• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
  • Campbell Ritchie
  • Paul Clapham
  • Ron McLeod
  • Jeanne Boyarsky
  • Tim Cooke
  • Liutauras Vilda
  • paul wheaton
  • Henry Wong
Saloon Keepers:
  • Tim Moores
  • Tim Holloway
  • Stephan van Hulst
  • Carey Brown
  • Frits Walraven
  • Piet Souris
  • Himai Minh

Trying to apply a custom ssl certificate to a running proxy

Posts: 11
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

I am trying to apply a user-provided ssl certificate, to a running proxy vm I have. Essentially, the current mechanism I have uses the following :

1. Load a keystore (contains default certs)
2. Initialize a key manager factory with the keystore and a passphrase
3. Initialize a trust manager factory with the key store
4. Initialize an ssl context based on 2,3

Now, when a new ssl connection is opened, I have my default certs available. However, with the current req, I will not be able to load my custom certs at compile time, but rather, would have this cert available in a db table, from which I would be able to read. Given this scenario, how do you think I could apply this custom certificate to a running proxy at runtime?

At worst, I could stop and start my proxy vm for the cert to take effect, but I cannot re-package the custom cert uploaded by the user, as is the case with the default certs being used via the ssl context.

I suppose the keystore file contains a collection of different certs, in which case, how does one know which one of these to apply in creation of the ssl context? In other words, when I present a cert to the browser, which one is presented?

Please guide me...

Alas, poor Yorick, he knew this tiny ad:
Free, earth friendly heat - from the CodeRanch trailboss
    Bookmark Topic Watch Topic
  • New Topic