Hi Chris,
Bruno Harbulot wrote:
> Hi Chris,
>
> christian.hai...@gmail.com wrote:
>> I use Restlet Version 1.1
>>
>> I tried it this way:
>>
>> Client client = new Client(new Context(), Protocol.HTTPS);
>> Context con = client.getContext();
>> Series<Parameter> param1 = con.getParameters();
>> param1.add("sslContextFactory","MySSLContextFactory");
>>
>> where MySSLContextFactory has the base class
>> com.noelios.restlet.util.SslContextFactory
>>
>> But it is not working that way.
>
> Can you clarify how it's not working?
>
>
> There's more documentation here:
> [1] http://wiki.restlet.org/docs_1.1/13-restlet/27-restlet/46-restlet.html
> [2] http://wiki.restlet.org/docs_1.1/13-restlet/28-restlet/153-restlet.html
>
>
> There is a difference between using parameters and attributes when
> setting the context (as mentioned in [1]).
> When passing the settings via parameters, "sslContextFactory" must be a
> class name, and you should also pass whatever other parameters your
> SslContextFactory expects (I'm not sure what they are in your case).
> This is more or less what's described in [2] for PkixSslContextFactory.
> Most of the "keyStore*" parameters also work for the
> DefaultSslContextFactory.
>
>
> If you want to pass an SslContextFactory that has already been
> configured (perhaps with more advanced options), you might want to pass
> the instance via the "sslContextFactory" /attribute/ in the context, in
> which case the value of the "sslContextFactory" /parameter/ will be ignored.
>
> This could look like this, for example:
>
> import org.jsslutils.sslcontext.PKIXSSLContextFactory;
> import org.jsslutils.sslcontext.trustmanagers.GsiWrappingTrustManager;
>
> final PKIXSSLContextFactory sslContextFactory = new
> PKIXSSLContextFactory(..., ..., ...);
> for (String crl : ...) {
> sslContextFactory.addCrl(crl);
> }
>
> sslContextFactory.setTrustManagerWrapper(new
> GsiWrappingTrustManager.Wrapper());
>
> server.getContext().getAttributes().put("sslContextFactory",
> new SslContextFactory() {
> @Override
> public SSLContext createSslContext() throws Exception {
> return sslContextFactory.buildSSLContext();
> }
>
> @Override
> public void init(Series<Parameter> parameters) {
> }
> });
Sorry, I've just realised I had missed the point of the question: the
client (whereas my example is for a server).
SslContextFactories are not currently supported on the client side. For
more details, see:
http://restlet.tigris.org/issues/show_bug.cgi?id=586#desc4
There are ways around this. You can create an SSLContextFactory with
jSSLutils and create an SSLContext out of it.
If you're using Java 6 and the default Java connector, you can set this
SSLContext using SSLContext.setDefault(...).
If you're using the Apache HTTP client connector, use the method
described in issue #586, with this
http://code.google.com/p/jsslutils/wiki/ApacheHttpClientUsage
In both cases, the settings will be global for all your client connectors.
Best wishes,
Bruno.
------------------------------------------------------
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=1028330
