Something like this works:
public class HttpPost {
....
public static class RelaxedX509TrustManager implements X509TrustManager {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
// Supposed to throw a CertificateException if the cert is not trusted.
// This construct accepts anything.
public void checkClientTrusted(java.security.cert.X509Certificate[] chain, String authType) {}
public void checkServerTrusted(java.security.cert.X509Certificate[] chain, String authType) {}
}
public static InputStream post(String urlStr,Hashtable headers,InputStream reqStream)
throws IOException {
URL url = "" URL(urlStr);
HttpURLConnection con = (HttpURLConnection)url.openConnection();
if (con instanceof HttpsURLConnection) {
HttpsURLConnection conHttps = (HttpsURLConnection)con;
// accept any cert
KeyManager[] km = null;
TrustManager[] tm = {new RelaxedX509TrustManager()};
try {
SSLContext sslContext = SSLContext.getInstance("SSL");
sslContext.init(null, tm, new java.security.SecureRandom());
SSLSocketFactory sslSF = sslContext.getSocketFactory();
conHttps.setSSLSocketFactory(sslSF);
} catch(NoSuchAlgorithmException e) {
throw new IOException("HttpPost.postXML(): unable to complete request, NoSuchAlgorithmException=" + e.getMessage());
} catch(KeyManagementException e) {
throw new IOException("HttpPost.postXML(): unable to complete request, KeyManagementException=" + e.getMessage());
}
// be relaxed about hostnames
conHttps.setHostnameVerifier(new HostnameVerifier() {
public boolean verify(String hostname,SSLSession session) {
return true;
}
});
}
....
-----Original Message-----
From: Rudi Verago [vlain] [mailto:[EMAIL PROTECTED]]
Sent: Saturday, November 22, 2003 5:58 AM
To: axis-user
Subject: SSL one-way
My web services has a swing gui and use a ssl connection.
I don't want mutual authentication (only server has certification), how
implement in java on the client side?
simply put https, I don't think so....
Thanks
~~~~~~~~~~~~~~~
Rudi Verago [vLAiN]
[EMAIL PROTECTED]
~~~~~~~~~~~~~~~
"Bringing people together to advance their lives."
NOTICE: The information contained in this electronic mail transmission is intended by TMP Interactive Inc. d/b/a Monster or one of its subsidiaries for the use of the named individual or entity to which it is addressed and may contain information that is privileged or otherwise confidential. It is not intended for transmission to, or receipt by, any individual or entity other than the named addressee (or a person authorized to deliver it to the named addressee) except as otherwise expressly permitted in this electronic mail transmission. If you have received this electronic transmission in error, please delete it without copying or forwarding it, and notify the sender of the error by reply email or by calling Monster at 1-800-MONSTER.
