This week's book giveaway is in the OCPJP forum.
We're giving away four copies of OCA/OCP Java SE 7 Programmer I & II Study Guide and have Kathy Sierra & Bert Bates on-line!
See this thread for details.
The moose likes Android and the fly likes Client SSL Certificates without keystores Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of OCA/OCP Java SE 7 Programmer I & II Study Guide this week in the OCPJP forum!
JavaRanch » Java Forums » Mobile » Android
Bookmark "Client SSL Certificates without keystores" Watch "Client SSL Certificates without keystores" New topic
Author

Client SSL Certificates without keystores

Don Henderson
Greenhorn

Joined: Mar 14, 2011
Posts: 2

Hi all - new here!
I know this is a can of worms, but I'm implementing an API in an android app, which needs client authentication using a certificate.
I really don't want to use keystores and truststores and bouncy castle etc as it only adds complexity - this needs to be run at startup, and should be as quick and painless as possible. I don't want to depend on a whole JAR just for that functionality.

So, in any other language (thinking Ruby and C in particular), I can just read the .pem from a file, or even hard-code it in.
I've read about the Certificate, X509Certificate and SSLSocketFactory in java/android, but there doesn't seem to be an easy way to just present this to a client and say "go for it".

Has anyone done this, either in "android java" or even normal java who could give me some pointers or a code snippet. Eternal love and appreciation will go the way of anyone who can.

Cheers
Don
Perry Hoekstra
Greenhorn

Joined: Dec 07, 2010
Posts: 28
I did not think that *.pem files were supported in Android, only *.p12 (PKCS#12).
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Client SSL Certificates without keystores