Client certificate on outboud connection

Question

On my application I need to access a bunch of REST webservices using Client Authentication. I'm using RestEasy's implementation of JAX-RS Client (which is actually using Apache HttpComponents under the hood).

First I try to load the KeyStore :

private static KeyStore keyStore;

static {
    try {
        String keyStoreProperty = System.getProperty("javax.net.ssl.keyStore");
        String keyStorePasswordProperty = System.getProperty("javax.net.ssl.keyStorePassword");

        if (keyStoreProperty != null && keyStorePasswordProperty != null) {
            keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            try (InputStream keyStoreData = new FileInputStream(keyStoreProperty)) {
                keyStore.load(keyStoreData, keyStorePasswordProperty.toCharArray());
            }
        }
    } catch (IOException | NoSuchAlgorithmException | CertificateException | KeyStoreException e) {
        //logging
    }
}

Next I use the previously loaded KeyStore to build the javax.ws.rs.client.Client :

Client client;
if (keyStore != null) {
    client = ClientBuilder.newBuilder()
        .keyStore(keyStore, System.getProperty("javax.net.ssl.keyStorePassword")).build();
} else {
    //logging
}

However, this code doesn't seems to be the right way to do things.

I would like to know if it's possible to configure the keyStore on JBoss/WildFly and let it apply it on outbound connections, ideally based on URL patterns.

Answer 1

WildFly does not have that.

Regarding your code when configuring 2-way SSL you need also trustStore configured. To make client trust to server you are connecting. Or alternatively use ssl context instead of keyStore trustStore pair [1].

[1] https://docs.oracle.com/javaee/7/api/javax/ws/rs/client/ClientBuilder.html