We tried two different ways to get the application to talk to the CA via SSL, and neither way is working yet. First we tried URLConnection which did give us an instance of HttpsURLConnection. But first even before that, we set the HttpsURLConnection's default SSL socket factory to a factory of our creation that returns a org.mozilla.jss.ssl.SSLSocket (because we're using Mozilla's key store and not Java's). When we tried to getOutputStream, java throws an exception because it gets confused between a org.mozilla.jss.ssl.SSLSocket and a javax.net.ssl.SSLSocket. We're still busily extending javax classes to return mozilla SSLSockets, but I can't help to think there must be an easier way.
The other way we tried was to manually create an SSLSocket with JSS classes and force the handshake, which does not throw an exception so I guess it works! But with the socket, we can only access the 'host' (www.ourdomain.com) and a 'port' (443). The only code examples I've seen online for SSL client/servers demonstrate how to GET the home page from the server. For our application, we want to POST a message to a 'URL' (such as www.ourdomain.com/ca/submitProfile). The SSLSocket can access the 'host', but not the 'URL' (when we try, the CA says it doesn't understand our 'query'). I didn't see any URL classes in JSS that might help us.
We can get to the URL via SSL with Mozilla browsers 1.4 and 1.6 just fine, so I know some one out there has done this sort of thing before (but maybe not with Java). So what's missing from either of these two approaches, or is there a third approach we haven't thought of yet?
TIA _______________________________________________ mozilla-crypto mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-crypto
