aspose file tools*
The moose likes Security and the fly likes Basic auth + ssl on client side Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Engineering » Security
Bookmark "Basic auth + ssl on client side" Watch "Basic auth + ssl on client side" New topic
Author

Basic auth + ssl on client side

H Paul
Ranch Hand

Joined: Jul 26, 2011
Posts: 461
    
    4
Basic, I need to set up basic auth + ssl on client side:

Thru GOOGLE, I got below code works for ssl part.

Basically, trustStore has the server public cerficate/key imported.

Am a beginnger in this area

1. is there any other way doing the same?
2. what is the prefer way by your experience?

1M Thanks.
Arshad Noor
Ranch Hand

Joined: Oct 06, 2011
Posts: 34
If your objective is to establish an SSL ClientAuth session between a web-site and a program you've written in Java, then no, there is no other way to do this.

What you're seeing is just half the equation for the SSL protocol - ServerAuth - where the client program determines which Certificate Authority (CA)'s certificates it will trust to establish an SSL session with on the remote side.

You will also need a keystore with a private-key and digital certificate for your application client, and configure the remote web-server to REQUIRE client-authentication on the SSL/TLS port. Once you've done both, then you can continue to add code to your Java program that uses the client-certificate and keystore to respond to the ClientAuth part of the SSL session establishment protocol.

Hope that helps.

Arshad Noor
StrongAuth, Inc.
H Paul
Ranch Hand

Joined: Jul 26, 2011
Posts: 461
    
    4
My intention is ask for ServerAuth but my wording is about ClientAuth.

Now with what you explained and clarified, I got 2 answers for 1 question.

Great teacher, you're.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Basic auth + ssl on client side