Re: Client Auth / Certificates
[EMAIL PROTECTED] wrote: It is possible to create a standard JSSE impl, but only for 1.4 JDK. In previous JDK's the required classes were of the com.sun.net.ssl variety, which of course is ugly. There is no cross-vm solution for JDKs prior to 1.4 that I am aware of. - Matt Secoske Unfortunately we can not use some 1.4 specific features since we are supposed to maintain 1.3 runtime compatibility. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Client Auth / Certificates
[EMAIL PROTECTED] wrote: I am looking for a way to specify a particular client SSL certificate for Client Authenticated SSL. This is usually done by writing a SSLSocketFactory that creates Sockets with the Client Cert attached. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Client Auth / Certificates
Ortwin - Correct. I have completed the code using javax.net.ssl.HttpsURLConnection (Creating a special keymanager (for my crypto framework), setting up the SSLContext, creating SSLSocketFactory, etc.) . I was just hoping that HttpClient had a Socket factory already written for this functionality, as it would buy me a few other things, mainly timeouts.I would be glad to write the Socket factory myself, but I am unfortunately on a short schedule.Would this functionality be of use to anyone else? If it is something people would find useful, I would gladly contribute it. Thanks, Matt Secoske Ortwin Glück [EMAIL PROTECTED] 06/26/2003 02:57 AM Please respond to Commons HttpClient Project To: Commons HttpClient Project [EMAIL PROTECTED] cc: Subject:Re: Client Auth / Certificates [EMAIL PROTECTED] wrote: I am looking for a way to specify a particular client SSL certificate for Client Authenticated SSL. This is usually done by writing a SSLSocketFactory that creates Sockets with the Client Cert attached. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Client Auth / Certificates
It sure would be useful however I am not sure if it is possible. I never used a standard JSSE implementation. We used SSLava in our projects (because it's supposed to be faster) and SSLava is does not have a JSSE interface. So I wrote a SSLSocketFactory that configured SSLava to use a specific client certificate. Maybe with a JSSE compatible implementation this can be done in a generic way. The implementation that I have is very SSLava specific and probably of no use to anybody else. Odi [EMAIL PROTECTED] wrote: Ortwin - Correct. I have completed the code using javax.net.ssl.HttpsURLConnection (Creating a special keymanager (for my crypto framework), setting up the SSLContext, creating SSLSocketFactory, etc.) . I was just hoping that HttpClient had a Socket factory already written for this functionality, as it would buy me a few other things, mainly timeouts.I would be glad to write the Socket factory myself, but I am unfortunately on a short schedule.Would this functionality be of use to anyone else? If it is something people would find useful, I would gladly contribute it. Thanks, Matt Secoske - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Client Auth / Certificates
It is possible to create a standard JSSE impl, but only for 1.4 JDK. In previous JDK's the required classes were of the com.sun.net.ssl variety, which of course is ugly. There is no cross-vm solution for JDKs prior to 1.4 that I am aware of. - Matt Secoske Ortwin Glück [EMAIL PROTECTED] 06/26/2003 10:07 AM Please respond to Commons HttpClient Project To: Commons HttpClient Project [EMAIL PROTECTED] cc: Subject:Re: Client Auth / Certificates It sure would be useful however I am not sure if it is possible. I never used a standard JSSE implementation. We used SSLava in our projects (because it's supposed to be faster) and SSLava is does not have a JSSE interface. So I wrote a SSLSocketFactory that configured SSLava to use a specific client certificate. Maybe with a JSSE compatible implementation this can be done in a generic way. The implementation that I have is very SSLava specific and probably of no use to anybody else. Odi [EMAIL PROTECTED] wrote: Ortwin - Correct. I have completed the code using javax.net.ssl.HttpsURLConnection (Creating a special keymanager (for my crypto framework), setting up the SSLContext, creating SSLSocketFactory, etc.) . I was just hoping that HttpClient had a Socket factory already written for this functionality, as it would buy me a few other things, mainly timeouts.I would be glad to write the Socket factory myself, but I am unfortunately on a short schedule.Would this functionality be of use to anyone else? If it is something people would find useful, I would gladly contribute it. Thanks, Matt Secoske - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Client Auth / Certificates
Matt, No, there's no such mechanism in place. However, there's a way provide a custom SSL implementation that meets your specific needs. Have a look at the HttpClient SSL guide at the following location: http://jakarta.apache.org/commons/httpclient/sslguide.html There's a section on customising SSL support followed by a few samples. That should give you a rough idea how to proceed. Oleg On Wed, 2003-06-25 at 19:33, [EMAIL PROTECTED] wrote: Hello All, I a nub to HttpClient. I am looking for a way to specify a particular client SSL certificate for Client Authenticated SSL. I do not see anything in the HttpClient javadocs, so I'm posting the question here. Is there such a mechanism already in place in HttpClient, or do I need to write my own? I have already written some code that works with the JDK/JSSE HttpsURLConnection, I'm just looking for more functionality (Timeouts) than what the JDK gives me. Thanks, - Matt Secoske - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]