Spring 启动 SSL 客户端-服务器通信

Question

I am rather new to Spring Boot and SSL. I have developed a SSL rest web server with server keystore , private key , server CA and that correctly handles mutual X.509 certificate authentication. I have tested, that works HTTPS requests with Postman and also Python Client and everything working correctly, both the server and client are successfully exchanging and validating each others certificates.

But my scenario is little bit different,

I have created and connected one Postgresql database to my spring boot application and I have created entities of tables with specific ID numbers and also REST endpoints which you can create, get entity etc.

So my scenario is following;

1. Python Client comes with specific ID number and makes a request to one REST Endpoint which is available for everybody (permitted by server).
2. Spring Boot Server checks that ID number in database and creates a Client Certificate to the Python Client (which I am stucked right now.) and sends this certificate to Client.
3. After Sending the Client Certificate, Client can use it and communicate Server with Certificate

So question is following;

Is that possible to create a client certificate in runtime in java? If yes, how I can create it and send back to client?

Thank you for your time and response.

Answer 1

I have found the solution. If somebody needs similar solution, you can the following steps;

1. Create public endpoint in spring boot which you can take the given id number
2. Compare with your database and if it id number existed call an.sh file (use process)
3. In this.sh file, use openssl commands to generate a key, remove the passphrase from the key (if you used it), create a client certificate request and finally sign the certificate.
4. Finally send this signed certificate and private key back to client.

After all, your client can use your signed certificate with private key and use your secured endpoints.