I have written below code to connect to server using client side certificate authentication.
public void login()
{
try {
KeyStore ks = KeyStore.getInstance("Windows-MY", "SunMSCAPI");
ks.load(null, null);
String kalg = KeyManagerFactory.getDefaultAlgorithm();
System.out.println(kalg);
KeyManagerFactory kmf = KeyManagerFactory.getInstance(kalg);
kmf.init(ks, null);
String talg = TrustManagerFactory.getDefaultAlgorithm();
System.out.println(talg);
TrustManagerFactory tmf = TrustManagerFactory.getInstance(talg);
KeyStore ts;
ts = KeyStore.getInstance("Windows-ROOT", "SunMSCAPI");
ts.load(null, null);
tmf.init(ts);
TrustManager tm[] = tmf.getTrustManagers();
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(kmf.getKeyManagers(), tm, new java.security.SecureRandom());
HttpsURLConnection
.setDefaultSSLSocketFactory(sc.getSocketFactory());
URL url = new URL("https://xxxxxx/");
HttpsURLConnection httpsCon = (HttpsURLConnection) url
.openConnection();
InputStream is = httpsCon.getInputStream();
httpsCon.getHeaderFields();
String str =httpsCon.getHeaderField("Set-Cookie");
System.out.println(httpsCon.getResponseMessage());
int c;
StringBuffer sb = new StringBuffer();
while ((c = is.read()) >= 0) {
System.out.print((char)c);
sb.append((char) c);
}
is.close();
} catch (Exception ex) {
ex.printStackTrace();
}
}
for testing purposed I have created self signed server and client certificates.
This code works only in java 7, in java 8 it throws exception:
java.security.InvalidKeyException: No installed provider supports this key: sun.security.mscapi.RSAPrivateKey
Is it something to do with some features introduced in java 8?
public static void login()
{
try {
KeyStore ks = KeyStore.getInstance("Windows-MY");
ks.load(null, null);
String kalg = KeyManagerFactory.getDefaultAlgorithm();
System.out.println(kalg);
KeyManagerFactory kmf = KeyManagerFactory.getInstance(kalg);
kmf.init(ks, null);
String talg = TrustManagerFactory.getDefaultAlgorithm();
System.out.println(talg);
final TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
@Override
public void checkClientTrusted(final X509Certificate[] chain,
final String authType) {
}
@Override
public void checkServerTrusted(final X509Certificate[] chain,
final String authType) {
}
@Override
public X509Certificate[] getAcceptedIssuers() {
return null;
}
} };
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(kmf.getKeyManagers(), trustAllCerts, new java.security.SecureRandom());
HttpsURLConnection
.setDefaultSSLSocketFactory(sc.getSocketFactory());
URL url = new URL("xxxxx");
HttpsURLConnection httpsCon = (HttpsURLConnection) url
.openConnection();
InputStream is = httpsCon.getInputStream();
httpsCon.getHeaderFields();
String str =httpsCon.getHeaderField("Set-Cookie");
System.out.println(httpsCon.getResponseMessage());
int c;
StringBuffer sb = new StringBuffer();
while ((c = is.read()) >= 0) {
System.out.print((char)c);
sb.append((char) c);
}
is.close();
} catch (Exception ex) {
ex.printStackTrace();
}
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.