-2

I am connecting to dc bidden server using following handshaking code

System.setProperty("javax.net.ssl.keyStore",".p12 file path");
System.setProperty("javax.net.ssl.keyStorePassword",keystorePassword);
System.setProperty("javax.net.ssl.keyStoreType",""pkcs12"");

i am able to connect to the first server with this code but for next server tomcat ignore the recent property set so i am not able to connect to next server with same kind of dc bidden server.

Thanks in advance

Sagar
  • 1
  • 1
  • I have no clue what 'dc bidden' means, but those sysprops are read only once, on the first TLS default connection -- more exactly the first call to `SSLContextImpl.getDefaultKeyManager` -- and cached for the life of the process. Changing them after that has no effect. If you want different keystores for different connections, you need to use an explicit `SSLContext` and `KeyManager` (although you can still default the TrustManager if appropriate). – dave_thompson_085 Apr 24 '18 at 08:25
  • dc bidden means site need to be accessed using ssl handshaking we have digital certificate and password that needs to be implemented while connecting do you have example how you are connecting these type of server – Sagar Apr 25 '18 at 06:14
  • It depends on how you are making connections. For raw `SSLSocket`, create an `SSLContext` and `init` it from the correct keystore via `KeyManagerFactory` per the javadoc for both, and then get and use its `SSLSocketFactory`. For `[Https]URLConnection` (and things that layer on top of it) similarly create the `SSLSocketFactory` and set it either per connection object or as the default before `URL.openConnection`. For Apache `HttpClient` there are several approaches, some depending on version. For other things it usually depends on those things. – dave_thompson_085 Apr 26 '18 at 13:16
  • we are connecting https URL do you have any example that you have done for reference that would be great help – Sagar Apr 27 '18 at 10:19

1 Answers1

0

If by 'connecting https URL' you mean specifically the java.net.URL class and something like new java.net.URL("https://something") .openConnection() which returns an implementation (subclass) of javax.net.HttpsURLConnection here are two examples as I referenced:

static void SO49993912ExampleClientPKCS12 (String[] args) throws Exception {
    FileInputStream fis = new FileInputStream (args[0]);
    KeyStore ks = KeyStore.getInstance("PKCS12"); 
    ks.load (fis, args[1].toCharArray()); fis.close();
    KeyManagerFactory kf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
    kf.init (ks, args[1].toCharArray());
    SSLContext ctx = SSLContext.getInstance ("TLS"); 
    ctx.init (kf.getKeyManagers(), null /*default TM(s)*/, null);
    // method 1
    HttpsURLConnection conn1 = (HttpsURLConnection) new URL (args[2]).openConnection();
    conn1.setSSLSocketFactory(ctx.getSocketFactory());
    conn1.connect(); System.out.println (conn1.getResponseCode()); conn1.disconnect();
    // method 2
    HttpsURLConnection.setDefaultSSLSocketFactory(ctx.getSocketFactory());
    HttpsURLConnection conn2 = (HttpsURLConnection) new URL (args[2]).openConnection();
    conn1.connect(); System.out.println (conn2.getResponseCode()); conn2.disconnect();
}

However there are lots and lots of other ways of connecting to https (and other) URLs in Java; if you actually meant something else you have to be more specific.

dave_thompson_085
  • 34,712
  • 6
  • 50
  • 70