On Wed, 2007-06-20 at 14:57 +0200, PHILIPPE Johan wrote: > > > -----Original Message----- > > From: Nirmal Patil [mailto:[EMAIL PROTECTED] > > Sent: dinsdag 19 juni 2007 1:20 > > To: [email protected] > > Subject: using pfx or pkcs12 certificate for 2 way ssl with httpclient > > > > Folks, > > I need to interact with a https url using 2 way ssl. I have been given > a > > pfx > > file which is the client cert. > > > > I have used OpenSSL to create the pem file and am now researching to > see > > if > > I can use Apache HttpClient and specifically the > > AuthSSLProtocolSocketFactory > > here. I noticed that AuthSSLProtocolSocketFactory supports only the > X509 > > format which means that I would need to convert to this X509 format. > > Right? > > No, X509 is standard, and that should be the format of your certificate > inside your PKCS12 as well. > > > > > Can I use the PKCS12 private key and cert with Apache HttpClient > directly. > > Will I be required to write my own implementation > > ofSecureProtocolSocketFactory? (which I would want to avoid, i guess > > ;)). > > > > Any tips or pointers to resources are appreciated. > > Do read through > http://jakarta.apache.org/commons/httpclient/sslguide.html and do not > skip the AuthSSLProtocolSocketFactory > >
Nirmal, You may also want take a good look at nyc-ssl library [1]. It provides a much more advanced version of AuthSSLProtocolSocketFactory and should also be able to import key material in OpenSSL native formats. [1] http://juliusdavies.ca/commons-ssl/index.html Oleg > > > > STRICTLY PERSONAL AND CONFIDENTIAL > This message may contain confidential and proprietary material for the sole > use of the intended recipient. Any review or distribution by others is > strictly prohibited. If you are not the intended recipient please contact the > sender and delete all copies. > > Dit bericht is enkel bestemd voor de aangeduide ontvangers en kan > vertrouwelijke informatie bevatten. Als u niet de ontvanger bent, dan mag u > de inhoud van dit bericht niet bekendmaken noch kopiren. Als u dit bericht > per vergissing ontvangen heeft, gelieve er de afzender of De Post > onmiddellijk van op de hoogte te brengen en het bericht vervolgens te > verwijderen. > > Ce message est uniquement destin aux destinataires indiqus et peut contenir > des informations confidentielles. Si vous n'tes pas le destinataire, vous ne > devez pas rvler le contenu de ce message ou en prendre copie. Si vous avez > reu ce message par erreur, veuillez en informer l'expditeur, ou La Poste > immdiatement, avant de le supprimer. > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
