Hi Christopher: Please note I am trying to get a contact number for Customer Support at Apache with regards to the Tom Cat product. I would like to review your End User License Agreement (Click Through). Can you please point me to the correct person or contact number for this request?
Thank you in advance for your kind assistance. Best regards, Sandy Cheong -----Original Message----- From: Christopher Schultz [mailto:ch...@christopherschultz.net] Sent: Monday, May 05, 2014 3:59 PM To: Tomcat Users List Subject: Re: How can i provide clientauth required info in HttpURLConnection -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Sushil, Please don't top-post. I've re-formatted your message with your reply below. On 5/5/14, 2:38 PM, Sushil Prusty wrote: > On Mon, May 5, 2014 at 10:32 PM, Christopher Schultz < > ch...@christopherschultz.net> wrote: > > Sushil, > > On 5/5/14, 12:51 PM, Sushil Prusty wrote: >>>> I have below code which will always throws exception while i am >>>> trying to connect because my ClientAuth is true in server.xml of >>>> apach/conf.Server.xml. How can i provide clientauth info to below >>>> code using Apache api. >>>> >>>> URL testURL = new URL("https://localhost: >>>> 443/app/AppAction.do"); HttpURLConnection conn = >>>> (HttpURLConnection) testURL.openConnection(); >>>> conn.setRequestMethod("HEAD"); >>>> conn.setInstanceFollowRedirects(false); conn.connect(); >> >> What kind of client auth do you want to provide? > > It's a trustore certificate. So you need to make a connection to a secure server with a client certificate? It's a bit verbose, but you have to do the following. I have copy/pasted this from some code I adapted from Tomcat's sources. I have removed all of the exception handling and utility methods I used because otherwise it would be quite long and might not be convenient to read / understand. It may be missing a few features such as using non-default crypto providers, etc. import javax.net.ssl.SSLContext; ... // Load trust store (which is a KeyStore) KeyStore trustStore = KeyStore.getInstance(trustStoreType); InputStream in = new FileInputStream(sturstStoreFilename); trustStore.load(in, storePassword.toCharArray()); TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); if (null == crlFilename) // Certificate Revocation List { tmf.init(trustStore); } else { CertPathParameters params = getParameters(trustStoreAlgorithm, crlFilename, maxCertificatePathLength, trustStore); ManagerFactoryParameters mfp = new CertPathTrustManagerParameters(params); tmf.init(mfp); } SSLContext sc = SSLContext.getInstance(protocol); sc.init(null, tmf.getTrustManagers(), new java.security.SecureRandom()); HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory()); Once you've done that, you can make a connection using the code you already had above. Hope that helps, - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJTZ+2ZAAoJEBzwKT+lPKRYuNYQALw9W8hR3tCdiqixvIcmsZHm bPd97Q+FaNSOB0jAf5eqTDSjw4xHuv/u2frLU+q/0NHpUG3s5koBJQVpC7CXrRZX B8dSykIZCQSP2Qd0KVyb0HeWXs/OJt8G4/aftWM/1Qw5/0xIa0GuHXx3qOSL++io uZFVHiPKorCF8cmmgwE0iM8YjOX2OpOh+j8kQeNV33vPik0kW7m/3V1T+LNsRbQv XitvI+mng0twJU3B185jkuNdBJP0B830669horJCsKzKuWmxvtafIYecQ334D9RJ AGLX0jq6hanNdgBcta9hCiVZhrphz589gwbFV9IZEIRmm4xR//YOMEVssD1kWAK5 xL8N1uJ+kHSCypE8TCvEfyq4bNehsrd7KCZNeut5abD18XhkGn4JnEuKAq1FWVM/ 9REf39jC56V7tIINp0pxmeFDIPIYcM5wlpJIO20VgS//QnTL+/kTaa1s4Il+do22 fhwWmC2BzIGg4rUIyQbn9PtFOBwJMUC8errylRAEoUGa65ZkLwilKUE8N0/esZkI SErE6p99l/qzSxbs24yRQJveJadR67gKpn2uclhivu0q+d9wy7Try6Wvg5tmOe9y jlh6Gs5zDtie+sMVcR+BucOtxAP/62Nz5tuOIzodiPiDzmDIaFj9UZ0cUFCak+jw w0TgZ7vlcRAewLAjrjSt =x7vJ -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org ###################################################################### The information contained in this communication is confidential and may contain information that is privileged or exempt from disclosure under applicable law. If you are not a named addressee, please notify the sender immediately and delete this email from your system. If you have received this communication, and are not a named recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. ######################################################################
