5

I have a file with the '.pfx' extension and a password to this certificate.

What I need to do is to send a simple GET request to a webservice and read the response body.

I need to implement a method similar to this:

String getHttpResponse(String url, String certificateFile, String passwordToCertificate){
    ...
}

I also tried converting the certificate to a format "with no password" using openssl:

Convert a PKCS#12 file (.pfx .p12) containing a private key and certificates to PEM:
openssl pkcs12 -in keyStore.pfx -out keyStore.pem -nodes

So the alternate implementaion of the my method could be:

String getHttpResponse(String url, String certificateFile){
    ...
}

I would really appreciate your help, I spent half a day googling for it, but I haven't found an example that would help me, it seems I have problems with undestanding some basic assumptions around SSL and stuff.

Improve this question
2
  • May I know which environment(server) you are working on? Commented Jun 10, 2012 at 12:38
  • The application will be running on Apache Tomcat. The server to which I am sending my request is some kind of SOAP webservice returning an XML. Commented Jun 10, 2012 at 13:08

2 Answers 2

Reset to default
9

I finally found a good solution (without creating custom SSL context):

String getHttpResponseWithSSL(String url) throws Exception {
    //default truststore parameters
    System.setProperty("javax.net.ssl.trustStore", "/usr/lib/jvm/java-6-openjdk/jre/lib/securitycacerts");
    System.setProperty("javax.net.ssl.trustStorePassword", "changeit");
    System.setProperty("javax.net.ssl.trustStoreType", "JKS");

    //my certificate and password
    System.setProperty("javax.net.ssl.keyStore", "mycert.pfx");
    System.setProperty("javax.net.ssl.keyStorePassword", "mypass");
    System.setProperty("javax.net.ssl.keyStoreType", "PKCS12");


    HttpClient httpclient = new HttpClient();

    GetMethod method = new GetMethod();
    method.setPath(url);

    int statusCode = httpclient.executeMethod(method);
    System.out.println("Status: " + statusCode);

    method.releaseConnection();

    return method.getResponseBodyAsString();
}
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

This is good in my case. However - what if I needed to change the settings in the runtime? Do you think setting System.setProperty again would be very wrong?
It's not that it would be "wrong", but more likely that it wouldn't work.
1

This question should have your answer:

HTTPClient-1.4.2: Explanation needed for Custom SSL Context Example

You need to use httpclient to create the request and then use a key manager.

Improve this answer

2 Comments

I tried doing it this way, however I am not sure what file should I use as the "trustStore"...
According to [this] (docs.oracle.com/javase/6/docs/api/java/security/…) it can be null to create an empty keystore.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.