0

I have my Java code deployed on Tomcat in AWS and in Tier 1, I have a load balancer configured with public and private key generated using following commands.

openssl genrsa -out server_privatekey.pem 1024
openssl req -new -key server_privatekey.pem -out server_certificate_csr.pem
openssl x509 -req -days 3650 -in server_certificate_csr.pem -signkey server_privatekey.pem -out server_certificate.pem

Now, the main difficulty I'm facing is as follows:

I have android app which calls this REST API's, now I want to call the API from Android, but that would require me to pass some form of authentication to server. I'm unable to understand what would that be. If anyone could point me to specific resource that would be really helpful.

(Note: I have already posted this question on the AWS forum but there is no reply yet: https://forums.aws.amazon.com/thread.jspa?threadID=64432).

halfer
  • 19,824
  • 17
  • 99
  • 186
Vishal
  • 107
  • 1
  • 4
  • 12

1 Answers1

0

I was able to call the REST API using HTTPS. At client side, I downloaded the certificate and generated the trust store from it using following command

keytool -importcert -keystore secure.ts -storepass 12345678 -file <cert>

and then while calling my REST API using URL command, I used following property.

System.setProperty("javax.net.ssl.trustStore", "<trust store path eg: secure.ts from above command>");
        System.setProperty("javax.net.ssl.trustStorePassword", "12345678");
Vishal
  • 107
  • 1
  • 4
  • 12