This week's book giveaway is in the Servlets forum.
We're giving away four copies of Murach's Java Servlets and JSP and have Joel Murach on-line!
See this thread for details.
The moose likes Android and the fly likes Client SSL Certificates without keystores Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Mobile » Android
Bookmark "Client SSL Certificates without keystores" Watch "Client SSL Certificates without keystores" New topic

Client SSL Certificates without keystores

Don Henderson

Joined: Mar 14, 2011
Posts: 2

Hi all - new here!
I know this is a can of worms, but I'm implementing an API in an android app, which needs client authentication using a certificate.
I really don't want to use keystores and truststores and bouncy castle etc as it only adds complexity - this needs to be run at startup, and should be as quick and painless as possible. I don't want to depend on a whole JAR just for that functionality.

So, in any other language (thinking Ruby and C in particular), I can just read the .pem from a file, or even hard-code it in.
I've read about the Certificate, X509Certificate and SSLSocketFactory in java/android, but there doesn't seem to be an easy way to just present this to a client and say "go for it".

Has anyone done this, either in "android java" or even normal java who could give me some pointers or a code snippet. Eternal love and appreciation will go the way of anyone who can.

Perry Hoekstra

Joined: Dec 07, 2010
Posts: 28
I did not think that *.pem files were supported in Android, only *.p12 (PKCS#12).
I agree. Here's the link:
subject: Client SSL Certificates without keystores
Similar Threads
extract and save to file certificate and key from pkcs12 file programmatically
Client SSL certificates without keystores
PC or Mac?
HTTP Post SSL certificates (Jakarta HTTP Commons)
Android vs. iOS