Hi Guys, After I have followed the instructions from http://www.tomcatexpert.com/knowledge-base/using-openssl-configure-ssl-certificates-tomcat I managed to 1. install the certificates in Tomcat using APR 2. managed to get the web browsers to accept the certificates
The question that I have now is how to get it to work with apache httpclient components. I found that the SSLSocketFactory has 4 constructor class of interest. They are *1. SSLSocketFactory<http://hc.apache.org/httpcomponents-client-ga/httpclient/apidocs/org/apache/http/conn/ssl/SSLSocketFactory.html#SSLSocketFactory(java.security.KeyStore, java.lang.String)>*(KeyStore<http://download.oracle.com/javase/1.5.0/docs/api/java/security/KeyStore.html?is-external=true> keystore, String<http://download.oracle.com/javase/1.5.0/docs/api/java/lang/String.html?is-external=true> keystorePassword) *2. SSLSocketFactory<http://hc.apache.org/httpcomponents-client-ga/httpclient/apidocs/org/apache/http/conn/ssl/SSLSocketFactory.html#SSLSocketFactory(java.security.KeyStore, java.lang.String, java.security.KeyStore)>*(KeyStore<http://download.oracle.com/javase/1.5.0/docs/api/java/security/KeyStore.html?is-external=true> keystore, String<http://download.oracle.com/javase/1.5.0/docs/api/java/lang/String.html?is-external=true> keystorePassword, KeyStore<http://download.oracle.com/javase/1.5.0/docs/api/java/security/KeyStore.html?is-external=true> truststore) *3. SSLSocketFactory<http://hc.apache.org/httpcomponents-client-ga/httpclient/apidocs/org/apache/http/conn/ssl/SSLSocketFactory.html#SSLSocketFactory(javax.net.ssl.SSLContext)> *(SSLContext<http://download.oracle.com/javase/1.5.0/docs/api/javax/net/ssl/SSLContext.html?is-external=true> sslContext) *4. SSLSocketFactory<http://hc.apache.org/httpcomponents-client-ga/httpclient/apidocs/org/apache/http/conn/ssl/SSLSocketFactory.html#SSLSocketFactory(javax.net.ssl.SSLContext, org.apache.http.conn.ssl.X509HostnameVerifier)>*(SSLContext<http://download.oracle.com/javase/1.5.0/docs/api/javax/net/ssl/SSLContext.html?is-external=true> sslContext, X509HostnameVerifier<http://hc.apache.org/httpcomponents-client-ga/httpclient/apidocs/org/apache/http/conn/ssl/X509HostnameVerifier.html> hostnameVerifier) Which one should I used and the pro and cons of using this ? If I used item 2 method, which one is tomcathost.jks and trust.jks in the first parameter and 3rd parameter. The other question is how to load certificates dynamically in java, how do I achieved this ? * *
