ws-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nicolas Hoibian <>
Subject Re: Newbie question - HTTPS and testkeys
Date Wed, 22 Jun 2005 08:31:04 GMT
> May be I didn't produced my testkeys correctly ? :
> keytool -genkey -keystore testkeys
> Thanks again for your help !
> Eric

you probably did, but i think you must add your client certificate the 
server truststore, but i might have misunderstood this page : (the part 
about "Creating a Client Certificate for Mutual Authentication" might be of 
interest to you.
I have build a client that connect "securely" to a secure server using 
inspiration from code from this url : 
(in the Code appendix)

here is the code, modified somehow to get it to connect in a way that the 
client or the server would not throw an exception

public static void main(String args[]) {
//String login = "pascal"; //from the original code
//String password = "mimas";
//String handle = "
SecureXmlRpcClient xmlrpc ;
try {
// Install the all-trusting trust manager
SSLContext sc = SSLContext.getInstance("SSL");
TrustManagerFactory t = TrustManagerFactory.getInstance("SunX509");
char[]password ="trustword".toCharArray();
KeyStore k=KeyStore.getInstance("JKS");
k.load(new FileInputStream("truststore"),password);

sc.init(null, t.getTrustManagers(), new;

HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory()); hv=new {
public boolean verify(String hostname, SSLSession session) {
System.out.println("hostname: "+hostname +" vs "+session.getPeerHost());
/* this part is commented out because it doesn't do anything [useful / that 
would work] anyway
try{Certificate[] c1 = session.getPeerCertificates();
for (int i = 0; i<c1.length;i++ ){System.out.println("public key : 
catch(Exception e){e.printStackTrace();}*/
System.out.println("WARNING: Hostname is accepted by default(and not even 
matched for.)");
return true;}
System.out.println("creating URL");
URL url = new URL("");
System.out.println("trying to connect to the server securely");
xmlrpc = new SecureXmlRpcClient(url);
} catch (Exception e) {
//do something to fill the v2 vector
Integer result = (Integer) xmlrpc.execute("addition",v2);
System.out.println("Java client : " + result);
catch (Exception e)

If there is some error in the code, all comments are welcome.
The part about the hostname verifier is highly dubious anyway, so if you 
have a better idea, I'm open minded.

On a similar topic, I think writing a tutorial on how to get the f@!:/| 
Secure xml rpc client and server to work would be a very good idea.


View raw message