I'm implementing an API in an android app, which needs client authentication using a certificate.
I really don't want to use keystores and truststores and bouncy castle etc as it only adds complexity - this needs to be run at startup, and should be as quick and painless as possible. I don't want to depend on a whole JAR just for that functionality.

So, in any other language (thinking Ruby and C in particular), I can just read the .pem from a file, or even hard-code it in.
I've read about the Certificate, X509Certificate and SSLSocketFactory in java/android, but there doesn't seem to be an easy way to just present this to a client and say "go for it".

Has anyone done this, either in "android java" or even normal java who could give me some pointers or a code snippet. Eternal love and appreciation will go the way of anyone who can.

Perry Hoekstra

Joined: Dec 07, 2010
Posts: 28
I did not think that *.pem files were supported in Android, only *.p12 (PKCS#12).
I agree. Here's the link:
subject: Client SSL Certificates without keystores
It's not a secret anymore!