Following code can help to create SSLSocketfactory for trusted cert by reading custom JKS (If you don't want to put cert in default trust store(cacrets) or don't want to set java system property).
This piece of code will be specific to your application and will not affect other applications if running in same JVM ...
private static String trustStorePasswd = "pass123";
private static String keyfactoryAlgorithm = "SunX509";
private static String sslContextProtocol = "SSL";
SSLContext sslCtx = SSLContext.getInstance(sslContextProtocol);
String sslTrustStore = "./setup/mytrust.jks"; // trust store file
// Create TrustManager
KeyStore trustKs = KeyStore.getInstance("JKS");
trustKs.load(new FileInputStream(sslTrustStore),
trustStorePasswd.toCharArray());
trustKs.load(is,
trustStorePasswd.toCharArray());
TrustManagerFactory tmf = TrustManagerFactory
.getInstance(keyfactoryAlgorithm);
tmf.init(trustKs);
sslCtx.init(null ,tmf.getTrustManagers(), null);
SSLSocketFactory socketFactory = sslCtx.getSocketFactory();
Now next step is to set socket factory into HttpsURLconnection :
HttpsURLconnection httpsconnections;
URL url = new URL("https://mysite.com:3434");
httpsconnections = (HttpsURLConnection) url.openConnection();
httpsconnections.setSSLSocketFactory(socketFactory);
now ur java code is ready to open connection to site and to use .. :)
cheers
No comments:
Post a Comment
Thanks for your comment, will revert as soon as we read it.