[Simpleweb-Support] SSL Client Authentication
Brought to you by:
niallg
Menu
▾
▴
[Simpleweb-Support] SSL Client Authentication
|
From: Mike D. <mik...@gm...> - 2013-06-05 01:33:52
|
Is there a good way to configure Simple to require a valid client
certificate when using an SSL connection?
I have the following bare-bones server and I would like to know what the
correct process is to enable client certificate authentication on it.
Any help would be much appreciated.
Thanks,
Mike
-------Begin Example-----
public static void main(String[] args) throws Exception {
Container container = createContainer();
Server server = new ContainerServer(container);
Connection connection = new SocketConnection(server);
SocketAddress address = new InetSocketAddress(8443);
KeyManagerFactory km =
KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
KeyStore serverKeystore = KeyStore.getInstance(KeyStore.getDefaultType());
try(InputStream keystoreFile = new FileInputStream(SERVER_KEYSTORE_PATH)) {
serverKeystore.load(keystoreFile, "asdfgh".toCharArray());
}
km.init(serverKeystore, "asdf".toCharArray());
TrustManagerFactory tm =
TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
KeyStore caKeystore = KeyStore.getInstance(KeyStore.getDefaultType());
try(InputStream caCertFile = new FileInputStream(CA_CERT_PATH)) {
caKeystore.load(caCertFile, "asdfgh".toCharArray());
}
tm.init(caKeystore);
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(km.getKeyManagers(), tm.getTrustManagers(), null);
sslContext.getDefaultSSLParameters().setNeedClientAuth(true);
connection.connect(address, sslContext);
}
|
