Testing a website supports mutual SSL using Java

Question

I need to write a Cucumber Test case to verify if a website supports 2-way SSL in Java. I'm not sure how to exactly do it after countlessly reading through different articles and answers. I've generated a self signed certificate for the client side of the test case, and I add it in the request, but I'm not sure how exactly to verify that the website I'm accessing supports 2-way SSL. This is my code so far that I've gotten from using different bits of answers and articles online.

        org.apache.log4j.BasicConfigurator.configure();

        try {
            String CERT_PASSWORD = "somePass";

            KeyStore identityKeyStore = KeyStore.getInstance("jks");
            FileInputStream identityKeyStoreFile = new FileInputStream(new File(System.getProperty("user.dir") + "/src/main/resources/files-for-testcases/ultimate.jks"));
            identityKeyStore.load(identityKeyStoreFile, CERT_PASSWORD.toCharArray());


            SSLContext sslContext = SSLContexts.custom()
                    // load identity keystore
                    .loadKeyMaterial(identityKeyStore, CERT_PASSWORD.toCharArray(), (aliases, socket) -> "bddsecurity")
                    .build();

            SSLConnectionSocketFactory sslConnectionSocketFactory = new SSLConnectionSocketFactory(sslContext,
                    new String[]{"TLSv1.2", "TLSv1.1"},
                    null,
                    SSLConnectionSocketFactory.getDefaultHostnameVerifier());

            CloseableHttpClient client = HttpClients.custom()
                    .setSSLSocketFactory(sslConnectionSocketFactory)
                    .build();

            // Call a SSL-endpoint
            return callEndPoint (client, url);
        } catch (Exception ex) {
            System.out.println("Boom, we failed: " + ex);
            ex.printStackTrace();
        }
        return 404;
    }

    private static int callEndPoint (CloseableHttpClient aHTTPClient, String aEndPointURL) {

        try {
            HttpGet httpGet = new HttpGet(aEndPointURL);

            LOG.info("**GET** request Url: " + httpGet.getURI());

            HttpResponse response = aHTTPClient.execute(httpGet);

            int responseCode = response.getStatusLine().getStatusCode();
            LOG.info("Response Code: " + responseCode);
            return responseCode;
        } catch (Exception ex) {
            System.out.println("Boom, we failed: " + ex);
            ex.printStackTrace();
        }
        return 404;
    }

Answer 1

So just to update, the issue was with my server that was alright with connections that didn't have a certificate. It wasn't, and then my application threw an error but the diagnosis was straightforward and it now is all good.