0

Here is a sample code I am referring to. https://sites.google.com/site/ssljavaguide/example-code/2-way-ssl

Can I not set the keystore-related properties and wait for some exception to be thrown and then depending upon the occurrence of exception decide whether it is a 1-way or 2-way ssl connection?

Apologies if the question seems stupid.

user2882198
  • 3
  • 2

1 Answers1

0

It's up to the server to request a client certificate (the client cannot send it if it's not requested).

Your client keystore will only be used if the server makes such a request. Setting a keystore when no client certificate is requested is not a problem: it just won't be used. The side effect is that the client will send a suitable cert whenever it's requested. If you need a bit more control, you'll need a custom KeyManager.

Bruno
  • 119,590
  • 31
  • 270
  • 376
  • Thanks for the answer. I also need to make some UI changes depending upon the SSL is two way or one way.If it is two-way I am planning to put up a UI which lists the certificates in a given keystore so that the user can select the certificate he wants to present. So, Is there a way where i can detect whether the ssl is 1-way or two-way – user2882198 Oct 15 '13 at 12:13
  • You might be interested in [this](http://stackoverflow.com/a/9182713/372643) if you want some user interaction. The problem you may have is that some UI callback from the keymanager may cause a delay, so this may cause a timeout during the handshake, so you may have to make the connection a second time, based on what the user chose in the UI the first time. (This depends on how long it takes for the user to choose.) – Bruno Oct 15 '13 at 13:34