Provided certificate and key as part of SSL handshake

Question

I have a java 8 which sends web requests outbound to a server that requires mutual authentication. I can connect using a curl command and passing the following arguments

--cacert ./cert.pem --cert server.crt --key server.key

What do I do with these crt pem and key files to allow my JVM to use them on all outgoing requests?

See the JSSE Reference Guide. – user207421 Nov 16 '17 at 05:43 — user207421, Nov 16 '17 at 05:43

score 1 · Accepted Answer · edited Nov 20 '17 at 05:25

1

For anyone that has trouble with this like I did.

The PEM goes into the TRUSTSTORE.

The crt and key file are combined to make a p12 file like so:

openssl pkcs12 -export -in server.crt -inkey server.key -name [host] -out server.p12

Install your p12 into your KEYSTORE

keytool -importkeystore -destkeystore keystore.jks -srckeystore server.p12 -srcstoretype PKCS12

edited Nov 20 '17 at 05:25

user207421

305,947
44
307
483

answered Nov 20 '17 at 04:57

Sim

570
1
10
22

1

Alternitavely you can use the .p12 file as the keystore directly, as long as you specify `javax.net.ssl.keyStoreType=PKCS12` or whatever it is. – user207421 Nov 20 '17 at 05:31

Provided certificate and key as part of SSL handshake

1 Answers1