Hello Oleg, Thanks. I've been seeing some HttpClient samples. Some of them set the trustStore/keyStore directly to the SSLSocketFactory. And others create an SSLContext with them and then set this SSLContext to the SSLSocketFactory. Any advantage from one respect to the other?
Furthermore, when using SSLContext we need to create an instance using the secure socket protocol. Is there any way to accept all secure protocols? Thanks, Joan. -----Mensaje original----- De: Oleg Kalnichevski [mailto:ol...@apache.org] Enviado el: jueves, 28 de noviembre de 2013 10:24 Para: HttpClient User Discussion Asunto: Re: SSL connection On Wed, 2013-11-27 at 19:24 +0100, Joan Balagueró wrote: > Hello, > > > > I have an application (servlet running on tomcat) that must send a > https request to a server that requires client authentication. > > > > Tomcat has correctly installed the truststore and keystore. But I > understand that when our app sends the https request, I have to attach > the client authentication required by the server. > > > > Can anyone address to any doc where I can see how to do this? > > > > Thanks, > > > > J. > There is enough good material on SSL fundamentals on the web. Just google it out. As far as HC APIs are concerned SSLContextBuilder should help you set up the correct SSL context for your application. Most likely you will need to load the private key and add it to the context using this method [1]. Oleg [1] http://hc.apache.org/httpcomponents-client-4.3.x/httpclient/apidocs/org/apache/http/conn/ssl/SSLContextBuilder.html#loadKeyMaterial%28java.security.KeyStore,%20char[],%20org.apache.http.conn.ssl.PrivateKeyStrategy%29 > > > > > > --------------------------------------------------------------------- To unsubscribe, e-mail: httpclient-users-unsubscr...@hc.apache.org For additional commands, e-mail: httpclient-users-h...@hc.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: httpclient-users-unsubscr...@hc.apache.org For additional commands, e-mail: httpclient-users-h...@hc.apache.org