On 05/05/2014 21:07, Cheong, Sandy wrote: > Hi Christopher: 1. Please do not hijack threads.
> Please note I am trying to get a contact number for Customer > Support at Apache with regards to the Tom Cat product. You *REALLY* need to read this: http://www.apache.org/foundation/how-it-works.html > I would like to review your End User License Agreement (Click > Through). Can you please point me to the correct person or contact > number for this request? Read the above and the answer to your question should be clear. If it isn't, start a new thread to ask for help. Mark > > Thank you in advance for your kind assistance. > > Best regards, Sandy Cheong > > -----Original Message----- From: Christopher Schultz > [mailto:ch...@christopherschultz.net] Sent: Monday, May 05, 2014 > 3:59 PM To: Tomcat Users List Subject: Re: How can i provide > clientauth required info in HttpURLConnection > > Sushil, > > Please don't top-post. I've re-formatted your message with your > reply below. > > On 5/5/14, 2:38 PM, Sushil Prusty wrote: >> On Mon, May 5, 2014 at 10:32 PM, Christopher Schultz < >> ch...@christopherschultz.net> wrote: > >> Sushil, > >> On 5/5/14, 12:51 PM, Sushil Prusty wrote: >>>>> I have below code which will always throws exception while >>>>> i am trying to connect because my ClientAuth is true in >>>>> server.xml of apach/conf.Server.xml. How can i provide >>>>> clientauth info to below code using Apache api. >>>>> >>>>> URL testURL = new URL("https://localhost: >>>>> 443/app/AppAction.do"); HttpURLConnection conn = >>>>> (HttpURLConnection) testURL.openConnection(); >>>>> conn.setRequestMethod("HEAD"); >>>>> conn.setInstanceFollowRedirects(false); conn.connect(); >>> >>> What kind of client auth do you want to provide? > >> It's a trustore certificate. > > So you need to make a connection to a secure server with a client > certificate? > > It's a bit verbose, but you have to do the following. I have > copy/pasted this from some code I adapted from Tomcat's sources. I > have removed all of the exception handling and utility methods I > used because otherwise it would be quite long and might not be > convenient to read / understand. It may be missing a few features > such as using non-default crypto providers, etc. > > > import javax.net.ssl.SSLContext; > > ... > > // Load trust store (which is a KeyStore) KeyStore trustStore = > KeyStore.getInstance(trustStoreType); InputStream in = new > FileInputStream(sturstStoreFilename); trustStore.load(in, > storePassword.toCharArray()); > > TrustManagerFactory tmf = > > TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); > > if (null == crlFilename) // Certificate Revocation List > { tmf.init(trustStore); } else { CertPathParameters params = > getParameters(trustStoreAlgorithm, crlFilename, > maxCertificatePathLength, trustStore); > > ManagerFactoryParameters mfp = new > CertPathTrustManagerParameters(params); > > tmf.init(mfp); } > > SSLContext sc = SSLContext.getInstance(protocol); > > sc.init(null, tmf.getTrustManagers(), new > java.security.SecureRandom()); > > HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory()); > > Once you've done that, you can make a connection using the code > you already had above. > > Hope that helps, -chris > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > > ###################################################################### > > The information contained in this communication is confidential and > may contain information that is privileged or exempt from > disclosure under applicable law. If you are not a named addressee, > please notify the sender immediately and delete this email from > your system. If you have received this communication, and are not a > named recipient, you are hereby notified that any dissemination, > distribution or copying of this communication is strictly > prohibited. > ###################################################################### > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
